Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Browser hijack by hao123.com [Solved]

Started by happyhome , Jul 26 2014 05:37 AM

  • This topic is locked This topic is locked

#31
happyhome
Posted 02 August 2014 - 01:45 AM

happyhome

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Hi machi

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 01
Ran by Tng family (administrator) on TNG-FAMILY-PC on 02-08-2014 15:43:10
Running from C:\Users\Tng family\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\QvodPlayer\QvodWebBase\1.0.0.48\QvodWebService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-15] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-07-17] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2522120943-1274516608-2902159866-1001\...\Run: [GoogleChromeAutoLaunch_862EC30EB1851205146266A5AA620BF4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
Startup: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DownloadIcon -> {A8502600-B272-4F68-A67B-A0305D46D298} => C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.99.0\QvodExtend_x64.dll (Shenzhen QVOD Technology Co.,Ltd)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DownloadIcon -> {A8502600-B272-4F68-A67B-A0305D46D297} => C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.99.0\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-SG
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.sg/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Tng family\AppData\Roaming\Mozilla\Firefox\Profiles\w8wjuqgw.default-1406729069794
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-14]

Chrome:
=======
CHR HomePage: hxxp://www.google.com.sg/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Entanglement Web App) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-05-03]
CHR Extension: (优酷一键通Sotapit) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\alddjbjplgobbllfolehibiclbhmomla [2014-05-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Hola Better Internet) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-01]
CHR Extension: (avast! Online Security) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-08]
CHR Extension: (Go away MDA - Bypass MDA blocked sites) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\lledpflfnanamkogoclkgaggfdgoalok [2014-05-20]
CHR Extension: (Poppit!) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Unblock Youku) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2014-05-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-07] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-07-17] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-07-17] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-07] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-07-17] (BlueStack Systems)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-11] (Realtek Semiconductor Corporation                           )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-25] (Anchorfree Inc.)
S3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S1 bd0004; system32\DRIVERS\bd0004.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 e1kexpress; system32\DRIVERS\e1k62x64.sys [X]
S3 gdrv; \??\C:\windows\gdrv.sys [X]
S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 14:06 - 2014-08-02 14:06 - 00000056 _____ () C:\windows\setupact.log
2014-08-02 14:06 - 2014-08-02 14:06 - 00000000 _____ () C:\windows\setuperr.log
2014-08-02 14:05 - 2014-08-02 14:05 - 00000574 _____ () C:\windows\PFRO.log
2014-08-02 13:31 - 2014-08-02 13:44 - 00007003 _____ () C:\windows\WindowsUpdate.log
2014-08-02 11:36 - 2014-08-02 11:36 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Tng family\Desktop\sc-cleaner.exe
2014-08-02 11:36 - 2014-08-02 11:36 - 00001826 ____C () C:\sc-cleaner.txt
2014-08-01 21:59 - 2014-08-01 21:59 - 00000504 _____ () C:\Users\Tng family\Desktop\fix.reg
2014-08-01 21:55 - 2014-08-01 21:55 - 00000928 _____ () C:\Users\Tng family\Desktop\NTREGOPT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000909 _____ () C:\Users\Tng family\Desktop\ERUNT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-08-01 21:54 - 2014-08-01 21:54 - 00791393 _____ (Lars Hederer ) C:\Users\Tng family\Downloads\erunt_setup.exe
2014-08-01 21:40 - 2014-08-01 22:06 - 00004242 _____ () C:\Users\Tng family\Desktop\SystemLook.txt
2014-08-01 21:39 - 2014-08-01 21:39 - 00139264 _____ () C:\Users\Tng family\Desktop\SystemLook.exe
2014-08-01 18:47 - 2014-08-01 18:47 - 00000402 _____ () C:\Users\Tng family\Desktop\instruction.txt
2014-08-01 18:45 - 2014-08-01 18:45 - 00000000 ___DC () C:\QvodPlayer
2014-08-01 18:26 - 2014-08-01 18:26 - 00002303 _____ () C:\Users\Tng family\Desktop\Chrome App Launcher.lnk
2014-08-01 18:26 - 2014-08-01 18:26 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-31 18:56 - 2014-07-31 18:57 - 00037189 _____ () C:\Users\Tng family\Downloads\Addition.txt
2014-07-31 18:55 - 2014-08-02 15:43 - 00017583 _____ () C:\Users\Tng family\Downloads\FRST.txt
2014-07-31 18:54 - 2014-08-02 15:43 - 00000000 ___DC () C:\FRST
2014-07-31 18:54 - 2014-07-31 18:54 - 02094080 _____ (Farbar) C:\Users\Tng family\Downloads\FRST64.exe
2014-07-30 22:04 - 2014-07-30 22:04 - 00000000 ____D () C:\Users\Tng family\Desktop\Old Firefox Data
2014-07-30 22:02 - 2014-08-01 12:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 20:45 - 2014-07-30 20:45 - 00002543 _____ () C:\Users\Tng family\Desktop\aswMBR.txt
2014-07-30 20:45 - 2014-07-30 20:45 - 00000512 _____ () C:\Users\Tng family\Desktop\MBR.dat
2014-07-30 20:28 - 2014-07-30 20:28 - 05185536 _____ (AVAST Software) C:\Users\Tng family\Desktop\aswMBR.exe
2014-07-29 22:52 - 2014-07-29 22:52 - 00001120 _____ () C:\Users\Tng family\Desktop\eset.txt
2014-07-29 21:32 - 2014-07-29 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-29 21:23 - 2014-07-29 21:23 - 00002291 ____C () C:\mbam2907.txt
2014-07-29 21:00 - 2014-07-29 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tng family\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-29 20:26 - 2014-07-30 19:25 - 00105284 _____ () C:\Users\Tng family\Desktop\OTL.Txt
2014-07-29 20:08 - 2014-07-29 20:08 - 00000767 _____ () C:\Users\Tng family\Desktop\JRT.txt
2014-07-29 20:00 - 2014-07-29 20:00 - 01016261 _____ (Thisisu) C:\Users\Tng family\Desktop\JRT.exe
2014-07-29 19:58 - 2014-07-29 19:58 - 00001556 _____ () C:\Users\Tng family\Desktop\AdwCleaner[S3].txt
2014-07-29 19:51 - 2014-07-29 19:52 - 01365551 _____ () C:\Users\Tng family\Desktop\AdwCleaner.exe
2014-07-28 09:28 - 2014-07-28 09:28 - 00000000 __SHD () C:\found.000
2014-07-27 22:50 - 2014-07-27 22:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-26 19:19 - 2014-07-26 19:19 - 00000000 ___DC () C:\_OTL
2014-07-26 19:01 - 2014-07-26 19:01 - 00602112 _____ (OldTimer Tools) C:\Users\Tng family\Desktop\OTL.exe
2014-07-26 17:28 - 2014-07-26 17:28 - 00000000 ____C () C:\autoexec.bat
2014-07-26 14:17 - 2014-07-26 14:17 - 00816128 _____ () C:\Users\Tng family\Downloads\RogueKiller.exe
2014-07-26 14:15 - 2014-07-26 14:20 - 00000000 ____D () C:\Users\Tng family\Desktop\RK_Quarantine
2014-07-26 14:07 - 2014-07-26 14:07 - 00000021 _____ () C:\windows\tpcsd
2014-07-23 22:47 - 2014-07-23 22:47 - 00000000 ____D () C:\windows\ERUNT
2014-07-23 22:46 - 2014-07-23 22:46 - 01016261 _____ (Thisisu) C:\Users\Tng family\Downloads\JRT.exe
2014-07-23 22:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-23 22:38 - 2014-07-23 22:39 - 01354223 _____ () C:\Users\Tng family\Downloads\adwcleaner_3.216.exe
2014-07-23 22:28 - 2014-07-23 22:28 - 00035320 ____C () C:\ComboFix.txt
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 21:56 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-22 21:56 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-07-22 21:56 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-07-22 21:56 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-07-22 21:53 - 2014-07-22 21:56 - 00004088 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 21:50 - 2014-07-29 23:01 - 00000047 ____H () C:\Users\Tng family\FunShion.ini
2014-07-22 21:26 - 2014-07-29 21:20 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 21:24 - 2014-07-29 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 21:24 - 2014-07-29 21:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 21:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-22 21:24 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-22 21:00 - 2014-07-23 22:28 - 00000000 ___DC () C:\Qoobox
2014-07-22 20:59 - 2014-07-22 20:59 - 05562504 ____R (Swearware) C:\Users\Tng family\Downloads\ComboFix.exe
2014-07-20 08:53 - 2014-07-20 08:53 - 00033377 _____ () C:\Users\Tng family\Documents\Recipe for sandwich.pptx
2014-07-18 14:38 - 2014-07-22 21:44 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Funshion
2014-07-16 16:24 - 2014-07-16 16:24 - 00000000 ____D () C:\Users\Tng family\AppData\Local\Giraffe
2014-07-13 15:41 - 2014-07-13 15:41 - 00000000 _____ () C:\windows\SysWOW64\_backup
2014-07-11 22:19 - 2014-07-12 13:19 - 11204096 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:17 - 2014-07-08 19:17 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\DropboxMaster
2014-07-08 19:16 - 2014-07-08 19:17 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Dropbox
2014-07-08 19:16 - 2014-07-08 19:16 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-07 20:54 - 2014-07-07 20:54 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-05 17:10 - 2014-07-29 22:15 - 00000000 ___HD () C:\Users\Public\FunAcce

