Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Browser Hijacked/Sidebar Removed - OTL Ran [Solved]


  • This topic is locked This topic is locked

#1
mom2dylkay

mom2dylkay

    Member

  • Member
  • PipPip
  • 33 posts

I have an HP Touchsmart and I believe I had McAfee running but have removed what was on it this morning to be able to get something different.  I ran the OTL on this and here is what I have going on this PC.  Last night my daughter who is on this one more than me it seems said that she found we had a browser hijacker SIDEBAR thing.  I forget the whole name of it.  I ran hijackthis and removed some thing but I may have not done that correctly.  Then I downloaded OTL and ran it.  Here is the log.  Please assist any way you can.  The SIDEBAR seems to be gone but I know it could still be hidden in the background somewhere or appear again after rebooting.  Thank you!  

 

OTL logfile created on: 9/19/2014 11:16:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\KVogler\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 50.26% Memory free
7.50 Gb Paging File | 5.12 Gb Available in Paging File | 68.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.81 Gb Total Space | 520.57 Gb Free Space | 76.13% Space Free | Partition Type: NTFS
Drive D: | 14.73 Gb Total Space | 1.82 Gb Free Space | 12.36% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 29.82 Gb Total Space | 25.71 Gb Free Space | 86.24% Space Free | Partition Type: FAT32
Drive G: | 7.45 Gb Total Space | 7.45 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: KROSS-HP | User Name: KVogler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/19 11:16:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\KVogler\Downloads\OTL (1).exe
PRC - [2014/09/04 08:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/09/03 23:01:19 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/06/20 11:46:35 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/03/26 17:06:53 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2014/03/26 17:06:11 | 001,801,168 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2014/02/20 18:07:08 | 000,338,216 | ---- | M] (Smilebox, Inc.) -- C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxTray.exe
PRC - [2013/07/23 09:08:38 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/07/14 12:29:24 | 000,026,168 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2010/07/14 12:28:12 | 000,022,072 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2010/06/23 16:09:52 | 000,432,752 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
PRC - [2010/06/23 16:09:36 | 000,125,552 | ---- | M] () -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
PRC - [2010/06/18 18:30:46 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/16 19:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2007/07/24 15:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/12 03:50:28 | 002,997,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\60e8c3eab577fe8bd21e419085a3c843\System.IdentityModel.ni.dll
MOD - [2014/09/12 03:50:25 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\9614efdd4e4b30e71fdee7888135009f\System.ServiceModel.ni.dll
MOD - [2014/09/12 03:49:41 | 002,868,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\ac8d1a31c7fbc750f0ae3e455ad11a8c\ReachFramework.ni.dll
MOD - [2014/09/12 03:47:17 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\38fdb5c1bcfbed498ea2db40ef6aa23e\PresentationCore.ni.dll
MOD - [2014/09/12 03:47:11 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\b51470d7e909c4fab01a25fd1e1c42dc\System.Windows.Forms.ni.dll
MOD - [2014/09/12 03:47:09 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\057cef93417231d7d4f8ed84841c12f1\WindowsBase.ni.dll
MOD - [2014/09/12 03:47:04 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\08fbe280b07b0401b857454aef95ea81\System.ServiceModel.Internals.ni.dll
MOD - [2014/09/12 03:47:04 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\003f540cf55cae8805bb30d8b240ec86\SMDiagnostics.ni.dll
MOD - [2014/09/12 03:47:03 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\c2d1735e9f72e974cd34063a714a309f\System.Runtime.Serialization.ni.dll
MOD - [2014/09/12 03:46:56 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3c777eb7042798554bcf10134595273e\System.Xml.ni.dll
MOD - [2014/09/12 03:46:55 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\28684b3f787d06edd1de8b574521d867\System.Core.ni.dll
MOD - [2014/09/12 03:46:52 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5ee6a5fbbf59e1c3ca14631ff12dd6ec\System.Configuration.ni.dll
MOD - [2014/09/12 03:46:50 | 010,061,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9b943fcb3af2101cfb3467161c6ac0ed\System.ni.dll
MOD - [2014/09/03 23:01:18 | 000,331,592 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll
MOD - [2014/09/03 23:01:16 | 008,577,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
MOD - [2014/09/03 23:01:12 | 001,098,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
MOD - [2014/09/03 23:01:10 | 000,174,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
MOD - [2014/09/03 23:01:09 | 001,660,232 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
MOD - [2014/02/13 04:06:51 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/02/13 04:06:24 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/02/06 01:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/06 01:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/06/14 16:19:42 | 000,062,112 | ---- | M] () -- C:\Program Files (x86)\EMET 4.0\EMET_CE.dll
MOD - [2012/09/08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012/09/08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2010/05/19 14:05:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/05/19 14:05:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/05/19 14:05:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/08/22 15:14:34 | 000,368,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/08/22 15:14:34 | 000,023,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2014/08/18 18:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/12 02:16:12 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/11/17 07:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/15 12:13:06 | 000,127,272 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009/07/15 12:13:02 | 005,414,184 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2014/09/10 05:54:27 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/04 08:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/28 16:05:58 | 000,178,160 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- C:\Program Files (x86)\Coupons\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2014/03/26 17:06:53 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/07/05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2011/12/22 15:00:47 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/07/14 12:28:12 | 000,022,072 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2010/06/23 16:09:36 | 000,125,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe -- (DTSRVC)
SRV - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/16 19:34:34 | 000,109,168 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/02/24 17:42:56 | 000,386,424 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/09/28 09:42:50 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/16 13:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2007/07/24 15:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2014/07/17 18:05:06 | 000,125,584 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/06 09:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/22 14:58:32 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/11 07:37:32 | 000,408,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/07/13 21:57:08 | 000,069,736 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2010/06/18 18:31:30 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/05/12 02:46:18 | 006,790,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/12 01:24:20 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/20 15:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/01/30 17:29:52 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2008/04/16 15:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/16 15:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2007/02/15 20:11:26 | 000,012,976 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WacomVKHid.sys -- (WacomVKHid)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{04DEBFB8-06B7-4E88-8292-5BF7D79559ED}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{47A4B628-31E9-429A-A606-CDC7D5013AC8}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{49B5713C-98B6-4124-93E5-3A6F8E441178}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{E24DA2F1-F494-4506-9BF2-26DB37F61856}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{04DEBFB8-06B7-4E88-8292-5BF7D79559ED}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{47A4B628-31E9-429A-A606-CDC7D5013AC8}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{49B5713C-98B6-4124-93E5-3A6F8E441178}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKLM\..\SearchScopes\{E24DA2F1-F494-4506-9BF2-26DB37F61856}: "URL" = http://search.yahoo....psg&type=HPDTDF
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B3 82 36 01 5E 77 16 46 BE 9C 43 98 BB 0B 15 E7  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperba...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "Road Runner Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?...7&ocid=UP97DHP"
FF - prefs.js..extensions.enabledAddons: [email protected]:2.5
FF - prefs.js..extensions.enabledAddons: {e4878b45-e2c0-4307-b6e8-734922f92f5b}:3.19.0.3
FF - prefs.js..extensions.enabledAddons: [email protected]:2.1
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.11.0.13348
FF - prefs.js..extensions.enabledAddons: {6607f251-d663-1e9c-5c15-2cb413a09c1e}:1.1
FF - prefs.js..extensions.enabledAddons: [email protected]:18.1.7.598
FF - prefs.js..keyword.URL: "http://mysearch.avg....2:01&sap=ku&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.0.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.0.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2014/05/21 18:50:14 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: c:\Program Files (x86)\Virtual Earth 3D\ [2014/05/21 18:50:14 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\KVogler\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\KVogler\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\KVogler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator: C:\Users\KVogler\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox [2012/05/24 16:16:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/09/09 10:35:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/19 10:33:54 | 000,000,000 | ---D | M]
 