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 15:43 - 2014-07-31 18:55 - 00017583 _____ () C:\Users\Tng family\Downloads\FRST.txt
2014-08-02 15:43 - 2014-07-31 18:54 - 00000000 ___DC () C:\FRST
2014-08-02 15:37 - 2013-05-11 06:48 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 15:19 - 2013-03-30 20:40 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-02 14:13 - 2009-07-14 12:45 - 00022848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-02 14:13 - 2009-07-14 12:45 - 00022848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-02 14:09 - 2014-08-02 13:31 - 00007003 _____ () C:\windows\WindowsUpdate.log
2014-08-02 14:06 - 2014-08-02 14:06 - 00000056 _____ () C:\windows\setupact.log
2014-08-02 14:06 - 2014-08-02 14:06 - 00000000 _____ () C:\windows\setuperr.log
2014-08-02 14:06 - 2013-05-11 06:48 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 14:06 - 2009-07-14 13:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-02 14:05 - 2014-08-02 14:05 - 00000574 _____ () C:\windows\PFRO.log
2014-08-02 13:34 - 2013-12-18 11:29 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-08-02 11:36 - 2014-08-02 11:36 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Tng family\Desktop\sc-cleaner.exe
2014-08-02 11:36 - 2014-08-02 11:36 - 00001826 ____C () C:\sc-cleaner.txt
2014-08-01 22:09 - 2013-03-30 12:48 - 00000000 ____D () C:\windows\erdnt
2014-08-01 22:06 - 2014-08-01 21:40 - 00004242 _____ () C:\Users\Tng family\Desktop\SystemLook.txt
2014-08-01 21:59 - 2014-08-01 21:59 - 00000504 _____ () C:\Users\Tng family\Desktop\fix.reg
2014-08-01 21:55 - 2014-08-01 21:55 - 00000928 _____ () C:\Users\Tng family\Desktop\NTREGOPT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000909 _____ () C:\Users\Tng family\Desktop\ERUNT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-08-01 21:54 - 2014-08-01 21:54 - 00791393 _____ (Lars Hederer ) C:\Users\Tng family\Downloads\erunt_setup.exe
2014-08-01 21:39 - 2014-08-01 21:39 - 00139264 _____ () C:\Users\Tng family\Desktop\SystemLook.exe
2014-08-01 18:47 - 2014-08-01 18:47 - 00000402 _____ () C:\Users\Tng family\Desktop\instruction.txt
2014-08-01 18:45 - 2014-08-01 18:45 - 00000000 ___DC () C:\QvodPlayer
2014-08-01 18:26 - 2014-08-01 18:26 - 00002303 _____ () C:\Users\Tng family\Desktop\Chrome App Launcher.lnk
2014-08-01 18:26 - 2014-08-01 18:26 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 17:36 - 2013-02-01 17:40 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Skype
2014-08-01 13:22 - 2013-07-14 19:24 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-08-01 13:21 - 2013-03-30 20:56 - 00000000 ___DC () C:\Program Files\Common Files\McAfee
2014-08-01 12:55 - 2010-10-11 05:38 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-01 12:54 - 2010-10-11 05:38 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-01 12:53 - 2014-07-30 22:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 12:42 - 2014-05-13 10:09 - 00000000 ___DC () C:\Alissa work
2014-07-31 18:57 - 2014-07-31 18:56 - 00037189 _____ () C:\Users\Tng family\Downloads\Addition.txt
2014-07-31 18:54 - 2014-07-31 18:54 - 02094080 _____ (Farbar) C:\Users\Tng family\Downloads\FRST64.exe
2014-07-30 22:26 - 2011-11-10 22:45 - 00030208 ___SH () C:\Users\Tng family\Thumbs.db
2014-07-30 22:04 - 2014-07-30 22:04 - 00000000 ____D () C:\Users\Tng family\Desktop\Old Firefox Data
2014-07-30 20:45 - 2014-07-30 20:45 - 00002543 _____ () C:\Users\Tng family\Desktop\aswMBR.txt
2014-07-30 20:45 - 2014-07-30 20:45 - 00000512 _____ () C:\Users\Tng family\Desktop\MBR.dat
2014-07-30 20:38 - 2013-04-18 10:56 - 00000000 ___DC () C:\QUARANTINE
2014-07-30 20:28 - 2014-07-30 20:28 - 05185536 _____ (AVAST Software) C:\Users\Tng family\Desktop\aswMBR.exe
2014-07-30 19:25 - 2014-07-29 20:26 - 00105284 _____ () C:\Users\Tng family\Desktop\OTL.Txt
2014-07-29 23:01 - 2014-07-22 21:50 - 00000047 ____H () C:\Users\Tng family\FunShion.ini
2014-07-29 22:52 - 2014-07-29 22:52 - 00001120 _____ () C:\Users\Tng family\Desktop\eset.txt
2014-07-29 22:15 - 2014-07-05 17:10 - 00000000 ___HD () C:\Users\Public\FunAcce
2014-07-29 21:32 - 2014-07-29 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-29 21:23 - 2014-07-29 21:23 - 00002291 ____C () C:\mbam2907.txt
2014-07-29 21:20 - 2014-07-22 21:26 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-29 21:02 - 2014-07-22 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-29 21:02 - 2014-07-22 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-29 21:02 - 2014-06-08 18:16 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-29 21:00 - 2014-07-29 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tng family\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-29 20:08 - 2014-07-29 20:08 - 00000767 _____ () C:\Users\Tng family\Desktop\JRT.txt
2014-07-29 20:00 - 2014-07-29 20:00 - 01016261 _____ (Thisisu) C:\Users\Tng family\Desktop\JRT.exe
2014-07-29 19:58 - 2014-07-29 19:58 - 00001556 _____ () C:\Users\Tng family\Desktop\AdwCleaner[S3].txt
2014-07-29 19:56 - 2014-04-10 17:39 - 00000000 ___DC () C:\AdwCleaner
2014-07-29 19:52 - 2014-07-29 19:51 - 01365551 _____ () C:\Users\Tng family\Desktop\AdwCleaner.exe
2014-07-29 19:37 - 2014-03-22 16:21 - 00000000 ____D () C:\windows\system32\appmgmt
2014-07-29 19:36 - 2014-03-22 16:26 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\DVDVideoSoft
2014-07-28 10:41 - 2009-07-14 13:13 - 00006666 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-28 09:55 - 2013-03-29 21:11 - 00000000 ____D () C:\windows\Minidump
2014-07-28 09:28 - 2014-07-28 09:28 - 00000000 __SHD () C:\found.000
2014-07-27 22:50 - 2014-07-27 22:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-27 21:12 - 2009-07-14 13:08 - 00032628 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-07-26 19:19 - 2014-07-26 19:19 - 00000000 ___DC () C:\_OTL
2014-07-26 19:01 - 2014-07-26 19:01 - 00602112 _____ (OldTimer Tools) C:\Users\Tng family\Desktop\OTL.exe
2014-07-26 17:28 - 2014-07-26 17:28 - 00000000 ____C () C:\autoexec.bat
2014-07-26 14:20 - 2014-07-26 14:15 - 00000000 ____D () C:\Users\Tng family\Desktop\RK_Quarantine
2014-07-26 14:17 - 2014-07-26 14:17 - 00816128 _____ () C:\Users\Tng family\Downloads\RogueKiller.exe
2014-07-26 14:07 - 2014-07-26 14:07 - 00000021 _____ () C:\windows\tpcsd
2014-07-25 15:55 - 2013-04-14 22:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 06:44 - 2014-05-14 08:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-23 22:47 - 2014-07-23 22:47 - 00000000 ____D () C:\windows\ERUNT
2014-07-23 22:46 - 2014-07-23 22:46 - 01016261 _____ (Thisisu) C:\Users\Tng family\Downloads\JRT.exe
2014-07-23 22:39 - 2014-07-23 22:38 - 01354223 _____ () C:\Users\Tng family\Downloads\adwcleaner_3.216.exe
2014-07-23 22:34 - 2014-06-17 10:45 - 00000000 ____D () C:\Program Files (x86)\QvodPlayer
2014-07-23 22:28 - 2014-07-23 22:28 - 00035320 ____C () C:\ComboFix.txt
2014-07-23 22:28 - 2014-07-22 21:00 - 00000000 ___DC () C:\Qoobox
2014-07-23 22:23 - 2009-07-14 10:34 - 00000215 ____C () C:\windows\system.ini
2014-07-22 23:55 - 2013-07-14 19:49 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\vlc
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 21:56 - 2014-07-22 21:53 - 00004088 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 21:56 - 2013-10-19 06:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 21:56 - 2011-06-08 13:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-22 21:50 - 2011-03-13 21:35 - 00000000 ____D () C:\Users\Tng family
2014-07-22 21:48 - 2014-05-11 14:40 - 00000000 ____D () C:\ProgramData\QvodPlayer
2014-07-22 21:44 - 2014-07-18 14:38 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Funshion
2014-07-22 21:25 - 2013-03-30 20:06 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Malwarebytes
2014-07-22 21:24 - 2013-03-30 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 21:24 - 2013-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-22 21:16 - 2009-07-14 11:20 - 00000000 ___HD () C:\Users\Default
2014-07-22 21:10 - 2009-07-14 10:34 - 79691776 _____ () C:\windows\system32\config\software.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 28049408 _____ () C:\windows\system32\config\system.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 00524288 _____ () C:\windows\system32\config\default.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 00262144 _____ () C:\windows\system32\config\security.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 00262144 _____ () C:\windows\system32\config\sam.bak
2014-07-22 20:59 - 2014-07-22 20:59 - 05562504 ____R (Swearware) C:\Users\Tng family\Downloads\ComboFix.exe
2014-07-21 21:39 - 2013-10-27 16:17 - 00000000 ____D () C:\Users\Tng family\AppData\Local\Canon Easy-PhotoPrint EX
2014-07-21 21:31 - 2009-07-14 13:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-07-20 22:08 - 2014-05-13 10:08 - 00000000 ___DC () C:\adrian work
2014-07-20 20:15 - 2011-09-09 22:35 - 00000954 _____ () C:\Users\Tng family\AppData\Roaming\coreavc.ini
2014-07-20 08:53 - 2014-07-20 08:53 - 00033377 _____ () C:\Users\Tng family\Documents\Recipe for sandwich.pptx
2014-07-19 21:58 - 2011-04-27 16:18 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 16:24 - 2014-07-16 16:24 - 00000000 ____D () C:\Users\Tng family\AppData\Local\Giraffe
2014-07-16 09:48 - 2014-06-03 19:19 - 00000000 ____D () C:\ProgramData\Norton
2014-07-13 15:41 - 2014-07-13 15:41 - 00000000 _____ () C:\windows\SysWOW64\_backup
2014-07-12 13:19 - 2014-07-11 22:19 - 11204096 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-12 13:19 - 2013-03-30 20:40 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-12 13:19 - 2012-06-16 20:57 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-12 13:19 - 2012-01-27 21:26 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 03:02 - 2014-07-22 21:56 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-22 21:56 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-22 21:56 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-22 21:56 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-07-08 19:17 - 2014-07-08 19:17 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\DropboxMaster
2014-07-08 19:17 - 2014-07-08 19:16 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Dropbox
2014-07-08 19:16 - 2014-07-08 19:16 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-07 20:54 - 2014-07-07 20:54 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-07 20:54 - 2014-04-19 10:35 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-07 20:54 - 2013-12-27 22:04 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-07 20:54 - 2011-04-27 16:17 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-06 11:44 - 2012-02-19 20:12 - 00000435 _____ () C:\Users\Tng family\Desktop\gettingold.txt

Some content of TEMP:
====================
C:\Users\Tng family\AppData\Local\Temp\mirc732.exe
C:\Users\Tng family\AppData\Local\Temp\uninstall.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-28 21:33

==================== End Of Log ============================

 

Users shortcut scan result (x64) Version: 31-07-2014 01
Ran by Tng family at 2014-08-02 15:43:53
Running from C:\Users\Tng family\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

 

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Funshion.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\影视搜索.lnk -> C:\Program Files (x86)\QMovie\QMovie.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\¹¥³ÇÂÓµØ.lnk -> C:\Program Files (x86)\602game\gcld\gcld.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\·çÐÐ\·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Funshion.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\·çÐÐ\жÔØ ·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WALKMAN Guide\NWZ-W260 WALKMAN Guide.lnk -> C:\Program Files (x86)\Sony\WALKMAN Guide\NWZ-W260\WALKMANGuide.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango\Tango.lnk -> C:\Program Files (x86)\Tango\Tango.exe (Tango Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango\Uninstall.lnk -> C:\Program Files (x86)\Tango\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk -> C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Media Player Classic.lnk -> C:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exe (Gabest)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Uninstall\Uninstall Real Alternative.lnk -> C:\Program Files (x86)\Real Alternative\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Help\FAQ.lnk -> C:\Program Files (x86)\Real Alternative\Info\faq.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Configuration\RealMedia.lnk -> C:\Program Files (x86)\Real Alternative\settings.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 11\Nero Burning ROM.lnk -> C:\Program Files (x86)\Nero\Nero 11\nero.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 11\Nero Express.lnk -> C:\Program Files (x86)\Nero\Nero 11\NeroExpress.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\MyPlayBus Games.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\MyPlayBus Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\Plants Vs Zombies Game Of The Year Edition.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\Plants Vs Zombies Game Of The Year Edition.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\LVT.lnk -> C:\Program Files\Lenovo\LVT\LVT.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\JumpStart PreSchool.lnk -> C:\KA\PrSchool\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\Manual.lnk -> C:\KA\PrSchool\Help\Help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\Product Registration.lnk -> C:\KA\PrSchool\EREG\EREG.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\Uninstall.lnk -> C:\Program Files (x86)\Common Files\JumpStart Classics\Uninstall\PreSchoolUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\JumpStart Kindergarten.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\Manual.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\Help\Help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\Product Registration.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\EREG\EREG.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\Uninstall.lnk -> C:\Program Files (x86)\Common Files\JumpStart Classics\Uninstall\KGUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\JumpStart First Grade.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\Manual.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\Help\Help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\Product Registration.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\EREG\EREG.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\Uninstall.lnk -> C:\Program Files (x86)\Common Files\JumpStart Classics\Uninstall\FGUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\JumpStart Phonics Read and Rhyme.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\JSPhonics.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\JumpStart Website.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\Web\website.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\Manual.lnk -> E:\Manual\Help.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\Uninstall.lnk -> C:\Program Files (x86)\Common Files\Knowledge Adventure\Uninstall\JSPhonicsReadRhymeUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Photo Stream.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\PhotoStream.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Wizard.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GomWiz.exe (Gretech Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\Uninstall.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe (Gretech Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\Documentation.lnk -> C:\Program Files (x86)\ERUNT\README.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\ERUNT Homepage.lnk -> C:\Program Files (x86)\ERUNT\ERUNT.URL ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\ERUNT.lnk -> C:\Program Files (x86)\ERUNT\ERUNT.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\NTREGOPT.lnk -> C:\Program Files (x86)\ERUNT\NTREGOPT.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\Uninstall ERUNT.lnk -> C:\Program Files (x86)\ERUNT\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Transfer\Add Gadget.lnk -> C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Content Transfer.gadget ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Transfer\Content Transfer.lnk -> C:\Program Files (x86)\Sony\Content Transfer\ContentTransfer.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Transfer\Help.lnk -> C:\Program Files (x86)\Sony\Content Transfer\Resources\ENU\Content Transfer Help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk -> C:\Program Files\CCleaner\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX Readme.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer Readme.lnk -> C:\Program Files\Canon\MyPrinter\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX 5.0.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\mpnex50.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Readme.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Tool\IJ Network Tool.lnk -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX Readme.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Manual\Uninstall.lnk -> C:\Program Files (x86)\Canon\IJ Manual\CANON MG3100 SERIES\uninstall.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series\Readme XPS.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon MG3100 series\readme_English_xps.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series\Readme.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon MG3100 series\readme_English.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk -> C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe (BlueStack Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BaiduPlayer\BaiduPlayer.lnk -> C:\Users\Tng family\3.9.3.12\BaiduPlayer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BaiduPlayer\Uninstall BaiduPlayer.lnk -> C:\Users\Tng family\3.9.3.12\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Auslogics Disk Defrag.lnk -> C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe (Auslogics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter.lnk -> D:\AnvSoft\Any Video Converter\VideoConverter.exe (Any-Video-Converter.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Uninstall Any Video Converter.lnk -> D:\AnvSoft\Any Video Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C63B54EB-41D4-42B3-A76A-93215F1DF821}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\JSPhonics.exe (Knowledge Adventure)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader X.lnk -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Apps.lnk -> C:\Users\Public\Libraries\Apps.library-ms ()
Shortcut: C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\Canon Solution Menu EX.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Content Transfer.lnk -> C:\Program Files (x86)\Sony\Content Transfer\ContentTransfer.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\JumpStart First Grade.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\JumpStart Kindergarten.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\JumpStart Phonics Read and Rhyme.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\JSPhonics.exe (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\JumpStart PreSchool.lnk -> C:\KA\PrSchool\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\LVT.lnk -> C:\Program Files\Lenovo\LVT\LVT.exe (Lenovo)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\MyPlayBus Games.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\MyPlayBus Games.url ()
Shortcut: C:\Users\Public\Desktop\NWZ-W260 WALKMAN Guide.lnk -> C:\Program Files (x86)\Sony\WALKMAN Guide\NWZ-W260\WALKMANGuide.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\Plants Vs Zombies Game Of The Year Edition.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\Plants Vs Zombies Game Of The Year Edition.exe ()
Shortcut: C:\Users\Public\Desktop\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Public\Desktop\Start BlueStacks.lnk -> C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe (BlueStack Systems, Inc.)
Shortcut: C:\Users\Public\Desktop\Tango.lnk -> C:\Program Files (x86)\Tango\Tango.exe (Tango Inc.)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Tng family\Libraries - Shortcut.lnk -> C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Tng family\Links\Desktop.lnk -> C:\Users\Tng family\Desktop ()
Shortcut: C:\Users\Tng family\Links\Downloads.lnk -> C:\Users\Tng family\Downloads ()
Shortcut: C:\Users\Tng family\Links\Videos.lnk -> C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms ()
Shortcut: C:\Users\Tng family\Desktop\Any Video Converter.lnk -> D:\AnvSoft\Any Video Converter\VideoConverter.exe (Any-Video-Converter.com)
Shortcut: C:\Users\Tng family\Desktop\ERUNT.lnk -> C:\Program Files (x86)\ERUNT\ERUNT.EXE ()
Shortcut: C:\Users\Tng family\Desktop\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Tng family\Desktop\NTREGOPT.lnk -> C:\Program Files (x86)\ERUNT\NTREGOPT.EXE ()
Shortcut: C:\Users\Tng family\Desktop\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kelloggs Ocean Comic Constructor\Kellogg's Ocean Comic Constructor.lnk -> C:\Program Files (x86)\Kelloggs Ocean Comic Constructor\Kelloggs Ocean Comic.exe (Kellogg's                           )
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Funshion.exe (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GOM.EXE.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0001.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian.pdf (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0002.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian_0001.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0003.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian 2.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0004.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian 3.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0005.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian 4.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0006.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_14\IC.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0007.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_14\IC 2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0008.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_20\swim safer.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0009.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_25\science notes 2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0010.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_25\science notes 2-2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0011.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_25\science notes 1.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0012.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 1.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0013.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0014.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 2-2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0015.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 3.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0016.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_02\adrian mc.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0017.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0018.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test_0001.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0019.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa english test.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0020.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0021.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0022.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 3_0001.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0023.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 5.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0024.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 6.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0025.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 7.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0026.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 8.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0027.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2705 p1 chinese report\adrian chinese report card 1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0028.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2705 p1 chinese report\adrian chinese report card 2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0029.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0030.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0031.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0032.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0033.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A4.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0034.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A5.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0035.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A6.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0036.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A7.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0037.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A8.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0038.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0039.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0040.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B10.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0041.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B11.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0042.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B12.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0043.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B13.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0044.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B14.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0045.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B15.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0046.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_07_21\happyfamily.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0047.lnk -> C:\Alissa work\2014_07_27\catholic high school p3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0048.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0049.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0050.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0051.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -4.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0052.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -5.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0053.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -6.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0054.lnk -> C:\Alissa work\2014_07_30\MC alissa.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0001.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_20\swim safer.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0002.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0003.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test_0001.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0004.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_07_21\happyfamily.jpg ()
Shortcut: C:\Users\Tng family\AppData\Local\Microsoft\Windows\GameExplorer\{81DE10D7-C669-443F-B479-CB3C867B6267}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\FG.EXE ()
Shortcut: C:\Users\Tng family\AppData\Local\Microsoft\Windows\GameExplorer\{22E5DBBE-347A-4718-983B-EEFEDE22650D}\PlayTasks\0\Play.lnk -> C:\KA\PrSchool\PRSCHOOL.EXE ()

 

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe (Sony) -> -uninst -runfromtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\Readme.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\Readme.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Advanced.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Dashboard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Wizard.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Wizard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start CCC
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Restart Runtime.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) -> Restart
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX Uninstall.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe (CANON INC.) -> /Uninstall C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer Uninstall.lnk -> C:\Program Files\Canon\MyPrinter\uninst.exe (CANON INC.) -> C:\Program Files\Canon\MyPrinter\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk -> C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) -> /mn
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Uninstall.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX Uninstall.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX Uninstall.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe (CANON INC.) -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Manual\Canon MG3100 series On-screen Manual.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON MG3100 SERIES\English\Info.egv"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series\View Print History XPS.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNMXPVAR.EXE (CANON INC.) -> "Canon MG3100 series Printer XPS"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\appamrt.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.appmart1632 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Apps.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.appmart com.bluestacks.appmart.MarketPageGrid
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Appstore.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.amazon.venezia com.amazon.venezia.Venezia
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Blood Brothers.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.mobage.ww.a759.Blood_Brothers_Android com.ngmoco.marketingapp.PackageApplication
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\BstCommandProcessor.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.BstCommandProcessor120 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\CookieRun.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.linecorp.LGCOOKIE com.devsisters.CookieRunForKakao.OvenbreakX
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Facebook.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.facebook.katana com.facebook.katana.LoginActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\GSN Casino.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.gsn.android.casino com.prime31.UnityPlayerProxyActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\home.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.home2004 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Pulse.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.alphonso.pulse com.alphonso.pulse.newsrack.NewsRackActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\s2p.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.s2p2006 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\search.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.searchapp1505 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Twitter.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.twitter.android com.twitter.android.StartActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Zombies.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.glu.zamf1 com.google.android.vending.expansion.downloader_impl.DownloaderActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\フルボッコ.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android jp.co.drecom.drif com.prime31.UnityPlayerProxyActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\App Stores\1Mobile Market.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android me.onemobile.android me.onemobile.android.MainPagerActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\App Stores\GetJar.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android getjar.android.client getjar.android.client.Main
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Public\Desktop\Canon MG3100 series On-screen Manual.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON MG3100 SERIES\English\Info.egv"
ShortcutWithArgument: C:\Users\Tng family\Desktop\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE () -> %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kelloggs Ocean Comic Constructor\Uninstall Kelloggs Ocean Comic Constructor.lnk -> C:\Windows\Kelloggs Ocean Comic Constructor\uninstall.exe () -> "/U:C:\Program Files (x86)\Kelloggs Ocean Comic Constructor\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Tng family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\Homepage.url -> hxxp://www.gomlab.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\ Check Your PC Performance.url -> hxxp://www.auslogics.com/en/cpages/free-system-scan/?source=smenu&reason=disk-defrag
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Auslogics Disk Defrag on the Web.url -> hxxp://www.auslogics.com/en/software/disk-defrag
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo.url -> hxxp://www.lenovo.com/
InternetURL: C:\Users\Tng family\Favorites\2013最新电影,快播电影排行榜,百度影音电影下载 - 看戏123电影.url -> hxxp://www.kanxi123.com/
InternetURL: C:\Users\Tng family\Favorites\707 My Family Heater [Cheong Hock Guan].url -> hxxp://www.chg.com.sg/pro5_princeton.html
InternetURL: C:\Users\Tng family\Favorites\8D Rhythm of Taiwan  SA Tours.url -> hxxp://www.satours.com/group-tours/taiwan/8d-rhythm-of-taiwan/
InternetURL: C:\Users\Tng family\Favorites\Air Clean Vincent Kitchen Maintenance & General Services (Tampines) - inSing.com.url -> hxxp://search.insing.com/business/air-clean-vincent-kitchen-maintenance-general-services/tampines-simei/id-e64d0200
InternetURL: C:\Users\Tng family\Favorites\Angry Birds - Tower Defense Games.url -> hxxp://www.towerdefensearcade.net/playgame/27066/Angry_Birds/
InternetURL: C:\Users\Tng family\Favorites\Availability of Flats.url -> hxxp://services2.hdb.gov.sg/webapp/BP13INTV/BP13SFlatAvailability?sel=SBF
InternetURL: C:\Users\Tng family\Favorites\Badminton Central Discussion Forums - The Front Page.url -> hxxp://www.badmintoncentral.com/forums/
InternetURL: C:\Users\Tng family\Favorites\Badminton Daily Watch.url -> hxxp://badmintonpress.com/
InternetURL: C:\Users\Tng family\Favorites\Blood Brothers RPG Forum  App Invasion.url -> hxxp://www.appinvasion.com/index.php?forums/Blood-Brothers-RPG/
InternetURL: C:\Users\Tng family\Favorites\Blood Brothers RPG • Information.url -> hxxp://www.bloodbrothersrpg.com/
InternetURL: C:\Users\Tng family\Favorites\Blood Brothers WikiAbout Blood Brothers - Blood Brothers Wiki.url -> hxxp://bloodbrothersgame.wikia.com/wiki/Blood_Brothers_Wiki:About_Blood_Brothers
InternetURL: C:\Users\Tng family\Favorites\bolt - definition of bolt by the Free Online Dictionary, Thesaurus and Encyclopedia..url -> hxxp://www.thefreedictionary.com/bolt
InternetURL: C:\Users\Tng family\Favorites\Build-To-Order.url -> hxxp://www101.hdb.gov.sg/hdbvsf/eampu03p.nsf/0/12MARBTOCL_page/$file/12MARBTOCL_about1.htm?open&ft=bto
InternetURL: C:\Users\Tng family\Favorites\bwf's Channel - YouTube.url -> hxxp://www.youtube.com/user/bwf
InternetURL: C:\Users\Tng family\Favorites\Club Penguin.url -> hxxp://clubpenguin.miniclip.com/index.php?lang=en&p=62&ts=1327458429
InternetURL: C:\Users\Tng family\Favorites\DBS iBanking.url -> https://internet-ban...m.sg/IB/Welcome
InternetURL: C:\Users\Tng family\Favorites\Developed by educational psychologists.url -> hxxp://www.icanreadsystem.com/why-so-successful/
InternetURL: C:\Users\Tng family\Favorites\DH-3DL2S  Panasonic.url -> hxxp://www.panasonic.com.sg/wps/portal/home/products/homeappliances/showersystem/DH3DL2S
InternetURL: C:\Users\Tng family\Favorites\Eton, Eater of Darkness II - Blood Brothers Wiki.url -> hxxp://bloodbrothersgame.wikia.com/wiki/Eton,_Eater_of_Darkness_II
InternetURL: C:\Users\Tng family\Favorites\Finals - 2012 Victor Korea Open - YouTube.url -> hxxp://www.youtube.com/watch?v=G2lzZVc4Kc0&feature=relmfu
InternetURL: C:\Users\Tng family\Favorites\Help guide  About the Home Screen.url -> hxxp://www.sony-asia.com/microsite/tablet/helpguide_sgpt1w/GB/contents/03/02/01/01.html
InternetURL: C:\Users\Tng family\Favorites\How to Change Overgrip - YouTube.url -> hxxp://www.youtube.com/watch?v=Re7BnG0bRs0&feature=related
InternetURL: C:\Users\Tng family\Favorites\ICanBook - Facilities Booking System.url -> hxxp://www.icanbook.com.sg/icbnew/Main/UI/Main.aspx
InternetURL: C:\Users\Tng family\Favorites\in house hotel (Taipei, Taiwan)  Expedia.com.sg.url -> hxxp://www.expedia.com.sg/Taipei-Hotels-In-House-Hotel.h5218422.Hotel-Information?chkin=06/03/2013&hashTag=roomsAndRates&chkout=13/03/2013&rm1=a2&
InternetURL: C:\Users\Tng family\Favorites\Login  Singapore Sports Council.url -> https://members.spor...b.sg/Login.aspx
InternetURL: C:\Users\Tng family\Favorites\Luvbabies by Kim Sang - Luvbabies by Kim Sang Medical Hall.url -> hxxp://luvbabies.kimsang.com.sg/
InternetURL: C:\Users\Tng family\Favorites\Members - CSBC Singapore - Clementi Social Badminton Club (Singapore) - Meetup.url -> hxxp://www.meetup.com/CSBadmintonClub-sg/members/?offset=20&desc=1&sort=chapter_member.atime
InternetURL: C:\Users\Tng family\Favorites\Ministry of Education, Singapore Primary One Registration School Vacancies by Phases.url -> hxxp://www.moe.gov.sg/education/admissions/primary-one-registration/vacancies/
InternetURL: C:\Users\Tng family\Favorites\Network For Electronic Transfers (Singapore) Pte Ltd.url -> hxxp://www.nets.com.sg/consumers/promotions/giftoftime/
InternetURL: C:\Users\Tng family\Favorites\NWZ-W260 Series  WALKMAN User Guide.url -> hxxp://www.sony-asia.com/microsite/walkman_i-manuals/FY11/NWZ-W262/eng/
InternetURL: C:\Users\Tng family\Favorites\OCBC Bank.url -> https://internet.ocb...ternet-banking/
InternetURL: C:\Users\Tng family\Favorites\OneMap.url -> hxxp://www.onemap.sg/index.html
InternetURL: C:\Users\Tng family\Favorites\OTL Tutorial - How to use OldTimer ListIt - Malware Removal Guides and Tutorials.url -> hxxp://www.geekstogo.com/forum/topic/277391-otl-tutorial-how-to-use-oldtimer-listit/
InternetURL: C:\Users\Tng family\Favorites\Primary 2 English.url -> hxxp://www.tut-world.com/p2_eng.htm
InternetURL: C:\Users\Tng family\Favorites\PSP ISO, PS2 Games PC Games, Wii Games and alot more $3.99, get 3 FREE 1 + FREE PO...  88DB Singapore.url -> hxxp://sg.88db.com/Buy-Sell/Hobbies-Leisure/ad-483809/
InternetURL: C:\Users\Tng family\Favorites\Sangokushi Taisen 3 Official Website.url -> hxxp://www.sangoku-wars.com/top_all.html
InternetURL: C:\Users\Tng family\Favorites\Service Centres  Access Service Information  Sony Singapore.url -> hxxp://www.sony.com.sg/section/servicecentres
InternetURL: C:\Users\Tng family\Favorites\SGplayers.com - SGcardgames.com  Index.url -> hxxp://www.sgcardgames.com/
InternetURL: C:\Users\Tng family\Favorites\Singapore Canon cameras, digital, LCD, music, audio - Local Classifieds at Gumtree Singapore.url -> hxxp://singapore.gumtree.sg/f-NWZ-W262-Stuff-for-Sale-tv-camera-audio-music-W0QQCatIdZ49QQKeywordZNWQ5AQ2dW262QQPageZ2
InternetURL: C:\Users\Tng family\Favorites\Singapore Taiwan Free and Easy - Your Taiwan Free and Easy Travel Trip Planner.url -> hxxp://singaporetaiwanfreeandeasy.com/
InternetURL: C:\Users\Tng family\Favorites\sunny bay_Bandari_专辑_酷我音乐.url -> hxxp://www.kuwo.cn/album/77291/
InternetURL: C:\Users\Tng family\Favorites\Syrian pups for adoption! - Hamsters Adoption - Singapore Hamsters Club.url -> hxxp://www.sghamsters.com/topic/921-syrian-pups-for-adoption/
InternetURL: C:\Users\Tng family\Favorites\Taiwan High Speed Rail Corporation  Ticketing Information  Passenger Guide  Multi-Ride Ticket.url -> hxxp://www.thsrc.com.tw/en/ticket/tic_multiride_guide.asp
InternetURL: C:\Users\Tng family\Favorites\the mrbrown show.url -> hxxp://www.mrbrownshow.com/
InternetURL: C:\Users\Tng family\Favorites\TOM365免费电影.url -> hxxp://www.tom365.com/
InternetURL: C:\Users\Tng family\Favorites\Training Badminton Skills.url -> hxxp://www.badmintonconnect.com/
InternetURL: C:\Users\Tng family\Favorites\Tuition Centre Singapore – Kent Ridge Tutors Jurong West.url -> hxxp://krtc-jw.sg/
InternetURL: C:\Users\Tng family\Favorites\Welcome to Facebook - Log In, Sign Up or Learn More.url -> hxxp://www.facebook.com/
InternetURL: C:\Users\Tng family\Favorites\What is the plural of live.url -> hxxp://www.wordhippo.com/what-is/the-plural-of/live.html
InternetURL: C:\Users\Tng family\Favorites\WTS Sony Series MP 3 nwz-w262. Retail price $129 selling $60 - Singapore TV, camera, audio, music - Gumtree Singapore.url -> hxxp://singapore.gumtree.sg/c-Stuff-for-Sale-tv-camera-audio-music-WTS-Sony-Series-MP-3-nwz-w262-Retail-price-129-selling-60-W0QQAdIdZ327362249
InternetURL: C:\Users\Tng family\Favorites\YouTube - Badminton Footwork - Chen Weihua Training 26 Footworks Basic 2.url -> hxxp://www.youtube.com/watch?v=EhoQPkEOk48&feature=related
InternetURL: C:\Users\Tng family\Favorites\YouTube - 三國志大戰3 頂上對決 2011 0502 宮崎あおい♪軍 VS 眠い子軍.url -> hxxp://www.youtube.com/watch?v=d21cXop5dl0&feature=feedu
InternetURL: C:\Users\Tng family\Favorites\《小小传奇》Gonna Make It!.url -> hxxp://video.xin.msn.com/browse/catch-up-tv/gonna-make-it
InternetURL: C:\Users\Tng family\Favorites\两个爸爸 - 全集在线观看 - 高清下载 – 电视剧 – 风行.url -> hxxp://www.funshion.com/subject/106982/
InternetURL: C:\Users\Tng family\Favorites\中文字幕下载  字幕下载  电影字幕  外挂字幕  Sub of Movies..url -> hxxp://www.subom.net/
InternetURL: C:\Users\Tng family\Favorites\十二生肖总动员全集-动画片十二生肖总动员全集播放.url -> hxxp://www.bukade.com/cartoon/12shengxiaozongdongyuan/
InternetURL: C:\Users\Tng family\Favorites\大俠傳 - 台灣56區 - 千古大俠夢 神雕俠侶情.url -> hxxp://www.gm99.com/ingame/index?gid=7&sid=56&uname=#account
InternetURL: C:\Users\Tng family\Favorites\妖精的尾巴379_妖精的尾巴第二季_妖精的尾巴漫画_妖精的尾巴中文网_ft.52pk.com.url -> hxxp://ft.52pk.com/
InternetURL: C:\Users\Tng family\Favorites\搜索结果_TOM365免费电影.url -> hxxp://so.tom365.com/files/search.php
InternetURL: C:\Users\Tng family\Favorites\最新专辑列表TOP100排行榜-搜狗音乐.url -> hxxp://music.sogou.com/song/topalbum_1.html?w=02420400&dr=1
InternetURL: C:\Users\Tng family\Favorites\最新电影高清电影热门电影 ——迷电影.url -> hxxp://www.midianying.com/
InternetURL: C:\Users\Tng family\Favorites\正在播放:《来自星星的你[QMV]》 - 无毒免费电影 - WWW.522YY.COM.url -> hxxp://www.522yy.com/vod-play-id-34953-sid-0-pid-2.html
InternetURL: C:\Users\Tng family\Favorites\看图搜片.url -> javascript:void((function(){var e=document.createElement("script");e.setAttribute("id","qvod_search");e.setAttribute("type","text/javascript");e.setAttribute("charset","UTF-8");e.setAttribute("src","hxxp://www.huaseji.com/js/searchMovie/qvodSearch.js?r="+Math.random()*99999999);document.body.appendChild(e)})());
InternetURL: C:\Users\Tng family\Favorites\知识网——新加坡首创,新一代多媒体、多功能、多应用、动画效果辅助教材。.url -> hxxp://www.ezhishi.net/
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Tng family\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
InternetURL: C:\Users\Tng family\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Tng family\Favorites\Links\Yahoo Singapore.url -> hxxp://sg.yahoo.com/
InternetURL: C:\Users\Tng family\Favorites\Links\看图搜片.url -> javascript:void((function(){var e=document.createElement("script");e.setAttribute("id","qvod_search");e.setAttribute("type","text/javascript");e.setAttribute("charset","UTF-8");e.setAttribute("src","hxxp://www.huaseji.com/js/searchMovie/qvodSearch.js?r="+Math.random()*99999999);document.body.appendChild(e)})());
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Tng family\Favorites\Lenovo\Lenovo.url -> hxxp://www.lenovo.com/
InternetURL: C:\Users\Tng family\Desktop\learnology.url -> hxxp://www.learnlogy.com/index.php
InternetURL: C:\Users\Tng family\Desktop\MCOnline.url -> hxxp://www.lead.com.sg/LEAD/login/lms_login.aspx
InternetURL: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com