[2013/06/06 19:47:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KVogler\AppData\Roaming\mozilla\Extensions
[2014/06/21 10:40:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions
[2014/06/21 10:40:45 | 000,000,000 | ---D | M] ("Shopop Widget") -- C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}
[2014/01/23 13:36:59 | 000,000,000 | ---D | M] (Road Runner Community Toolbar) -- C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}
[2014/01/23 13:36:58 | 000,037,942 | ---- | M] () (No name found) -- C:\Users\KVogler\AppData\Roaming\mozilla\firefox\profiles\guu3u9oy.default\extensions\[email protected]
[1832/11/29 00:44:26 | 000,004,804 | ---- | M] () (No name found) -- C:\Users\KVogler\AppData\Roaming\mozilla\firefox\profiles\guu3u9oy.default\extensions\[email protected]
[2014/06/21 10:40:58 | 000,002,025 | ---- | M] () -- C:\Users\KVogler\AppData\Roaming\mozilla\firefox\profiles\guu3u9oy.default\searchplugins\search-here.xml
[2014/06/11 12:18:40 | 000,022,860 | ---- | M] () -- C:\Users\KVogler\AppData\Roaming\mozilla\firefox\profiles\guu3u9oy.default\searchplugins\Web Search.xml
[2012/09/20 19:37:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/14 19:29:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/10/14 19:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/14 19:29:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAMDATA\AVG SAFEGUARD TOOLBAR\FIREFOXEXT\18.1.7.598
[2011/12/21 03:24:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2014/03/20 20:45:43 | 000,248,304 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2014/08/28 16:29:31 | 000,248,304 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/12/21 00:30:41 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2014/08/11 08:57:25 | 000,003,748 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
[2012/09/20 19:23:53 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2011/12/21 00:30:41 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager  (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\KVogler\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Hulu Desktop (Enabled) = C:\Users\KVogler\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpinjhlpmg\0.8_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl\1.5.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce\2.0.3_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.4.7_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom\2.0.0_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.5_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.17_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb\0.0.0.3_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.6.12_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljmkmbmhmgmpmmbkagbobpmpocacdbo\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp\1.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb\2.4_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh\1.0.6_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd\2.0.4_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic\7.1.7_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh\1.2_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh\1.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhkdighkjbghfkkelkgdlmbkjopoali\0.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg\1.0_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg\0.5_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm\1.5.0_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao\1.0.9_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.8_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna\1.2.0.4_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcnpokbajkllnoffpnidngefobkpglbg\1.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhgffcfekbglhpcdjkhhjekhdnddkflg\1.5_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj\1.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjibidejkfaggepnbcnobhinfpojlcmb\5.890_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.10_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln\1.0.7_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo\1.1.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffmfbhcjemfledhndnpllechagamlfp\1.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofddcjfikfghkmoapnjnmmflbcjohbic\0.0.0.3_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: No name found = C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pllkgmcojhajjmojfoagiegoibjognlc\1.0.4_0\
 