==================== End of log =============================


  • 0

Advertisements

#32
Machiavelli
Posted 02 August 2014 - 02:53 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.

  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

Tango

Additional instructions can be found here if needed.

 

Step 1: FRST Fix

  • Please download the attached fixlist.txt file and save it to the same location as FRST
  • Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

Step 2: FRST Scan

 

  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Make sure Shortcut.txt is checked.
  • Click Scan to start FRST.
  • When FRST finishes scanning, logs FRST.txt and Shortcut.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of these logs into your next post please.

 

 

Still redirects?

Attached Files


  • 0

#33
happyhome
Posted 02 August 2014 - 03:42 AM

happyhome

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Hi Machi

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 01
Ran by Tng family at 2014-08-02 17:37:49 Run:3
Running from C:\Users\Tng family\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ShellIconOverlayIdentifiers-x32: DownloadIcon -> {A8502600-B272-4F68-A67B-A0305D46D297} => C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.99.0\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
C:\Program Files (x86)\QvodPlayer
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://xin.msn.com/
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw.dll No File
2014-08-01 18:45 - 2014-08-01 18:45 - 00000000 ___DC () C:\QvodPlayer
C:\Users\Tng family\AppData\Local\Temp\mirc732.exe
C:\Users\Tng family\AppData\Local\Temp\uninstall.exe
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango\Tango.lnk -> C:\Program Files (x86)\Tango\Tango.exe (Tango Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango\Uninstall.lnk -> C:\Program Files (x86)\Tango\uninst.exe ()
Shortcut: C:\Users\Public\Desktop\Tango.lnk -> C:\Program Files (x86)\Tango\Tango.exe (Tango Inc.)
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\ Check Your PC Performance.url -> hxxp://www.auslogics.com/en/cpages/free-system-scan/?source=smenu&reason=disk-defrag
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Auslogics Disk Defrag on the Web.url -> hxxp://www.auslogics.com/en/software/disk-defrag
InternetURL: C:\Users\Tng family\Favorites\Links\看图搜片.url -> javascript:void((function(){var e=document.createElement("script");e.setAttribute("id","qvod_search");e.setAttribute("type","text/javascript");e.setAttribute("charset","UTF-8");e.setAttribute("src","hxxp://www.huaseji.com/js/searchMovie/qvodSearch.js?r="+Math.random()*99999999);document.body.appendChild(e)})());
*****************

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DownloadIcon" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A8502600-B272-4F68-A67B-A0305D46D297}" => Key deleted successfully.
C:\Program Files (x86)\QvodPlayer => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => Key deleted successfully.
C:\windows\system32\Adobe\Director\np32dsw.dll not found.
C:\QvodPlayer => Moved successfully.
C:\Users\Tng family\AppData\Local\Temp\mirc732.exe => Moved successfully.
C:\Users\Tng family\AppData\Local\Temp\uninstall.exe => Moved successfully.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango\Tango.lnk -> C:\Program Files (x86)\Tango\Tango.exe (Tango Inc.) => Error: No automatic fix found for this entry.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango\Uninstall.lnk -> C:\Program Files (x86)\Tango\uninst.exe () => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Public\Desktop\Tango.lnk -> C:\Program Files (x86)\Tango\Tango.exe (Tango Inc.) => Error: No automatic fix found for this entry.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\ Check Your PC Performance.url => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Auslogics Disk Defrag on the Web.url => Moved successfully.
C:\Users\Tng family\Favorites\Links\看图搜片.url => Moved successfully.

==== End of Fixlog ====

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 01
Ran by Tng family (administrator) on TNG-FAMILY-PC on 02-08-2014 17:39:42
Running from C:\Users\Tng family\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files (x86)\QvodPlayer\QvodWebBase\1.0.0.48\QvodWebService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_145_ActiveX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-15] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-07-17] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2522120943-1274516608-2902159866-1001\...\Run: [GoogleChromeAutoLaunch_862EC30EB1851205146266A5AA620BF4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
Startup: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DownloadIcon -> {A8502600-B272-4F68-A67B-A0305D46D298} => C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.99.0\QvodExtend_x64.dll No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-SG
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.sg/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Tng family\AppData\Roaming\Mozilla\Firefox\Profiles\w8wjuqgw.default-1406729069794
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-14]

Chrome:
=======
CHR HomePage: hxxp://www.google.com.sg/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Entanglement Web App) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-05-03]
CHR Extension: (优酷一键通Sotapit) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\alddjbjplgobbllfolehibiclbhmomla [2014-05-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Hola Better Internet) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-08-01]
CHR Extension: (avast! Online Security) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-08]
CHR Extension: (Go away MDA - Bypass MDA blocked sites) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\lledpflfnanamkogoclkgaggfdgoalok [2014-05-20]
CHR Extension: (Poppit!) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Unblock Youku) - C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnfnkhpgegpcingjbfihlkjeighnddk [2014-05-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-07] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-07-17] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-07-17] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-07] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [30568 2012-11-08] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-07-17] (BlueStack Systems)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-11] (Realtek Semiconductor Corporation                           )
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-25] (Anchorfree Inc.)
S3 USTOR2K; C:\Windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S1 bd0004; system32\DRIVERS\bd0004.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 e1kexpress; system32\DRIVERS\e1k62x64.sys [X]
S3 gdrv; \??\C:\windows\gdrv.sys [X]
S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 15:43 - 2014-08-02 15:43 - 00076168 _____ () C:\Users\Tng family\Downloads\Shortcut.txt
2014-08-02 14:06 - 2014-08-02 17:09 - 00000112 _____ () C:\windows\setupact.log
2014-08-02 14:06 - 2014-08-02 14:06 - 00000000 _____ () C:\windows\setuperr.log
2014-08-02 14:05 - 2014-08-02 14:05 - 00000574 _____ () C:\windows\PFRO.log
2014-08-02 13:31 - 2014-08-02 15:51 - 00010715 _____ () C:\windows\WindowsUpdate.log
2014-08-02 11:36 - 2014-08-02 11:36 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Tng family\Desktop\sc-cleaner.exe
2014-08-02 11:36 - 2014-08-02 11:36 - 00001826 ____C () C:\sc-cleaner.txt
2014-08-01 21:59 - 2014-08-01 21:59 - 00000504 _____ () C:\Users\Tng family\Desktop\fix.reg
2014-08-01 21:55 - 2014-08-01 21:55 - 00000928 _____ () C:\Users\Tng family\Desktop\NTREGOPT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000909 _____ () C:\Users\Tng family\Desktop\ERUNT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-08-01 21:54 - 2014-08-01 21:54 - 00791393 _____ (Lars Hederer ) C:\Users\Tng family\Downloads\erunt_setup.exe
2014-08-01 21:40 - 2014-08-01 22:06 - 00004242 _____ () C:\Users\Tng family\Desktop\SystemLook.txt
2014-08-01 21:39 - 2014-08-01 21:39 - 00139264 _____ () C:\Users\Tng family\Desktop\SystemLook.exe
2014-08-01 18:47 - 2014-08-01 18:47 - 00000402 _____ () C:\Users\Tng family\Desktop\instruction.txt
2014-08-01 18:26 - 2014-08-01 18:26 - 00002303 _____ () C:\Users\Tng family\Desktop\Chrome App Launcher.lnk
2014-08-01 18:26 - 2014-08-01 18:26 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-31 18:56 - 2014-07-31 18:57 - 00037189 _____ () C:\Users\Tng family\Downloads\Addition.txt
2014-07-31 18:55 - 2014-08-02 17:39 - 00016907 _____ () C:\Users\Tng family\Downloads\FRST.txt
2014-07-31 18:54 - 2014-08-02 17:39 - 00000000 ___DC () C:\FRST
2014-07-31 18:54 - 2014-07-31 18:54 - 02094080 _____ (Farbar) C:\Users\Tng family\Downloads\FRST64.exe
2014-07-30 22:04 - 2014-07-30 22:04 - 00000000 ____D () C:\Users\Tng family\Desktop\Old Firefox Data
2014-07-30 22:02 - 2014-08-01 12:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 20:45 - 2014-07-30 20:45 - 00002543 _____ () C:\Users\Tng family\Desktop\aswMBR.txt
2014-07-30 20:45 - 2014-07-30 20:45 - 00000512 _____ () C:\Users\Tng family\Desktop\MBR.dat
2014-07-30 20:28 - 2014-07-30 20:28 - 05185536 _____ (AVAST Software) C:\Users\Tng family\Desktop\aswMBR.exe
2014-07-29 22:52 - 2014-07-29 22:52 - 00001120 _____ () C:\Users\Tng family\Desktop\eset.txt
2014-07-29 21:32 - 2014-07-29 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-29 21:23 - 2014-07-29 21:23 - 00002291 ____C () C:\mbam2907.txt
2014-07-29 21:00 - 2014-07-29 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tng family\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-29 20:26 - 2014-07-30 19:25 - 00105284 _____ () C:\Users\Tng family\Desktop\OTL.Txt
2014-07-29 20:08 - 2014-07-29 20:08 - 00000767 _____ () C:\Users\Tng family\Desktop\JRT.txt
2014-07-29 20:00 - 2014-07-29 20:00 - 01016261 _____ (Thisisu) C:\Users\Tng family\Desktop\JRT.exe
2014-07-29 19:58 - 2014-07-29 19:58 - 00001556 _____ () C:\Users\Tng family\Desktop\AdwCleaner[S3].txt
2014-07-29 19:51 - 2014-07-29 19:52 - 01365551 _____ () C:\Users\Tng family\Desktop\AdwCleaner.exe
2014-07-28 09:28 - 2014-07-28 09:28 - 00000000 __SHD () C:\found.000
2014-07-27 22:50 - 2014-07-27 22:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-26 19:19 - 2014-07-26 19:19 - 00000000 ___DC () C:\_OTL
2014-07-26 19:01 - 2014-07-26 19:01 - 00602112 _____ (OldTimer Tools) C:\Users\Tng family\Desktop\OTL.exe
2014-07-26 17:28 - 2014-07-26 17:28 - 00000000 ____C () C:\autoexec.bat
2014-07-26 14:17 - 2014-07-26 14:17 - 00816128 _____ () C:\Users\Tng family\Downloads\RogueKiller.exe
2014-07-26 14:15 - 2014-07-26 14:20 - 00000000 ____D () C:\Users\Tng family\Desktop\RK_Quarantine
2014-07-26 14:07 - 2014-07-26 14:07 - 00000021 _____ () C:\windows\tpcsd
2014-07-23 22:47 - 2014-07-23 22:47 - 00000000 ____D () C:\windows\ERUNT
2014-07-23 22:46 - 2014-07-23 22:46 - 01016261 _____ (Thisisu) C:\Users\Tng family\Downloads\JRT.exe
2014-07-23 22:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-07-23 22:38 - 2014-07-23 22:39 - 01354223 _____ () C:\Users\Tng family\Downloads\adwcleaner_3.216.exe
2014-07-23 22:28 - 2014-07-23 22:28 - 00035320 ____C () C:\ComboFix.txt
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 21:56 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-22 21:56 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-07-22 21:56 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-07-22 21:56 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-07-22 21:53 - 2014-07-22 21:56 - 00004088 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 21:50 - 2014-07-29 23:01 - 00000047 ____H () C:\Users\Tng family\FunShion.ini
2014-07-22 21:26 - 2014-07-29 21:20 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-22 21:24 - 2014-07-29 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-22 21:24 - 2014-07-29 21:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-22 21:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-22 21:24 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-22 21:00 - 2014-07-23 22:28 - 00000000 ___DC () C:\Qoobox
2014-07-22 20:59 - 2014-07-22 20:59 - 05562504 ____R (Swearware) C:\Users\Tng family\Downloads\ComboFix.exe
2014-07-20 08:53 - 2014-07-20 08:53 - 00033377 _____ () C:\Users\Tng family\Documents\Recipe for sandwich.pptx
2014-07-18 14:38 - 2014-07-22 21:44 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Funshion
2014-07-16 16:24 - 2014-07-16 16:24 - 00000000 ____D () C:\Users\Tng family\AppData\Local\Giraffe
2014-07-13 15:41 - 2014-07-13 15:41 - 00000000 _____ () C:\windows\SysWOW64\_backup
2014-07-11 22:19 - 2014-07-12 13:19 - 11204096 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:17 - 2014-07-08 19:17 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\DropboxMaster
2014-07-08 19:16 - 2014-07-08 19:17 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Dropbox
2014-07-08 19:16 - 2014-07-08 19:16 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-07 20:54 - 2014-07-07 20:54 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-05 17:10 - 2014-07-29 22:15 - 00000000 ___HD () C:\Users\Public\FunAcce

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-02 17:40 - 2014-07-31 18:55 - 00016907 _____ () C:\Users\Tng family\Downloads\FRST.txt
2014-08-02 17:39 - 2014-07-31 18:54 - 00000000 ___DC () C:\FRST
2014-08-02 17:38 - 2011-11-10 22:45 - 00030208 ___SH () C:\Users\Tng family\Thumbs.db
2014-08-02 17:37 - 2013-05-11 06:48 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-02 17:19 - 2013-03-30 20:40 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-02 17:16 - 2009-07-14 12:45 - 00022848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-02 17:16 - 2009-07-14 12:45 - 00022848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-02 17:12 - 2014-08-02 13:31 - 00010715 _____ () C:\windows\WindowsUpdate.log
2014-08-02 17:09 - 2014-08-02 14:06 - 00000112 _____ () C:\windows\setupact.log
2014-08-02 17:09 - 2013-05-11 06:48 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-02 17:09 - 2009-07-14 13:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-02 15:43 - 2014-08-02 15:43 - 00076168 _____ () C:\Users\Tng family\Downloads\Shortcut.txt
2014-08-02 14:06 - 2014-08-02 14:06 - 00000000 _____ () C:\windows\setuperr.log
2014-08-02 14:05 - 2014-08-02 14:05 - 00000574 _____ () C:\windows\PFRO.log
2014-08-02 13:34 - 2013-12-18 11:29 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-08-02 11:36 - 2014-08-02 11:36 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Tng family\Desktop\sc-cleaner.exe
2014-08-02 11:36 - 2014-08-02 11:36 - 00001826 ____C () C:\sc-cleaner.txt
2014-08-01 22:09 - 2013-03-30 12:48 - 00000000 ____D () C:\windows\erdnt
2014-08-01 22:06 - 2014-08-01 21:40 - 00004242 _____ () C:\Users\Tng family\Desktop\SystemLook.txt
2014-08-01 21:59 - 2014-08-01 21:59 - 00000504 _____ () C:\Users\Tng family\Desktop\fix.reg
2014-08-01 21:55 - 2014-08-01 21:55 - 00000928 _____ () C:\Users\Tng family\Desktop\NTREGOPT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000909 _____ () C:\Users\Tng family\Desktop\ERUNT.lnk
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-08-01 21:55 - 2014-08-01 21:55 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-08-01 21:54 - 2014-08-01 21:54 - 00791393 _____ (Lars Hederer ) C:\Users\Tng family\Downloads\erunt_setup.exe
2014-08-01 21:39 - 2014-08-01 21:39 - 00139264 _____ () C:\Users\Tng family\Desktop\SystemLook.exe
2014-08-01 18:47 - 2014-08-01 18:47 - 00000402 _____ () C:\Users\Tng family\Desktop\instruction.txt
2014-08-01 18:26 - 2014-08-01 18:26 - 00002303 _____ () C:\Users\Tng family\Desktop\Chrome App Launcher.lnk
2014-08-01 18:26 - 2014-08-01 18:26 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 17:36 - 2013-02-01 17:40 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Skype
2014-08-01 13:22 - 2013-07-14 19:24 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-08-01 13:21 - 2013-03-30 20:56 - 00000000 ___DC () C:\Program Files\Common Files\McAfee
2014-08-01 12:55 - 2010-10-11 05:38 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-01 12:54 - 2010-10-11 05:38 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-08-01 12:53 - 2014-07-30 22:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 12:42 - 2014-05-13 10:09 - 00000000 ___DC () C:\Alissa work
2014-07-31 18:57 - 2014-07-31 18:56 - 00037189 _____ () C:\Users\Tng family\Downloads\Addition.txt
2014-07-31 18:54 - 2014-07-31 18:54 - 02094080 _____ (Farbar) C:\Users\Tng family\Downloads\FRST64.exe
2014-07-30 22:04 - 2014-07-30 22:04 - 00000000 ____D () C:\Users\Tng family\Desktop\Old Firefox Data
2014-07-30 20:45 - 2014-07-30 20:45 - 00002543 _____ () C:\Users\Tng family\Desktop\aswMBR.txt
2014-07-30 20:45 - 2014-07-30 20:45 - 00000512 _____ () C:\Users\Tng family\Desktop\MBR.dat
2014-07-30 20:38 - 2013-04-18 10:56 - 00000000 ___DC () C:\QUARANTINE
2014-07-30 20:28 - 2014-07-30 20:28 - 05185536 _____ (AVAST Software) C:\Users\Tng family\Desktop\aswMBR.exe
2014-07-30 19:25 - 2014-07-29 20:26 - 00105284 _____ () C:\Users\Tng family\Desktop\OTL.Txt
2014-07-29 23:01 - 2014-07-22 21:50 - 00000047 ____H () C:\Users\Tng family\FunShion.ini
2014-07-29 22:52 - 2014-07-29 22:52 - 00001120 _____ () C:\Users\Tng family\Desktop\eset.txt
2014-07-29 22:15 - 2014-07-05 17:10 - 00000000 ___HD () C:\Users\Public\FunAcce
2014-07-29 21:32 - 2014-07-29 21:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-29 21:23 - 2014-07-29 21:23 - 00002291 ____C () C:\mbam2907.txt
2014-07-29 21:20 - 2014-07-22 21:26 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-29 21:02 - 2014-07-22 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-29 21:02 - 2014-07-22 21:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-29 21:02 - 2014-06-08 18:16 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-29 21:00 - 2014-07-29 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tng family\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-29 20:08 - 2014-07-29 20:08 - 00000767 _____ () C:\Users\Tng family\Desktop\JRT.txt
2014-07-29 20:00 - 2014-07-29 20:00 - 01016261 _____ (Thisisu) C:\Users\Tng family\Desktop\JRT.exe
2014-07-29 19:58 - 2014-07-29 19:58 - 00001556 _____ () C:\Users\Tng family\Desktop\AdwCleaner[S3].txt
2014-07-29 19:56 - 2014-04-10 17:39 - 00000000 ___DC () C:\AdwCleaner
2014-07-29 19:52 - 2014-07-29 19:51 - 01365551 _____ () C:\Users\Tng family\Desktop\AdwCleaner.exe
2014-07-29 19:37 - 2014-03-22 16:21 - 00000000 ____D () C:\windows\system32\appmgmt
2014-07-29 19:36 - 2014-03-22 16:26 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\DVDVideoSoft
2014-07-28 10:41 - 2009-07-14 13:13 - 00006666 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-28 09:55 - 2013-03-29 21:11 - 00000000 ____D () C:\windows\Minidump
2014-07-28 09:28 - 2014-07-28 09:28 - 00000000 __SHD () C:\found.000
2014-07-27 22:50 - 2014-07-27 22:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-27 21:12 - 2009-07-14 13:08 - 00032628 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-07-26 19:19 - 2014-07-26 19:19 - 00000000 ___DC () C:\_OTL
2014-07-26 19:01 - 2014-07-26 19:01 - 00602112 _____ (OldTimer Tools) C:\Users\Tng family\Desktop\OTL.exe
2014-07-26 17:28 - 2014-07-26 17:28 - 00000000 ____C () C:\autoexec.bat
2014-07-26 14:20 - 2014-07-26 14:15 - 00000000 ____D () C:\Users\Tng family\Desktop\RK_Quarantine
2014-07-26 14:17 - 2014-07-26 14:17 - 00816128 _____ () C:\Users\Tng family\Downloads\RogueKiller.exe
2014-07-26 14:07 - 2014-07-26 14:07 - 00000021 _____ () C:\windows\tpcsd
2014-07-25 15:55 - 2013-04-14 22:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 06:44 - 2014-05-14 08:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-23 22:47 - 2014-07-23 22:47 - 00000000 ____D () C:\windows\ERUNT
2014-07-23 22:46 - 2014-07-23 22:46 - 01016261 _____ (Thisisu) C:\Users\Tng family\Downloads\JRT.exe
2014-07-23 22:39 - 2014-07-23 22:38 - 01354223 _____ () C:\Users\Tng family\Downloads\adwcleaner_3.216.exe
2014-07-23 22:28 - 2014-07-23 22:28 - 00035320 ____C () C:\ComboFix.txt
2014-07-23 22:28 - 2014-07-22 21:00 - 00000000 ___DC () C:\Qoobox
2014-07-23 22:23 - 2009-07-14 10:34 - 00000215 ____C () C:\windows\system.ini
2014-07-22 23:55 - 2013-07-14 19:49 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\vlc
2014-07-22 21:56 - 2014-07-22 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 21:56 - 2014-07-22 21:53 - 00004088 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 21:56 - 2013-10-19 06:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 21:56 - 2011-06-08 13:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-22 21:50 - 2011-03-13 21:35 - 00000000 ____D () C:\Users\Tng family
2014-07-22 21:48 - 2014-05-11 14:40 - 00000000 ____D () C:\ProgramData\QvodPlayer
2014-07-22 21:44 - 2014-07-18 14:38 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Funshion
2014-07-22 21:25 - 2013-03-30 20:06 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Malwarebytes
2014-07-22 21:24 - 2013-03-30 20:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-22 21:24 - 2013-03-30 20:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-07-22 21:16 - 2009-07-14 11:20 - 00000000 ___HD () C:\Users\Default
2014-07-22 21:10 - 2009-07-14 10:34 - 79691776 _____ () C:\windows\system32\config\software.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 28049408 _____ () C:\windows\system32\config\system.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 00524288 _____ () C:\windows\system32\config\default.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 00262144 _____ () C:\windows\system32\config\security.bak
2014-07-22 21:10 - 2009-07-14 10:34 - 00262144 _____ () C:\windows\system32\config\sam.bak
2014-07-22 20:59 - 2014-07-22 20:59 - 05562504 ____R (Swearware) C:\Users\Tng family\Downloads\ComboFix.exe
2014-07-21 21:39 - 2013-10-27 16:17 - 00000000 ____D () C:\Users\Tng family\AppData\Local\Canon Easy-PhotoPrint EX
2014-07-21 21:31 - 2009-07-14 13:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-07-20 22:08 - 2014-05-13 10:08 - 00000000 ___DC () C:\adrian work
2014-07-20 20:15 - 2011-09-09 22:35 - 00000954 _____ () C:\Users\Tng family\AppData\Roaming\coreavc.ini
2014-07-20 08:53 - 2014-07-20 08:53 - 00033377 _____ () C:\Users\Tng family\Documents\Recipe for sandwich.pptx
2014-07-19 21:58 - 2011-04-27 16:18 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 16:24 - 2014-07-16 16:24 - 00000000 ____D () C:\Users\Tng family\AppData\Local\Giraffe
2014-07-16 09:48 - 2014-06-03 19:19 - 00000000 ____D () C:\ProgramData\Norton
2014-07-13 15:41 - 2014-07-13 15:41 - 00000000 _____ () C:\windows\SysWOW64\_backup
2014-07-12 13:19 - 2014-07-11 22:19 - 11204096 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-12 13:19 - 2013-03-30 20:40 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-12 13:19 - 2012-06-16 20:57 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-12 13:19 - 2012-01-27 21:26 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-11 03:02 - 2014-07-22 21:56 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-22 21:56 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-22 21:56 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-22 21:56 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-07-08 19:17 - 2014-07-08 19:17 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\DropboxMaster
2014-07-08 19:17 - 2014-07-08 19:16 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Dropbox
2014-07-08 19:16 - 2014-07-08 19:16 - 00000000 ____D () C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-07 20:54 - 2014-07-07 20:54 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-07 20:54 - 2014-04-19 10:35 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-07 20:54 - 2013-12-27 22:04 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-07 20:54 - 2013-07-14 19:24 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-07 20:54 - 2011-04-27 16:17 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-06 11:44 - 2012-02-19 20:12 - 00000435 _____ () C:\Users\Tng family\Desktop\gettingold.txt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-28 21:33