O1 HOSTS File: ([2014/09/19 10:25:25 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (Wisdom-soft toolbar) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files (x86)\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Wisdom-soft toolbar) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files (x86)\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Wisdom-soft toolbar) - {6DFC55BB-BFFF-485A-9709-90C3FDF6DB58} - C:\Program Files (x86)\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [DT HPO] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe ()
O4 - HKLM..\Run: [EMET Agent] C:\Program Files (x86)\EMET 4.0\EMET_agent.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Installer] "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r  /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml" File not found
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\KVogler\AppData\Local\Smartbar\Application\Shopop.exe startup File not found
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Facebook Update] C:\Users\KVogler\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_3F7885D730C6246880E3540AFCD030AF] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [HP Photosmart 5520 series (NET)] C:\Program Files\hp\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [SmileboxTray] C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8:64bit: - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect121.cab (GMNRev Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EDE1771-1218-45E7-B2A2-D1D4466C33E4}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\PFW: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/09 19:30:57 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{236a7a58-1621-11e3-afee-da112998330f}\Shell - "" = AutoRun
O33 - MountPoints2\{236a7a58-1621-11e3-afee-da112998330f}\Shell\AutoRun\command - "" = I:\TL-Bootstrap.exe
O33 - MountPoints2\{326a057d-da9f-11e2-97cd-c82f88bf0008}\Shell - "" = AutoRun
O33 - MountPoints2\{326a057d-da9f-11e2-97cd-c82f88bf0008}\Shell\AutoRun\command - "" = I:\TL-Bootstrap.exe
O33 - MountPoints2\{326a05b7-da9f-11e2-97cd-c82f88bf0008}\Shell - "" = AutoRun
O33 - MountPoints2\{326a05b7-da9f-11e2-97cd-c82f88bf0008}\Shell\AutoRun\command - "" = I:\TL-Bootstrap.exe
O33 - MountPoints2\{cab21cb2-4b46-11e2-b408-c80aa9ff7b7b}\Shell - "" = AutoRun
O33 - MountPoints2\{cab21cb2-4b46-11e2-b408-c80aa9ff7b7b}\Shell\AutoRun\command - "" = I:\TL-Bootstrap.exe
O33 - MountPoints2\{cab21ccc-4b46-11e2-b408-c80aa9ff7b7b}\Shell - "" = AutoRun
O33 - MountPoints2\{cab21ccc-4b46-11e2-b408-c80aa9ff7b7b}\Shell\AutoRun\command - "" = I:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/19 10:34:14 | 000,000,000 | ---D | C] -- C:\Users\KVogler\Desktop\GooredFix Backups
[2014/09/19 10:25:17 | 000,000,000 | ---D | C] -- C:\_OTM
[2014/09/19 01:49:17 | 000,000,000 | ---D | C] -- C:\Users\KVogler\AppData\Local\{C36E8F83-8B66-4969-B66B-A70E0D7BF655}
[2014/09/18 13:48:24 | 000,000,000 | ---D | C] -- C:\Users\KVogler\AppData\Local\{27FE60C1-F20F-449D-B056-34F1852479E5}
[2014/09/12 07:31:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/09/09 15:31:51 | 000,000,000 | ---D | C] -- C:\Users\KVogler\AppData\Roaming\Incline Software
[2014/09/09 10:04:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/09/08 12:18:23 | 000,000,000 | ---D | C] -- C:\Users\KVogler\Documents\Geneology Info
[2014/09/08 12:12:26 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2014/09/02 12:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/09/02 12:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/09/02 12:41:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/09/02 12:41:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/09/02 12:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/08/26 17:00:39 | 000,000,000 | ---D | C] -- C:\Users\KVogler\Documents\Kaylan 2014 DHS Classes
[2014/08/24 21:29:09 | 000,000,000 | ---D | C] -- C:\Users\KVogler\AppData\Local\{3177A577-4233-44CD-AFA6-D45C84C12598}
[2014/08/23 17:58:03 | 000,000,000 | ---D | C] -- C:\Users\KVogler\AppData\Local\{39EE902D-A547-4803-B0C3-970EDFA67B9B}
[2014/08/23 17:47:26 | 000,000,000 | ---D | C] -- C:\Users\KVogler\AppData\Local\{7372C8AB-5557-4510-B7BD-2D2C5869AC6E}
[2013/08/18 13:26:46 | 002,162,416 | ---- | C] (Catalina Marketing Corp) -- C:\Users\KVogler\AppData\Local\BcsKtYcHW.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/19 11:15:35 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/19 11:15:35 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/19 11:08:33 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/09/19 11:08:25 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/19 11:08:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/19 11:08:08 | 3019,345,920 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/19 10:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/19 10:51:45 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/19 10:25:25 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/09/19 09:15:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000UA.job
[2014/09/18 15:15:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000Core.job
[2014/09/16 20:09:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKVogler.job
[2014/09/12 03:26:19 | 000,775,462 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/12 03:26:19 | 000,662,712 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/12 03:26:19 | 000,122,766 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/12 03:26:12 | 000,775,462 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/12 03:07:43 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/09/10 16:54:29 | 000,002,104 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/08 11:27:47 | 000,003,582 | ---- | M] () -- C:\Users\KVogler\Documents\famgrec.gif
[2014/09/06 10:33:27 | 000,203,593 | ---- | M] () -- C:\Users\KVogler\Documents\SPServicing_PayoffQuote_92014.pdf
[2014/09/06 00:22:20 | 000,096,881 | ---- | M] () -- C:\Users\KVogler\Documents\Pedigree View - RossAncestry.pdf
[2014/09/06 00:17:25 | 000,062,433 | ---- | M] () -- C:\Users\KVogler\Documents\Pedigree View RichardDaleRossTree.pdf
[2014/09/05 11:47:53 | 000,123,339 | ---- | M] () -- C:\Users\KVogler\Documents\Pedigree View - RossJoseph.pdf
[2014/09/02 12:42:36 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/28 16:29:27 | 000,444,912 | ---- | M] () -- C:\Windows\CouponPrinter.ocx
[2014/08/28 16:29:26 | 000,659,440 | ---- | M] () -- C:\Windows\couponprinter_x64.ocx
[2014/08/28 03:18:43 | 000,313,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/25 21:44:18 | 000,001,243 | ---- | M] () -- C:\Users\KVogler\Desktop\HP Scan (2).lnk
[2014/08/25 21:43:17 | 000,177,119 | ---- | M] () -- C:\Users\KVogler\Documents\civicsyllabus.pdf
[2014/08/25 21:35:35 | 000,002,006 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
 