==================== End Of Log ============================

 

 

Users shortcut scan result (x64) Version: 31-07-2014 01
Ran by Tng family at 2014-08-02 17:40:24
Running from C:\Users\Tng family\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

 

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Funshion.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\影视搜索.lnk -> C:\Program Files (x86)\QMovie\QMovie.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\¹¥³ÇÂÓµØ.lnk -> C:\Program Files (x86)\602game\gcld\gcld.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\·çÐÐ\·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Funshion.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\·çÐÐ\жÔØ ·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WALKMAN Guide\NWZ-W260 WALKMAN Guide.lnk -> C:\Program Files (x86)\Sony\WALKMAN Guide\NWZ-W260\WALKMANGuide.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Sony PC Companion 2.1.lnk -> C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Media Player Classic.lnk -> C:\Program Files (x86)\Real Alternative\Media Player Classic\mplayerc.exe (Gabest)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Uninstall\Uninstall Real Alternative.lnk -> C:\Program Files (x86)\Real Alternative\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Help\FAQ.lnk -> C:\Program Files (x86)\Real Alternative\Info\faq.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative\Configuration\RealMedia.lnk -> C:\Program Files (x86)\Real Alternative\settings.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 11\Nero Burning ROM.lnk -> C:\Program Files (x86)\Nero\Nero 11\nero.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero 11\Nero Express.lnk -> C:\Program Files (x86)\Nero\Nero 11\NeroExpress.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\MyPlayBus Games.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\MyPlayBus Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\Plants Vs Zombies Game Of The Year Edition.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\Plants Vs Zombies Game Of The Year Edition.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\LVT.lnk -> C:\Program Files\Lenovo\LVT\LVT.exe (Lenovo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\JumpStart PreSchool.lnk -> C:\KA\PrSchool\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\Manual.lnk -> C:\KA\PrSchool\Help\Help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\Product Registration.lnk -> C:\KA\PrSchool\EREG\EREG.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart PreSchool\Uninstall.lnk -> C:\Program Files (x86)\Common Files\JumpStart Classics\Uninstall\PreSchoolUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\JumpStart Kindergarten.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\Manual.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\Help\Help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\Product Registration.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\EREG\EREG.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart Kindergarten\Uninstall.lnk -> C:\Program Files (x86)\Common Files\JumpStart Classics\Uninstall\KGUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\JumpStart First Grade.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\Manual.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\Help\Help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\Product Registration.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\EREG\EREG.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart Classics\JumpStart First Grade\Uninstall.lnk -> C:\Program Files (x86)\Common Files\JumpStart Classics\Uninstall\FGUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\JumpStart Phonics Read and Rhyme.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\JSPhonics.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\JumpStart Website.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\Web\website.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\Manual.lnk -> E:\Manual\Help.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\Uninstall.lnk -> C:\Program Files (x86)\Common Files\Knowledge Adventure\Uninstall\JSPhonicsReadRhymeUn.exe (Knowledge Adventure)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Photo Stream.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\PhotoStream.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Wizard.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GomWiz.exe (Gretech Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\Uninstall.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe (Gretech Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\Documentation.lnk -> C:\Program Files (x86)\ERUNT\README.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\ERUNT Homepage.lnk -> C:\Program Files (x86)\ERUNT\ERUNT.URL ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\ERUNT.lnk -> C:\Program Files (x86)\ERUNT\ERUNT.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\NTREGOPT.lnk -> C:\Program Files (x86)\ERUNT\NTREGOPT.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT\Uninstall ERUNT.lnk -> C:\Program Files (x86)\ERUNT\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Transfer\Add Gadget.lnk -> C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\Content Transfer.gadget ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Transfer\Content Transfer.lnk -> C:\Program Files (x86)\Sony\Content Transfer\ContentTransfer.exe (Sony Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Transfer\Help.lnk -> C:\Program Files (x86)\Sony\Content Transfer\Resources\ENU\Content Transfer Help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk -> C:\Program Files\CCleaner\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX Readme.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer Readme.lnk -> C:\Program Files\Canon\MyPrinter\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX 5.0.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\mpnex50.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Readme.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Tool\IJ Network Tool.lnk -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNPUT.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX Readme.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\CNEZMAIN.EXE (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Manual\Uninstall.lnk -> C:\Program Files (x86)\Canon\IJ Manual\CANON MG3100 SERIES\uninstall.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series\Readme XPS.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon MG3100 series\readme_English_xps.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series\Readme.lnk -> C:\Program Files\CanonBJ\IJPrinter\Canon MG3100 series\readme_English.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks\Start BlueStacks.lnk -> C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe (BlueStack Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BaiduPlayer\BaiduPlayer.lnk -> C:\Users\Tng family\3.9.3.12\BaiduPlayer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BaiduPlayer\Uninstall BaiduPlayer.lnk -> C:\Users\Tng family\3.9.3.12\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\Disk Defrag\Auslogics Disk Defrag.lnk -> C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag\DiskDefrag.exe (Auslogics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter.lnk -> D:\AnvSoft\Any Video Converter\VideoConverter.exe (Any-Video-Converter.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Uninstall Any Video Converter.lnk -> D:\AnvSoft\Any Video Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{C63B54EB-41D4-42B3-A76A-93215F1DF821}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\JSPhonics.exe (Knowledge Adventure)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader X.lnk -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Apps.lnk -> C:\Users\Public\Libraries\Apps.library-ms ()
Shortcut: C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\Canon Solution Menu EX.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Content Transfer.lnk -> C:\Program Files (x86)\Sony\Content Transfer\ContentTransfer.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\JumpStart First Grade.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\JumpStart Kindergarten.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart Kindergarten\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\JumpStart Phonics Read and Rhyme.lnk -> C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\JSPhonics.exe (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\JumpStart PreSchool.lnk -> C:\KA\PrSchool\LAUNCH.EXE (Knowledge Adventure)
Shortcut: C:\Users\Public\Desktop\LVT.lnk -> C:\Program Files\Lenovo\LVT\LVT.exe (Lenovo)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\MyPlayBus Games.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\MyPlayBus Games.url ()
Shortcut: C:\Users\Public\Desktop\NWZ-W260 WALKMAN Guide.lnk -> C:\Program Files (x86)\Sony\WALKMAN Guide\NWZ-W260\WALKMANGuide.exe (Sony Corporation)
Shortcut: C:\Users\Public\Desktop\Plants Vs Zombies Game Of The Year Edition.lnk -> C:\Program Files (x86)\MyPlayBus.com\Plants Vs Zombies Game Of The Year Edition\Plants Vs Zombies Game Of The Year Edition.exe ()
Shortcut: C:\Users\Public\Desktop\Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Public\Desktop\Start BlueStacks.lnk -> C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe (BlueStack Systems, Inc.)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Tng family\Libraries - Shortcut.lnk -> C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Tng family\Links\Desktop.lnk -> C:\Users\Tng family\Desktop ()
Shortcut: C:\Users\Tng family\Links\Downloads.lnk -> C:\Users\Tng family\Downloads ()
Shortcut: C:\Users\Tng family\Links\Videos.lnk -> C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms ()
Shortcut: C:\Users\Tng family\Desktop\Any Video Converter.lnk -> D:\AnvSoft\Any Video Converter\VideoConverter.exe (Any-Video-Converter.com)
Shortcut: C:\Users\Tng family\Desktop\ERUNT.lnk -> C:\Program Files (x86)\ERUNT\ERUNT.EXE ()
Shortcut: C:\Users\Tng family\Desktop\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\Tng family\Desktop\NTREGOPT.lnk -> C:\Program Files (x86)\ERUNT\NTREGOPT.EXE ()
Shortcut: C:\Users\Tng family\Desktop\SpeedFan.lnk -> C:\Program Files (x86)\SpeedFan\speedfan.exe (Almico Software (www.almico.com))
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kelloggs Ocean Comic Constructor\Kellogg's Ocean Comic Constructor.lnk -> C:\Program Files (x86)\Kelloggs Ocean Comic Constructor\Kelloggs Ocean Comic.exe (Kellogg's                           )
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Tng family\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk -> C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\·çÐÐ.lnk -> C:\Program Files (x86)\Funshion Online\3.0.1.23\Funshion.exe (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GOM.EXE.lnk -> C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0001.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian.pdf (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0002.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian_0001.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0003.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian 2.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0004.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian 3.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0005.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2013_11_11\adrian 4.jpg (No File)
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0006.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_14\IC.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0007.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_14\IC 2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0008.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_20\swim safer.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0009.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_25\science notes 2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0010.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_25\science notes 2-2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0011.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_25\science notes 1.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0012.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 1.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0013.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0014.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 2-2.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0015.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_03_23\science notes 3.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0016.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_02\adrian mc.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0017.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0018.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test_0001.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0019.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa english test.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0020.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0021.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0022.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 3_0001.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0023.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 5.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0024.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 6.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0025.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 7.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0026.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_05_03\alissa math 8.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0027.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2705 p1 chinese report\adrian chinese report card 1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0028.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2705 p1 chinese report\adrian chinese report card 2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0029.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0030.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0031.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0032.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0033.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A4.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0034.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A5.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0035.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A6.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0036.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A7.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0037.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science A8.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0038.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0039.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0040.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B10.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0041.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B11.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0042.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B12.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0043.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B13.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0044.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B14.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0045.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\p3 science 2906\alissa science B15.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0046.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_07_21\happyfamily.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0047.lnk -> C:\Alissa work\2014_07_27\catholic high school p3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0048.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -1.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0049.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -2.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0050.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -3.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0051.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -4.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0052.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -5.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0053.lnk -> C:\Alissa work\2014_07_27\catholic high school p3 -6.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\sc\hstr_0054.lnk -> C:\Alissa work\2014_07_30\MC alissa.pdf ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0001.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_01_20\swim safer.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0002.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0003.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_04_03\alissa english test_0001.jpg ()
Shortcut: C:\Users\Tng family\AppData\Roaming\Canon\MP Navigator EX V50\history\ap\hstr_0004.lnk -> C:\Users\Tng family\Pictures\MP Navigator EX\2014_07_21\happyfamily.jpg ()
Shortcut: C:\Users\Tng family\AppData\Local\Microsoft\Windows\GameExplorer\{81DE10D7-C669-443F-B479-CB3C867B6267}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\JumpStart Classics\JumpStart First Grade\FG.EXE ()
Shortcut: C:\Users\Tng family\AppData\Local\Microsoft\Windows\GameExplorer\{22E5DBBE-347A-4718-983B-EEFEDE22650D}\PlayTasks\0\Play.lnk -> C:\KA\PrSchool\PRSCHOOL.EXE ()

 

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Sony PC Companion\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe (Sony) -> -uninst -runfromtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JumpStart\Phonics Read and Rhyme\Readme.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> "C:\Program Files (x86)\JumpStart\Phonics Read and Rhyme\Readme.txt"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Advanced.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Dashboard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Wizard.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Wizard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start CCC
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Restart Runtime.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) -> Restart
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Solution Menu EX\Solution Menu EX Uninstall.lnk -> C:\Program Files (x86)\Canon\Solution Menu EX\uninst.exe (CANON INC.) -> /Uninstall C:\Program Files (x86)\Canon\Solution Menu EX\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer Uninstall.lnk -> C:\Program Files\Canon\MyPrinter\uninst.exe (CANON INC.) -> C:\Program Files\Canon\MyPrinter\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\My Printer\My Printer.lnk -> C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) -> /mn
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\MP Navigator EX 5.0\MP Navigator EX Uninstall.lnk -> C:\Program Files (x86)\Canon\MP Navigator EX 5.0\Maint.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 5.0\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Network Scanner Selector EX\IJ Network Scanner Selector EX Uninstall.lnk -> C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe (CANON INC.) -> /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Easy-PhotoPrint EX\Easy-PhotoPrint EX Uninstall.lnk -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe (CANON INC.) -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.ini
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series Manual\Canon MG3100 series On-screen Manual.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON MG3100 SERIES\English\Info.egv"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG3100 series\View Print History XPS.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNMXPVAR.EXE (CANON INC.) -> "Canon MG3100 series Printer XPS"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\appamrt.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.appmart1632 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Apps.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.appmart com.bluestacks.appmart.MarketPageGrid
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Appstore.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.amazon.venezia com.amazon.venezia.Venezia
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Blood Brothers.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.mobage.ww.a759.Blood_Brothers_Android com.ngmoco.marketingapp.PackageApplication
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\BstCommandProcessor.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.BstCommandProcessor120 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\CookieRun.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.linecorp.LGCOOKIE com.devsisters.CookieRunForKakao.OvenbreakX
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Facebook.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.facebook.katana com.facebook.katana.LoginActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\GSN Casino.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.gsn.android.casino com.prime31.UnityPlayerProxyActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\home.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.home2004 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Pulse.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.alphonso.pulse com.alphonso.pulse.newsrack.NewsRackActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\s2p.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.s2p2006 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\search.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.bluestacks.searchapp1505 .Main
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Twitter.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.twitter.android com.twitter.android.StartActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\Zombies.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android com.glu.zamf1 com.google.android.vending.expansion.downloader_impl.DownloaderActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\My Apps\フルボッコ.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android jp.co.drecom.drif com.prime31.UnityPlayerProxyActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\App Stores\1Mobile Market.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android me.onemobile.android me.onemobile.android.MainPagerActivity
ShortcutWithArgument: C:\ProgramData\BlueStacks\UserData\Library\App Stores\GetJar.lnk -> C:\Program Files (x86)\BlueStacks\HD-RunApp.exe (BlueStack Systems, Inc.) -> Android getjar.android.client getjar.android.client.Main
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Public\Desktop\Canon MG3100 series On-screen Manual.lnk -> C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe (CANON INC.) -> "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON MG3100 SERIES\English\Info.egv"
ShortcutWithArgument: C:\Users\Tng family\Desktop\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE () -> %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kelloggs Ocean Comic Constructor\Uninstall Kelloggs Ocean Comic Constructor.lnk -> C:\Windows\Kelloggs Ocean Comic Constructor\uninstall.exe () -> "/U:C:\Program Files (x86)\Kelloggs Ocean Comic Constructor\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Tng family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Tng family\AppData\Local\Google\Chrome\User Data\Chrome App Launcher.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\Homepage.url -> hxxp://www.gomlab.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo.url -> hxxp://www.lenovo.com/
InternetURL: C:\Users\Tng family\Favorites\2013最新电影,快播电影排行榜,百度影音电影下载 - 看戏123电影.url -> hxxp://www.kanxi123.com/
InternetURL: C:\Users\Tng family\Favorites\707 My Family Heater [Cheong Hock Guan].url -> hxxp://www.chg.com.sg/pro5_princeton.html
InternetURL: C:\Users\Tng family\Favorites\8D Rhythm of Taiwan  SA Tours.url -> hxxp://www.satours.com/group-tours/taiwan/8d-rhythm-of-taiwan/
InternetURL: C:\Users\Tng family\Favorites\Air Clean Vincent Kitchen Maintenance & General Services (Tampines) - inSing.com.url -> hxxp://search.insing.com/business/air-clean-vincent-kitchen-maintenance-general-services/tampines-simei/id-e64d0200
InternetURL: C:\Users\Tng family\Favorites\Angry Birds - Tower Defense Games.url -> hxxp://www.towerdefensearcade.net/playgame/27066/Angry_Birds/
InternetURL: C:\Users\Tng family\Favorites\Availability of Flats.url -> hxxp://services2.hdb.gov.sg/webapp/BP13INTV/BP13SFlatAvailability?sel=SBF
InternetURL: C:\Users\Tng family\Favorites\Badminton Central Discussion Forums - The Front Page.url -> hxxp://www.badmintoncentral.com/forums/
InternetURL: C:\Users\Tng family\Favorites\Badminton Daily Watch.url -> hxxp://badmintonpress.com/
InternetURL: C:\Users\Tng family\Favorites\Blood Brothers RPG Forum  App Invasion.url -> hxxp://www.appinvasion.com/index.php?forums/Blood-Brothers-RPG/
InternetURL: C:\Users\Tng family\Favorites\Blood Brothers RPG • Information.url -> hxxp://www.bloodbrothersrpg.com/
InternetURL: C:\Users\Tng family\Favorites\Blood Brothers WikiAbout Blood Brothers - Blood Brothers Wiki.url -> hxxp://bloodbrothersgame.wikia.com/wiki/Blood_Brothers_Wiki:About_Blood_Brothers
InternetURL: C:\Users\Tng family\Favorites\bolt - definition of bolt by the Free Online Dictionary, Thesaurus and Encyclopedia..url -> hxxp://www.thefreedictionary.com/bolt
InternetURL: C:\Users\Tng family\Favorites\Build-To-Order.url -> hxxp://www101.hdb.gov.sg/hdbvsf/eampu03p.nsf/0/12MARBTOCL_page/$file/12MARBTOCL_about1.htm?open&ft=bto
InternetURL: C:\Users\Tng family\Favorites\bwf's Channel - YouTube.url -> hxxp://www.youtube.com/user/bwf
InternetURL: C:\Users\Tng family\Favorites\Club Penguin.url -> hxxp://clubpenguin.miniclip.com/index.php?lang=en&p=62&ts=1327458429
InternetURL: C:\Users\Tng family\Favorites\DBS iBanking.url -> https://internet-ban...m.sg/IB/Welcome
InternetURL: C:\Users\Tng family\Favorites\Developed by educational psychologists.url -> hxxp://www.icanreadsystem.com/why-so-successful/
InternetURL: C:\Users\Tng family\Favorites\DH-3DL2S  Panasonic.url -> hxxp://www.panasonic.com.sg/wps/portal/home/products/homeappliances/showersystem/DH3DL2S
InternetURL: C:\Users\Tng family\Favorites\Eton, Eater of Darkness II - Blood Brothers Wiki.url -> hxxp://bloodbrothersgame.wikia.com/wiki/Eton,_Eater_of_Darkness_II
InternetURL: C:\Users\Tng family\Favorites\Finals - 2012 Victor Korea Open - YouTube.url -> hxxp://www.youtube.com/watch?v=G2lzZVc4Kc0&feature=relmfu
InternetURL: C:\Users\Tng family\Favorites\Help guide  About the Home Screen.url -> hxxp://www.sony-asia.com/microsite/tablet/helpguide_sgpt1w/GB/contents/03/02/01/01.html
InternetURL: C:\Users\Tng family\Favorites\How to Change Overgrip - YouTube.url -> hxxp://www.youtube.com/watch?v=Re7BnG0bRs0&feature=related
InternetURL: C:\Users\Tng family\Favorites\ICanBook - Facilities Booking System.url -> hxxp://www.icanbook.com.sg/icbnew/Main/UI/Main.aspx
InternetURL: C:\Users\Tng family\Favorites\in house hotel (Taipei, Taiwan)  Expedia.com.sg.url -> hxxp://www.expedia.com.sg/Taipei-Hotels-In-House-Hotel.h5218422.Hotel-Information?chkin=06/03/2013&hashTag=roomsAndRates&chkout=13/03/2013&rm1=a2&
InternetURL: C:\Users\Tng family\Favorites\Login  Singapore Sports Council.url -> https://members.spor...b.sg/Login.aspx
InternetURL: C:\Users\Tng family\Favorites\Luvbabies by Kim Sang - Luvbabies by Kim Sang Medical Hall.url -> hxxp://luvbabies.kimsang.com.sg/
InternetURL: C:\Users\Tng family\Favorites\Members - CSBC Singapore - Clementi Social Badminton Club (Singapore) - Meetup.url -> hxxp://www.meetup.com/CSBadmintonClub-sg/members/?offset=20&desc=1&sort=chapter_member.atime
InternetURL: C:\Users\Tng family\Favorites\Ministry of Education, Singapore Primary One Registration School Vacancies by Phases.url -> hxxp://www.moe.gov.sg/education/admissions/primary-one-registration/vacancies/
InternetURL: C:\Users\Tng family\Favorites\Network For Electronic Transfers (Singapore) Pte Ltd.url -> hxxp://www.nets.com.sg/consumers/promotions/giftoftime/
InternetURL: C:\Users\Tng family\Favorites\NWZ-W260 Series  WALKMAN User Guide.url -> hxxp://www.sony-asia.com/microsite/walkman_i-manuals/FY11/NWZ-W262/eng/
InternetURL: C:\Users\Tng family\Favorites\OCBC Bank.url -> https://internet.ocb...ternet-banking/
InternetURL: C:\Users\Tng family\Favorites\OneMap.url -> hxxp://www.onemap.sg/index.html
InternetURL: C:\Users\Tng family\Favorites\OTL Tutorial - How to use OldTimer ListIt - Malware Removal Guides and Tutorials.url -> hxxp://www.geekstogo.com/forum/topic/277391-otl-tutorial-how-to-use-oldtimer-listit/
InternetURL: C:\Users\Tng family\Favorites\Primary 2 English.url -> hxxp://www.tut-world.com/p2_eng.htm
InternetURL: C:\Users\Tng family\Favorites\PSP ISO, PS2 Games PC Games, Wii Games and alot more $3.99, get 3 FREE 1 + FREE PO...  88DB Singapore.url -> hxxp://sg.88db.com/Buy-Sell/Hobbies-Leisure/ad-483809/
InternetURL: C:\Users\Tng family\Favorites\Sangokushi Taisen 3 Official Website.url -> hxxp://www.sangoku-wars.com/top_all.html
InternetURL: C:\Users\Tng family\Favorites\Service Centres  Access Service Information  Sony Singapore.url -> hxxp://www.sony.com.sg/section/servicecentres
InternetURL: C:\Users\Tng family\Favorites\SGplayers.com - SGcardgames.com  Index.url -> hxxp://www.sgcardgames.com/
InternetURL: C:\Users\Tng family\Favorites\Singapore Canon cameras, digital, LCD, music, audio - Local Classifieds at Gumtree Singapore.url -> hxxp://singapore.gumtree.sg/f-NWZ-W262-Stuff-for-Sale-tv-camera-audio-music-W0QQCatIdZ49QQKeywordZNWQ5AQ2dW262QQPageZ2
InternetURL: C:\Users\Tng family\Favorites\Singapore Taiwan Free and Easy - Your Taiwan Free and Easy Travel Trip Planner.url -> hxxp://singaporetaiwanfreeandeasy.com/
InternetURL: C:\Users\Tng family\Favorites\sunny bay_Bandari_专辑_酷我音乐.url -> hxxp://www.kuwo.cn/album/77291/
InternetURL: C:\Users\Tng family\Favorites\Syrian pups for adoption! - Hamsters Adoption - Singapore Hamsters Club.url -> hxxp://www.sghamsters.com/topic/921-syrian-pups-for-adoption/
InternetURL: C:\Users\Tng family\Favorites\Taiwan High Speed Rail Corporation  Ticketing Information  Passenger Guide  Multi-Ride Ticket.url -> hxxp://www.thsrc.com.tw/en/ticket/tic_multiride_guide.asp
InternetURL: C:\Users\Tng family\Favorites\the mrbrown show.url -> hxxp://www.mrbrownshow.com/
InternetURL: C:\Users\Tng family\Favorites\TOM365免费电影.url -> hxxp://www.tom365.com/
InternetURL: C:\Users\Tng family\Favorites\Training Badminton Skills.url -> hxxp://www.badmintonconnect.com/
InternetURL: C:\Users\Tng family\Favorites\Tuition Centre Singapore – Kent Ridge Tutors Jurong West.url -> hxxp://krtc-jw.sg/
InternetURL: C:\Users\Tng family\Favorites\Welcome to Facebook - Log In, Sign Up or Learn More.url -> hxxp://www.facebook.com/
InternetURL: C:\Users\Tng family\Favorites\What is the plural of live.url -> hxxp://www.wordhippo.com/what-is/the-plural-of/live.html
InternetURL: C:\Users\Tng family\Favorites\WTS Sony Series MP 3 nwz-w262. Retail price $129 selling $60 - Singapore TV, camera, audio, music - Gumtree Singapore.url -> hxxp://singapore.gumtree.sg/c-Stuff-for-Sale-tv-camera-audio-music-WTS-Sony-Series-MP-3-nwz-w262-Retail-price-129-selling-60-W0QQAdIdZ327362249
InternetURL: C:\Users\Tng family\Favorites\YouTube - Badminton Footwork - Chen Weihua Training 26 Footworks Basic 2.url -> hxxp://www.youtube.com/watch?v=EhoQPkEOk48&feature=related
InternetURL: C:\Users\Tng family\Favorites\YouTube - 三國志大戰3 頂上對決 2011 0502 宮崎あおい♪軍 VS 眠い子軍.url -> hxxp://www.youtube.com/watch?v=d21cXop5dl0&feature=feedu
InternetURL: C:\Users\Tng family\Favorites\《小小传奇》Gonna Make It!.url -> hxxp://video.xin.msn.com/browse/catch-up-tv/gonna-make-it
InternetURL: C:\Users\Tng family\Favorites\两个爸爸 - 全集在线观看 - 高清下载 – 电视剧 – 风行.url -> hxxp://www.funshion.com/subject/106982/
InternetURL: C:\Users\Tng family\Favorites\中文字幕下载  字幕下载  电影字幕  外挂字幕  Sub of Movies..url -> hxxp://www.subom.net/
InternetURL: C:\Users\Tng family\Favorites\十二生肖总动员全集-动画片十二生肖总动员全集播放.url -> hxxp://www.bukade.com/cartoon/12shengxiaozongdongyuan/
InternetURL: C:\Users\Tng family\Favorites\大俠傳 - 台灣56區 - 千古大俠夢 神雕俠侶情.url -> hxxp://www.gm99.com/ingame/index?gid=7&sid=56&uname=#account
InternetURL: C:\Users\Tng family\Favorites\妖精的尾巴379_妖精的尾巴第二季_妖精的尾巴漫画_妖精的尾巴中文网_ft.52pk.com.url -> hxxp://ft.52pk.com/
InternetURL: C:\Users\Tng family\Favorites\搜索结果_TOM365免费电影.url -> hxxp://so.tom365.com/files/search.php
InternetURL: C:\Users\Tng family\Favorites\最新专辑列表TOP100排行榜-搜狗音乐.url -> hxxp://music.sogou.com/song/topalbum_1.html?w=02420400&dr=1
InternetURL: C:\Users\Tng family\Favorites\最新电影高清电影热门电影 ——迷电影.url -> hxxp://www.midianying.com/
InternetURL: C:\Users\Tng family\Favorites\正在播放:《来自星星的你[QMV]》 - 无毒免费电影 - WWW.522YY.COM.url -> hxxp://www.522yy.com/vod-play-id-34953-sid-0-pid-2.html
InternetURL: C:\Users\Tng family\Favorites\看图搜片.url -> javascript:void((function(){var e=document.createElement("script");e.setAttribute("id","qvod_search");e.setAttribute("type","text/javascript");e.setAttribute("charset","UTF-8");e.setAttribute("src","hxxp://www.huaseji.com/js/searchMovie/qvodSearch.js?r="+Math.random()*99999999);document.body.appendChild(e)})());
InternetURL: C:\Users\Tng family\Favorites\知识网——新加坡首创,新一代多媒体、多功能、多应用、动画效果辅助教材。.url -> hxxp://www.ezhishi.net/
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Tng family\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Tng family\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Tng family\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Tng family\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
InternetURL: C:\Users\Tng family\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Tng family\Favorites\Links\Yahoo Singapore.url -> hxxp://sg.yahoo.com/
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Tng family\Favorites\Links\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Tng family\Favorites\Lenovo\Lenovo.url -> hxxp://www.lenovo.com/
InternetURL: C:\Users\Tng family\Desktop\learnology.url -> hxxp://www.learnlogy.com/index.php
InternetURL: C:\Users\Tng family\Desktop\MCOnline.url -> hxxp://www.lead.com.sg/LEAD/login/lms_login.aspx
InternetURL: C:\Users\Tng family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com