========== Files Created - No Company Name ==========
 
[2014/09/08 11:27:45 | 000,003,582 | ---- | C] () -- C:\Users\KVogler\Documents\famgrec.gif
[2014/09/06 10:33:25 | 000,203,593 | ---- | C] () -- C:\Users\KVogler\Documents\SPServicing_PayoffQuote_92014.pdf
[2014/09/06 00:22:18 | 000,096,881 | ---- | C] () -- C:\Users\KVogler\Documents\Pedigree View - RossAncestry.pdf
[2014/09/06 00:17:23 | 000,062,433 | ---- | C] () -- C:\Users\KVogler\Documents\Pedigree View RichardDaleRossTree.pdf
[2014/09/05 11:47:51 | 000,123,339 | ---- | C] () -- C:\Users\KVogler\Documents\Pedigree View - RossJoseph.pdf
[2014/09/02 12:42:36 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/25 21:44:18 | 000,001,243 | ---- | C] () -- C:\Users\KVogler\Desktop\HP Scan (2).lnk
[2014/08/25 21:41:45 | 000,177,119 | ---- | C] () -- C:\Users\KVogler\Documents\civicsyllabus.pdf
[2014/08/25 21:35:35 | 000,002,006 | ---- | C] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/08/16 00:23:00 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2014/08/14 22:45:08 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/08/13 18:00:24 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Automator
[2014/08/13 18:00:24 | 000,000,268 | RH-- | C] () -- C:\Users\KVogler\AppData\Roaming\Audio Unit Effect
[2014/08/13 18:00:24 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2014/08/13 17:59:18 | 000,000,268 | RH-- | C] () -- C:\ProgramData\BSD
[2014/08/13 17:59:18 | 000,000,268 | RH-- | C] () -- C:\Users\KVogler\AppData\Roaming\Audio Units
[2014/08/13 17:59:18 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2014/08/13 17:59:17 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Automatic Filter
[2014/08/13 17:59:17 | 000,000,268 | RH-- | C] () -- C:\Users\KVogler\AppData\Roaming\Audio
[2014/08/13 17:59:17 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2014/06/26 12:36:41 | 000,004,535 | ---- | C] () -- C:\Users\KVogler\AppData\Roaming\CamStudio.cfg
[2014/06/26 12:36:41 | 000,000,408 | ---- | C] () -- C:\Users\KVogler\AppData\Roaming\CamShapes.ini
[2014/06/26 12:36:41 | 000,000,408 | ---- | C] () -- C:\Users\KVogler\AppData\Roaming\CamLayout.ini
[2014/06/26 12:36:41 | 000,000,127 | ---- | C] () -- C:\Users\KVogler\AppData\Roaming\Camdata.ini
[2014/06/26 12:30:12 | 000,000,096 | ---- | C] () -- C:\Users\KVogler\AppData\Roaming\version2.xml
[2013/10/12 10:21:43 | 000,000,067 | ---- | C] () -- C:\Windows\UniqueGiftMaker.INI
[2013/08/18 13:26:43 | 000,893,239 | ---- | C] () -- C:\Users\KVogler\AppData\Local\a.zip
[2013/06/06 19:47:18 | 000,033,958 | ---- | C] () -- C:\ProgramData\uninstaller.exe
[2013/05/22 11:21:06 | 004,325,376 | ---- | C] () -- C:\ProgramData\ReadOnlyInstaller.msi
[2012/12/30 16:47:46 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2012/11/21 12:23:37 | 000,001,456 | ---- | C] () -- C:\Users\KVogler\.recently-used.xbel
[2011/09/26 22:52:29 | 000,000,000 | ---- | C] () -- C:\Users\KVogler\AppData\Local\{81B4D670-2E7A-4B74-AFD4-9FFB9F0216F9}
[2011/07/05 12:47:20 | 000,000,632 | RHS- | C] () -- C:\Users\KVogler\ntuser.pol
[2011/02/28 13:43:31 | 000,014,848 | ---- | C] () -- C:\Users\KVogler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/22 09:56:19 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/08/07 17:19:14 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\.minecraft
[2014/04/20 16:35:42 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\.technic
[2012/03/09 07:36:21 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Amazon
[2011/05/18 14:15:55 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Catalina Marketing Corp
[2013/08/18 13:26:42 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Catalina – Print Savings
[2012/12/30 16:25:58 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\CheckPoint
[2014/06/16 18:54:12 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\CobraNavUpdater
[2011/02/22 09:54:30 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\DisplayTune
[2013/08/09 19:23:19 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\FrostWire
[2013/10/22 13:01:44 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\FUJIFILM
[2014/06/26 12:19:12 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\gtk-2.0
[2014/09/09 15:31:51 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Incline Software
[2014/07/19 12:56:38 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\java
[2012/11/17 10:51:12 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Medstrat
[2014/08/02 01:00:59 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Origin
[2011/02/22 09:41:08 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\PictureMover
[2011/05/11 00:49:05 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\PlayFirst
[2014/03/08 03:18:33 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Smilebox
[2012/08/20 17:45:51 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Softland
[2012/07/02 12:18:05 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Spotify
[2012/02/17 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\SupportSoft
[2012/09/13 15:32:09 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\SYSTEMAX Software Development
[2014/01/04 15:59:39 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Systweak
[2011/02/24 21:46:15 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Tific
[2013/11/10 21:36:47 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Unity
[2011/06/15 13:12:51 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\WeatherBug
[2011/02/22 10:12:37 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\WildTangent
[2011/03/02 19:23:36 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\WinBatch
[2012/02/11 11:04:30 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Windows Live Writer
[2013/06/24 16:19:46 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\WTouch
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 2140 bytes -> C:\Users\Public\Desktop\Myst III: Exile.lnk
 
< End of report >
 

OTL Extras logfile created on: 9/19/2014 11:16:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\KVogler\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 50.26% Memory free
7.50 Gb Paging File | 5.12 Gb Available in Paging File | 68.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.81 Gb Total Space | 520.57 Gb Free Space | 76.13% Space Free | Partition Type: NTFS
Drive D: | 14.73 Gb Total Space | 1.82 Gb Free Space | 12.36% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 29.82 Gb Total Space | 25.71 Gb Free Space | 86.24% Space Free | Partition Type: FAT32
Drive G: | 7.45 Gb Total Space | 7.45 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
 
Computer Name: KROSS-HP | User Name: KVogler | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\CA Personal Firewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B45902-58A1-47F1-9D60-3B8D4B3977C6}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"{03DBE0E9-351E-481F-B584-6D77140A3ACB}" = lport=139 | protocol=6 | dir=in | app=system | 
"{05A6E4D7-1343-423E-B21D-32BF23E3C714}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{071377A5-F97B-431D-B21F-8DA67CE09F58}" = lport=138 | protocol=17 | dir=in | app=system | 
"{0BB67F4B-4417-41F2-B33D-7D22F5FBA951}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{0F54AAD6-7A11-416C-868A-33B7CB7D9143}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{15C6C6DC-E0FA-41FA-A65F-05FF5B19AF6D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1685E433-E419-4EDE-A457-EE213D07D7AC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{1DA28E7B-1FEF-4254-9883-94D2C06A8425}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2122C723-D59C-44C1-90BB-0116A73556F0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{24A76C3A-964B-48AD-9926-6D6204426831}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2EEFA254-DCC2-494D-A3EE-A256C1A2CE5A}" = lport=445 | protocol=6 | dir=in | app=system | 
"{32957674-FBFB-4425-8C7D-33F1EA2D372C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{32D17C08-C98C-459D-B970-9B967738320D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4079722A-A6B6-46D2-A3B9-8840E9325B8F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{44C1F326-7D4E-4252-AB5C-D2B2548B5BBD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{533463D4-5AC4-43A0-A0BF-90D13FD2032A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{559A6D08-067A-4254-85A3-C8F520BCAD27}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{5723C1A0-EC8A-432C-AE0C-A59D16A38787}" = rport=139 | protocol=6 | dir=out | app=system | 
"{589BB098-C0AC-4BA5-8E7F-7485E8D4B1A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{65D9489D-7564-4CF7-8400-293B23ADCD90}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{690BAEBC-F311-4461-B98E-D011F9C1C450}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{77859555-32BB-43EF-AFE4-57053F7767C8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7EDF32B0-7477-43F6-9AE5-10B690FBF302}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8E9440C4-9ECC-4EFE-B3D8-94C3839AB573}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{90857ECF-BE2B-403C-B848-F2A29F0C8389}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{92445B78-909E-410F-9292-690CBA208D08}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{A1988CD3-651B-4FC1-B8FF-B1B83764C6FF}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{B3D38B13-5F0C-4C05-9C12-9823F644ECDE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B71DA9AF-F5F2-4AEC-B19B-563447712D22}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C59AD052-EA59-43E3-9228-6E48F65501F4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{CCE99D63-C1BB-4E96-B31D-D9CEB3A079AD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{D4968415-2C94-407C-AA05-B64BEFCDF315}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{D9F889C2-0BFC-4F77-B95C-EFD37573383E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{E018EB08-DC20-4AC7-80A4-F2481B3B971A}" = lport=137 | protocol=17 | dir=in | app=system | 
"{E08A5031-63D7-48D2-9053-C3866E243FF7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{E516B070-3755-41EB-8F77-F00ECF6B150F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E57FFB4D-54ED-4049-8D25-B3D79C5D7C6D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E6D0677D-945E-4F24-A23F-F5BB04B6B00D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E90C5598-BF91-40B9-94B0-C4A65DAC72F4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{ED1F3985-5F29-4BB6-A678-C11B0B3BAF32}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{F38925DC-8A9C-4E34-8087-1A29728B926B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F4AFCA11-54A1-4715-88C6-36D385DF67D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 | 
"{FE5C75E6-C187-49E3-94F2-32620D555CF0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FFD37D86-A0DC-40B1-BD72-F287D5FF1464}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06E34997-19C6-4134-BCC7-7A54196B5531}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{094FC048-6135-473A-ABC6-D5E5CF162019}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{09FF8FBB-FC1E-4FF7-8B79-ECBAF0E452A9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 
"{11CD4D51-A149-4262-89A4-AB60616D3119}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
"{12977641-000E-4712-9F17-C44F6FD659C2}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{14BB24E0-C4E8-481F-BB21-DEC73BAA3650}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe | 
"{2539585F-6D60-43B5-9F9F-15B007E99857}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{259940D6-4B94-4B3E-A737-7A4458D3D4A7}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\cinemanow\cinemanow.exe | 
"{266C045C-DD3C-4999-AF52-F2C4C80BB490}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{26DE910C-D799-43FE-AFF4-86144686FDA5}" = protocol=6 | dir=out | app=system | 
"{28689DF6-F2A0-4A2C-BAEB-204C5980B9B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2DE75571-9A6A-40CA-8DEA-0BA90DA17D68}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\devicesetup.exe | 
"{2FAA5872-1732-4812-99D2-096CE0CA0094}" = dir=in | app=c:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe | 
"{3E1E464F-A840-4C4B-9A2A-7C86696862CD}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{42CBA462-AA0D-4B77-862B-B42A705C79D9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{43154E03-58D6-489F-AA10-EEFE73FF2996}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\photo\photoagent.exe | 
"{4440C515-CDB0-4F08-A486-7182EFD9C582}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4A2B8E5D-8E65-4742-ACE7-DC4C91D1F7DD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{50C1B02C-05C8-4339-9F47-865ED56B0291}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{59483915-8836-41C9-8E35-4004A61234BC}" = protocol=58 | dir=in | [email protected],-148 | 
"{5D743575-488F-4024-83AF-D6D24CEF2081}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{5E63209C-CCAF-42D9-91D7-43663EB43549}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{603D1938-6DEF-4D9E-9B5F-021DDA44CC33}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | 
"{6289D38E-2177-4DD4-B4E5-8378DD9D4092}" = protocol=1 | dir=out | [email protected],-28544 | 
"{63C43830-154B-4EB7-A18F-C6C2211922DC}" = protocol=6 | dir=in | app=c:\users\kvogler\appdata\local\temp\7zs1a06\hpdiagnosticcoreui.exe | 
"{66879124-C30C-4006-8261-2A5C1B2FA025}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{726A024B-F6A6-4465-AB14-510495D5AF14}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | 
"{74C45906-7C91-4BEC-B037-6EF5B0D0842A}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\video\hptouchsmartvideo.exe | 
"{761DB7CE-5747-4B8A-AF50-107A1F5AE677}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\the sims 2 ultimate collection\fun with pets\sp9\tsbin\sims2ep9.exe | 
"{7BC681E9-F213-4CD4-A69B-22D5A615D752}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\cinemanow\cinemanow.exe | 
"{7F8C303B-19A3-4CAB-B229-1C137CB11BF9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{828C4E82-D7EC-4A8A-8834-D21430F69710}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{839351F0-E446-4BA1-8257-FE4263D46D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{88F5369B-E2EB-4404-B519-CC73972AE3F9}" = protocol=58 | dir=in | [email protected],-28545 | 
"{89E5A527-8128-43FF-8C60-17A760ECCC56}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe | 
"{922F9ED8-12CA-41DB-8BDA-F58CC0EFDE2D}" = dir=in | app=c:\users\kvogler\appdata\local\facebook\video\skype\facebookvideocalling.exe | 
"{97DB9D55-D36A-493D-9042-DF9F418DCCBD}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | 
"{9CA1D2F0-97A9-43CA-9FAA-77C2FA18FE07}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A083DD51-170A-4467-8E87-8F36D50238AF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A917C931-1E78-43CE-9B38-E7292CB4C5E1}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\photo\hptouchsmartphoto.exe | 
"{B12F1C40-730D-4664-B8EF-A20CD4263227}" = protocol=1 | dir=in | [email protected],-28543 | 
"{B7545608-0B52-4F6D-A497-6EF632F714A6}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe | 
"{B8843ACF-46F1-47B7-978F-89C81D375765}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{BD16D221-BB6D-44AC-9C74-B870BB33F8C5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C0EF1904-8643-4848-9C28-002561FCFB2D}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe | 
"{C8E7B046-C874-4458-9669-E8218D1E90AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{CAEEC9E3-9179-45B2-B42D-50E5323DD59D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe | 
"{D87C5C26-4DAF-43C9-892E-D1B68F6EE035}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E0478B84-C26B-4A4A-A191-E99272197042}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{E1BC8ACB-0155-46D9-839C-CDEC0CE7F42B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E1E17D53-3FCA-4833-8FC2-47630EC0B61A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\the sims 2 ultimate collection\fun with pets\sp9\tsbin\sims2ep9.exe | 
"{E31E9C53-F528-4A7E-B0E2-1823BEF62831}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{E91681B3-52DB-4B44-BFC5-FF19A7D9753F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EAF10246-9A3B-4B53-883D-107399B1ECED}" = protocol=58 | dir=out | [email protected],-28546 | 
"{EC668647-7756-49A9-A237-828655CEF92D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{ED6A7DD9-5EC8-48C5-99B7-00A3A71A22F7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F0F409EB-2D73-4021-AC07-BBA84AF25ACC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{F3C30BBA-312B-4CD8-80D1-110BD1B070A8}" = protocol=17 | dir=in | app=c:\users\kvogler\appdata\local\temp\7zs1a06\hpdiagnosticcoreui.exe | 
"{FFB49773-538A-41B2-915B-182B91EB7BC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{0395C51D-1024-4D33-BB4C-C49C2F635CDE}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | 
"TCP Query User{0B49DD7E-FD84-481B-8271-0C12137BAD72}C:\program files\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe | 
"TCP Query User{175ED75A-4FB9-46AE-B227-6650CDA58393}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{5FD99AB0-A56B-437D-A7D8-39C379554283}E:\echoes.exe" = protocol=6 | dir=in | app=e:\echoes.exe | 
"TCP Query User{93334862-5BF9-4CE0-976D-A0B016BEBB08}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{A88F62B5-8032-4254-B74C-D087F08AE1CF}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{C86DF42A-35AD-43F7-8F63-03293559662E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{D3B6FA70-D972-4E61-9F7C-CFC9831B5730}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"TCP Query User{F05F68FE-63AB-4F4A-B72D-B4C4EB7616D8}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{F78225C3-8760-4522-A5A9-4FFCE98FFB88}C:\program files\java\jre8\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe | 
"UDP Query User{001EB91A-D2BC-4C7C-A08E-585F974F2A1A}C:\program files\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe | 
"UDP Query User{0CD41044-5243-446B-9A3A-9CAD94D17D30}E:\echoes.exe" = protocol=17 | dir=in | app=e:\echoes.exe | 
"UDP Query User{27A75A50-3D2C-4B95-93D8-46FAC51D6464}C:\program files\java\jre8\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre8\bin\javaw.exe | 
"UDP Query User{615CE5B7-252C-44CB-8713-00C694F62E1F}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{7531C580-143B-4B4D-8148-E1C743F62AAC}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{7CDAB9A5-B22C-4711-A308-900EE45B618F}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe | 
"UDP Query User{A32EF341-1D8A-4FB8-9584-C3F73DA6D041}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{B7D184B1-F50E-406C-9767-52D04F2C86BA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{C2BA1E36-0FD9-4AF5-8E80-0475812B8626}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{E535AC33-F469-4584-BFDF-87966DA0CD11}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{04B83666-3A62-452B-85D3-70F8117F2329}_is1" = CamStudio 2.7.2
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{26A24AE4-039D-4CA4-87B4-2F86418000FF}" = Java 8 (64-bit)
"{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{635BE602-BB9C-4C59-8CC5-93F9366E8A21}" = ViewNX 2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{68C0736C-3E47-43A6-B14D-236BEF198A5F}" = HP Photosmart 5520 series Basic Device Software
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{77DE5105-D05E-448C-96CB-7FA381903753}" = iTunes
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88B6E7E4-2D44-9C8D-1B7E-1131C8B0D111}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}" = Paint.NET v3.5.8
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}" = HP Photosmart 5520 series Product Improvement Study
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E2D662AD-3FE3-26C5-5540-90E4974EF412}" = ATI Catalyst Install Manager
"CCleaner" = CCleaner
"doPDF 7 printer_is1" = doPDF 7.3 printer
"Microsoft Security Client" = Microsoft Security Essentials
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{6807F13C-A925-4DD8-80C0-24D93A6FFE83}" = HP TouchSmart Paint it! by Corel
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{0134AC9F-A694-4A95-B554-D6A1271EC50C}" = HP TouchSmart eBay
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP TouchSmart Webcam
"{02EABF5D-E535-4A0F-8658-C1F4BF25850C}" = HP TouchSmart Paint it! by Corel - Langauge
"{04450C18-F039-4B81-A621-70C3B0F523D5}" = The Sims 2: Ultimate Collection
"{053BC793-EB2F-48B6-AB61-6B76CCCCB041}" = HP TouchSmart Clock
"{05CA9AF2-E06D-3991-887C-FC5822D5468A}" = CCC Help Chinese Standard
"{06A1431C-C951-4A9B-8732-04827497BF25}" = HP TouchSmart Paint it! by Corel - Langauge
"{07BF9DB6-69AE-4070-EFBC-44C5BB3E10D2}" = CCC Help Finnish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0ACB0830-631B-4C84-81CD-0B33E8129964}" = HP TouchSmart Paint it! by Corel - Langauge
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C49FC5B-B846-4430-83BA-4F5DD481DC53}" = HP TouchSmart Paint it! by Corel - Langauge
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{104BEA41-8EC0-B483-04AA-FAB143CBBCAE}" = Catalyst Control Center Core Implementation
"{11070051-3806-4F34-8F1D-A7874ADC296C}" = HP TouchSmart Paint it! by Corel - Core
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{157A2E65-1D59-4BE2-BBD4-D16A14EEF959}" = HP TouchSmart Canvas
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1D4B453A-6C34-FEDF-4B69-C026E2E58655}" = CCC Help Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}" = HP My Display TouchSmart Edition
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7019BB-1C9A-4E54-9B59-1744629E63B1}" = EMET 4.0
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{22CD5AA1-C28D-458A-AC3D-FB30F74111F9}" = HP TouchSmart Calendar
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 67
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29CE5C81-B7F9-40EA-997E-606C09F515A6}" = HP TouchSmart Weather
"{29F19C52-0B82-4741-8015-8D46E28638EC}" = HP TouchSmart Twitter
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2CE4119A-FF7F-3EE6-42A4-EB53C6057FFE}" = Zinio Reader 4
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP TouchSmart Video
"{32A2B967-279F-457D-B767-76352DA2F108}" = HP TouchSmart
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{338556DF-B61E-26A0-4DF9-F95658B3454B}" = CCC Help Czech
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37220538-53F8-728A-C7EA-92ABD78CA94B}" = Catalyst Control Center Graphics Full Existing
"{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}" = Catalina Savings Printer
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3C19AEEC-7779-4FA5-A1DA-AEB93E674294}" = Corel Paint it! touch - IPM
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{3DAB1C09-2B6C-4FEE-2B95-EABAAF7002FB}" = CCC Help Portuguese
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITE Infrared Transceiver
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{42D10994-A566-495D-A5E7-D0C6B5C6B35C}" = HP Product Detection
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4513B67A-61E4-D7BF-6381-657581C9097C}" = CCC Help Korean
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4F524A2D-5637-4300-76A7-A758B70C0A06}" = Ask Toolbar
"{5031851B-1BC3-EAB0-AC16-7D5FF880502C}" = Catalyst Control Center Localization All
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{541BE6FB-36AD-4E09-BB17-BFE43C68F980}" = Shopop
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5924CA2E-D145-87A2-CB65-39313C0D825C}" = Catalyst Control Center Graphics Previews Vista
"{5932A032-0BD3-4EEA-9FC3-5E4C98B770C5}" = HP TouchSmart Paint it! by Corel - Langauge
"{5A9DADC3-6C03-4C83-8622-60405126D1E0}" = HP TouchSmart Notes
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{5CBE8F58-049D-49FE-B4E3-A23CF3194771}" = HP TouchSmart Paint it! by Corel - Langauge
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{67AAEC8B-9A0C-154E-21F8-0AEF4A05E98D}" = CCC Help Chinese Traditional
"{6807F13C-A925-4DD8-80C0-24D93A6FFE83}" = HP TouchSmart Paint it! by Corel - ICA
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{6FA22C59-53A4-6C24-4E2B-8024838F1016}" = CCC Help German
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{713578E2-16BA-B3C5-A1D3-147F4BD6CE14}" = CCC Help French
"{7137E26A-10F7-4B1C-9980-0893579E92DA}" = HP Photosmart 5520 series Help
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{766486B3-441B-4376-A5F8-0AE2E4BDFB3C}" = HP TouchSmart Paint it! by Corel - Langauge
"{769FA062-69D1-4456-8624-13EC3880787E}" = HP TouchSmart Paint it! by Corel - Langauge
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777E6DA6-2487-4A56-0FAB-07C9F82B9C18}" = CCC Help English
"{77B559D7-CBF8-43FE-90BB-BDB6A30E9B61}" = HP TouchSmart Paint it! by Corel - Langauge
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{7D1CE80E-3EAE-441E-BE97-625F9ABD07D9}" = Myst Masterpiece Edition
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{858CA5A0-9A7E-3D84-679F-5934B22255A8}" = CCC Help Spanish
"{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1" = HP TouchSmart Tutorials
"{864BC409-6229-452C-B1FD-FA960D13F824}" = HP TouchSmart Paint it! by Corel - Langauge
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88E2586F-E0D5-A3E3-B84F-4CC6E86F4D23}" = Catalyst Control Center Graphics Full New
"{89DE8F46-0495-46F7-94EB-DC6AA71BD3EE}" = HP TouchSmart Browser
"{8ABB6A99-E2D5-47E4-905A-2FD4657D235E}" = HP TouchSmart RSS
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D016DB5-8672-0757-F228-32BF04278665}" = Catalyst Control Center Graphics Light
"{8DB462BD-8372-47F1-9356-210BE357B1A8}" = HP TouchSmart Default Magnets
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP TouchSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95251A23-7B7A-BFA7-C812-9A0E4EC04120}" = CCC Help Japanese
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B51638F-A1F3-05B5-46A1-B54A025766E1}" = CCC Help Dutch
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CEE002F-22B8-4335-8D55-A1EE852C8072}" = HP TouchSmart Paint it! by Corel - Langauge
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F05B89E-2873-11D5-9E9D-0050DA1EA555}" = Myst III: Exile
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1CE6220-A44F-4B0B-B445-738ACB55C25D}" = HP TouchSmart RecipeBox
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2E5F2AA-2996-41EA-BCCD-9FD0476A5326}" = TWC Customer Controls
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}" = Evernote v. 4.6.7
"{A6D0B261-9CF1-1C7E-5A5C-6D42EE9AE9E6}" = CCC Help Italian
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB92BB15-CF56-0490-64D9-06DD82522CC5}" = CCC Help Turkish
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.12)
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B1588559-57A0-5948-0A3F-F768AC350F29}" = CCC Help Thai
"{B191C95B-7E4A-6419-F332-307810CE4FA5}" = ccc-core-static
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4DFE240-836F-3EA4-B764-BE778EB7B86B}" = CCC Help Norwegian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B770307B-2E7E-4BAD-BF75-1511A76AD277}" = HP TouchSmart Paint it! by Corel - Content
"{B88CCDC2-96EB-448F-B709-0AF1FCD624A6}" = HP Bubble Wrap for TouchSmart
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BD30FF0E-FFD3-8200-68F1-7772F0C091DD}" = CCC Help Russian
"{BFA6DE67-F8EF-427B-B962-D03ADAF56734}" = HP TouchSmart Paint it! by Corel - Langauge
"{C1441CC5-D9DC-C781-F5FC-B7CA0FBA0914}" = CCC Help Greek
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5B6133F-8943-44F2-AF72-778E2701481A}" = HP MediaSmart/TouchSmart Netflix
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B44566-839A-459C-A73D-49764CE216CC}" = ArcSoft Video Downloader
"{C9DCE03F-8CB7-4146-A99C-0612D75177EA}" = HP TouchSmart Photo
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CBF9CADC-3F81-44E4-3B0F-B0E288D0FBEC}" = Catalyst Control Center InstallProxy
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D94D4514-5D20-4952-8E02-5C96DB688EC4}" = HP Tap Tap Bear for TouchSmart
"{D9577427-2D9D-4580-BDB3-FFDDE06A9554}" = Riven
"{DBE1BE19-6D8E-4623-83B1-EE017908A8B7}" = HP TouchSmart Paint it! by Corel - Langauge
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP TouchSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1FD99EF-7312-426E-A9BD-92ECD2093B4A}" = HP TouchSmart Paint it! by Corel - Langauge
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E6B43401-E818-4961-AFED-118DD8E87642}" = RAF
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EB235F08-D1FC-D35F-BD8A-84C232184AF2}" = CCC Help Hungarian
"{EB69F7A5-778B-2F95-1FFD-949157FB94CA}" = CCC Help Polish
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F03EC055-F34E-4F6B-A684-8A370E11A304}" = ArcSoft Print Creations
"{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}" = HP TouchSmart Video
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F33B9785-B646-4564-849B-BEE3A1700694}" = HP TouchSmart Paint it! by Corel - Langauge
"{F6A4B871-A06A-0EB2-DA8F-BD26CA4B7D90}" = CCC Help Swedish
"{F9A36074-25AD-4F2E-969E-AEDF452DC57B}" = HP TouchSmart Paint it! by Corel - Langauge
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP TouchSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.15
"Audacity_is1" = Audacity 1.2.6
"Color Efex Pro 3.0 Wacom Edition 3" = Color Efex Pro 3.0 Wacom Edition 3
"Cool Flash Maker_is1" = Cool Flash Maker v14.06 Trial (Feb-11-2010)
"Coupon Printer for Windows5.0.0.10" = Coupon Printer for Windows
"eGames Collector's Edition" = eGames Collector's Edition
"FinePix Genie_is1" = FUJIFILM MyFinePix Studio 2.0
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP AppsCenter 1.00" = HP AppsCenter 1.00
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP TouchSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP TouchSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP TouchSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}" = HP TouchSmart Photo
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP TouchSmart DVD
"InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}" = HP TouchSmart Video
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP TouchSmart Video
"Kobo" = Kobo
"MahJongg Master Special Edition" = MahJongg Master Special Edition
"Money2007b" = Microsoft Money 2007
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"My HP Game Console" = HP Game Console
"Origin" = Origin
"PDF Complete" = PDF Complete Special Edition
"Pen Tablet Driver" = Bamboo
"WildTangent hp Master Uninstall" = HP Games
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.01 (32-bit)
"Wisdom-soft Set up ScreenHunter 5.1 Free" = Wisdom-soft Set up ScreenHunter 5.1 Free
"Wisdom-soft Toolbar" = Wisdom-soft Toolbar
"WT087317" = Airport Mania
"WT087318" = Ancient Hearts
"WT087319" = Azteca
"WT087329" = Bob the Builder Can-Do-Zoo
"WT087330" = Bounce Symphony
"WT087342" = Dora's Carnival Adventure
"WT087343" = Dora's World Adventure
"WT087361" = FATE
"WT087379" = Jewel Quest Solitaire 2
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087408" = Skip-Bo - Castaway Caper
"WT087416" = Where's Waldo The Fantastic Journey
"WT087428" = Bejeweled 2 Deluxe
"WT087433" = Build-a-lot
"WT087453" = Chuzzle Deluxe
"WT087472" = Gem Shop
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YTdetect" = Yahoo! Detect
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
"Smilebox" = Smilebox
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/3/2014 4:00:35 PM | Computer Name = KRoss-HP | Source = Bonjour Service | ID = 100
Description = Local Hostname KRoss-HP.local already in use; will try KRoss-HP-2.local
 instead
 
Error - 8/3/2014 4:04:45 PM | Computer Name = KRoss-HP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.2.1:5353    4 KRoss-HP.local.
 Addr 192.168.2.1
 
Error - 8/3/2014 4:04:45 PM | Computer Name = KRoss-HP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 KRoss-HP.local.
 Addr 192.168.2.3
 
Error - 8/3/2014 4:04:45 PM | Computer Name = KRoss-HP | Source = Bonjour Service | ID = 100
Description = Local Hostname KRoss-HP.local already in use; will try KRoss-HP-2.local
 instead
 
Error - 8/3/2014 5:06:46 PM | Computer Name = KRoss-HP | Source = RasClient | ID = 20227
Description = 
 
Error - 8/3/2014 5:07:43 PM | Computer Name = KRoss-HP | Source = RasClient | ID = 20227
Description = 
 
Error - 8/3/2014 5:16:25 PM | Computer Name = KRoss-HP | Source = RasClient | ID = 20227
Description = 
 
Error - 8/3/2014 5:18:40 PM | Computer Name = KRoss-HP | Source = RasClient | ID = 20227
Description = 
 
Error - 8/3/2014 5:20:01 PM | Computer Name = KRoss-HP | Source = RasClient | ID = 20227
Description = 
 
Error - 8/3/2014 5:22:07 PM | Computer Name = KRoss-HP | Source = RasClient | ID = 20227
Description = 
 
Error - 8/3/2014 5:24:04 PM | Computer Name = KRoss-HP | Source = RasClient | ID = 20227
Description = 
 
[ Hewlett-Packard Events ]
Error - 9/27/2012 8:41:05 PM | Computer Name = KVogler-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3839  Ram Utilization: 50  TargetSite: Void UpdateAndDetect()  
 
Error - 10/4/2012 8:47:46 PM | Computer Name = KVogler-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3839  Ram Utilization: 70  TargetSite: Void UpdateAndDetect()  
 
Error - 10/18/2012 8:14:57 PM | Computer Name = KVogler-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3839  Ram Utilization: 40  TargetSite: Void UpdateAndDetect()  
 
Error - 11/1/2012 8:45:46 PM | Computer Name = KVogler-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088hpsa_service.exe   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: One HP Active Check Local Mode job already running.  StackTrace:
   at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
 
   at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager    Name: hpsa_service.exe
Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 en-US  RAM: 3839  Ram Utilization: 40  TargetSite: Void UpdateAndDetect()  
 
Error - 11/4/2012 8:14:50 PM | Computer Name = KVogler-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 3839
Ram
 Utilization: 50  TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
 
 
Error - 11/4/2012 9:14:57 PM | Computer Name = KVogler-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 3839
Ram
 Utilization: 50  TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
 
 
Error - 11/6/2012 9:15:02 PM | Computer Name = KVogler-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 3839
Ram
 Utilization: 40  TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
 
 
Error - 11/8/2012 9:59:08 PM | Computer Name = KVogler-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 3839
Ram
 Utilization: 50  TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
 
 
Error - 11/9/2012 8:26:03 AM | Computer Name = KVogler-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 3839
Ram
 Utilization:   TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
 
 
Error - 11/10/2012 1:10:56 PM | Computer Name = KVogler-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
 HP.SupportFramework.Utilities    Name: HPSF.exe  Version: 07.00.01.01  Path: C:\Program
 Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  Format: en-US  RAM: 3839
Ram
 Utilization:   TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()
 
 
[ System Events ]
Error - 9/18/2014 11:39:49 PM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 12:09:51 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 2:09:54 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 2:39:55 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 3:39:57 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 4:39:59 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 6:10:02 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 9:10:09 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 10:10:14 AM | Computer Name = KRoss-HP | Source = ipnathlp | ID = 31004
Description = 
 
Error - 9/19/2014 10:25:17 AM | Computer Name = KRoss-HP | Source = Service Control Manager | ID = 7034
Description = The ArcSoft Connect Daemon service terminated unexpectedly.  It has
 done this 1 time(s).
 
 
< End of report >
 
 

  • 0

Advertisements


#2
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
Hello mom2dylkay,
 
My name is Teima and I'll be happy to assist you with this issue. Before we commence I'd like to ask that you take into careful thought of the points which I've listed below as they will beneficial to the guidance as to which I'll present yourself with here on Geekstogo. :)
 
Notes before we commence:
 
  • It's important that you reply within four days. If you haven't replied within that time, the thread will be closed.
  • As the process of malware removal is often challenging at times I'd like you to take into consideration that it may take multiple replies in order to resolve the issue/issues present.
  • If you are uncertain about any of the steps as to which I present yourself with. Please feel free to ask myself for further clarification.
  • It's important that you don't use tools which have been recommended for other users of the forum, failure to follow these guidelines will most likely result in an unbootable machine.
  • These steps only apply for the user "mom2dylkay". If you're reading this thread and you're requiring assistance, then read this