==================== End of log =============================

 

 

I will restart and let u know how thing r going


  • 0

#34
Machiavelli
Posted 02 August 2014 - 03:45 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

I will restart and let u know how thing r going

OK


  • 0

#35
happyhome
Posted 02 August 2014 - 03:53 AM

happyhome

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Hi Machi

 

This really work wonder :thumbsup: .Thank you so much,  the redirect are gone for both IE & fix fox.

I do have a few question though

 

1. the previous post u instruct to remove Tango .

  • Tango was installed 1 or 2 year back and i think is a not a malware .
  • is it ok to reinstall it? i was thimking QVOD was the culprit because hao123 is a Chinese web site they seem link 

 

2. what was the culprit ?


  • 0

#36
Machiavelli
Posted 02 August 2014 - 03:59 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

happyhome,

 

1. Tango is Adware if we trust this here, here and here. It is your decision if you would like to keep it or not.

 

2. I also think that QVOD was the culprit. The weird thing is that Virustotal (do you remember?) came back clean, but if we trust this here it is bad.

 

 

 

Now - we are going over to make your PC more secure. For this I'm using a tool called SecurityCheck - it will check your update status. We will update programs if needed then. Follow the instructions carefully.

 

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

 


  • 0

#37
happyhome
Posted 02 August 2014 - 04:12 AM

happyhome

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

happyhome,

 

1. Tango is Adware if we trust this here, here and here. It is your decision if you would like to keep it or not.

 

Thank you so much for enlightening me I will put this one aside

 

Results of screen317's Security Check version 0.99.86 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
avast! Antivirus  
 Antivirus out of date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 65 
 Adobe Flash Player 14.0.0.145 
 Adobe Reader 10.1.10 Adobe Reader out of Date! 
 Mozilla Firefox (31.0)
 Google Chrome 35.0.1916.153 
 Google Chrome 36.0.1985.125 
 Google Chrome plugins... 
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast avastui.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````
 


  • 0

#38
Machiavelli
Posted 02 August 2014 - 04:20 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

happyhome,

We need to remove the tools we've used during cleaning your machine

  • Download Delfix from here and run it (If you have Windows Vista / Windows 7 / Windows 8 please do a Right click on the Delfix icon and select Run as Administrator).
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

 
 

avast! Antivirus
Antivirus out of date!

Please update your AntiVirus.
 

Adobe Reader 10.1.10 Adobe Reader out of Date!

Please update Adobe Reader.
 

Java 7 Update 65


WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java

See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)
But if you like to keep Java on your PC then make that:
Your Java is out of date
And that isn't good for your PC. 
So make that:

  • Go to this site and click 'Do I have Java'
  • It will check your current version and then offer to update to the latest version

 

 

  • Click the Start button. You can find it in the lower left corner of your screen.
  • Type "Update" in the search box.
  • Click "Windows Update." You'll be able to click this option from the list of results.
  • Click "Check for updates." You can find this option in the left pane. You will then receive a message telling you that important updates are available or that optional updates are available.
  • Click the message. This will let you view the updates that are available.
  • Select all updates (optional + important updates!).
  • Click "OK."
  • Click "Install Updates." If you're prompted for your password or confirmation, type the password and provide confirmation.

 

 

Now - how is your PC running?


  • 0

#39
happyhome
Posted 02 August 2014 - 05:11 AM

happyhome

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Hi Machi ,

I will post the defix log while I work on the update.

I will let u know ho wthe system is running when all the updates are done

 

# DelFix v10.8 - Logfile created 02/08/2014 at 19:07:39
# Updated 29/07/2014 by Xplode
# Username : Tng family - TNG-FAMILY-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Tng family\Desktop\RK_Quarantine
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\ComboFix.txt
Deleted : C:\sc-cleaner.txt
Deleted : C:\Users\Tng family\Desktop\AdwCleaner.exe
Deleted : C:\Users\Tng family\Desktop\AdwCleaner[S3].txt
Deleted : C:\Users\Tng family\Desktop\aswMBR.exe
Deleted : C:\Users\Tng family\Desktop\aswMBR.txt
Deleted : C:\Users\Tng family\Desktop\JRT.exe
Deleted : C:\Users\Tng family\Desktop\JRT.txt
Deleted : C:\Users\Tng family\Desktop\MBR.dat
Deleted : C:\Users\Tng family\Desktop\OTL.Txt
Deleted : C:\Users\Tng family\Desktop\OTL.exe
Deleted : C:\Users\Tng family\Desktop\sc-cleaner.exe
Deleted : C:\Users\Tng family\Desktop\SecurityCheck.exe
Deleted : C:\Users\Tng family\Desktop\SystemLook.exe
Deleted : C:\Users\Tng family\Desktop\SystemLook.txt
Deleted : C:\Users\Tng family\Downloads\Addition.txt
Deleted : C:\Users\Tng family\Downloads\adwcleaner_3.216.exe
Deleted : C:\Users\Tng family\Downloads\ComboFix.exe
Deleted : C:\Users\Tng family\Downloads\Fixlog.txt
Deleted : C:\Users\Tng family\Downloads\FRST.txt
Deleted : C:\Users\Tng family\Downloads\FRST64.exe
Deleted : C:\Users\Tng family\Downloads\JRT.exe
Deleted : C:\Users\Tng family\Downloads\HijackThis.msi
Deleted : C:\Users\Tng family\Downloads\RogueKiller.exe
Deleted : C:\Users\Tng family\Downloads\Shortcut.txt
Deleted : C:\windows\grep.exe
Deleted : C:\windows\PEV.exe
Deleted : C:\windows\NIRCMD.exe
Deleted : C:\windows\MBR.exe
Deleted : C:\windows\SED.exe
Deleted : C:\windows\SWREG.exe
Deleted : C:\windows\SWSC.exe
Deleted : C:\windows\SWXCACLS.exe
Deleted : C:\windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #450 [Scheduled Checkpoint | 08/02/2014 10:40:37]

New restore point created !

########## - EOF - ##########


  • 0

#40
Machiavelli
Posted 02 August 2014 - 05:35 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

OK, I waiting for your feedback then. ;)


  • 0

Advertisements

#41
happyhome
Posted 02 August 2014 - 05:36 AM

happyhome

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Hi Machi

Thank You so much for your help.

The system is running fine now . U guys are awesome. :spoton:

 

I am thinking whether it is possible for me to learn how to deal with malware .


  • 0

#42
Machiavelli
Posted 02 August 2014 - 05:40 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Hello, 
in my opinion your PC is clean.
 

I am thinking whether it is possible for me to learn how to deal with malware .

You can, please look at this thread here .
 
If you like my help here you can write a review about me (what you like, what I could do better, etc.) here. This would be great!
 
Exercise common sense
 
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to look before you leap. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully and look at the file extensions to make sure that you know what you're getting. Using peer-to-peer file sharing programs or downloading cracks and keygens is something else to avoid - the files you will be downloading are infected in the vast majority of cases, and the benefits simply aren't worth the risk to your computer.
 
Keep up on Windows updates
 
Along with keeping all of the security programs that you choose to use updated, it is also important to keep up on system updates from Microsoft, as these patch critical security vulnerabilities and help to keep you safe. Typically the windows update icon will appear in your taskbar when new updates are available, whenever you see it you should open the menu up and install the updates that are available. Although it may be an annoyance, that little bit of extra time it takes to stay updated is very well worth it instead of getting infected from an exploit and having to clean your PC again.
 
Slow computer?
 
If your computer begins to slow down again in the future for no particular reason, your first step should not be to come back to the malware forum. As your computer ages and is used, its parts wear, files and programs accumulate, and its performance speed can decrease. To restore your computer's performance to its best possible level, follow the steps in this guide written by tech expert Artellos.
 
Keep Safe!   :thumbsup:


  • 0

#43
Machiavelli
Posted 04 August 2014 - 03:35 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP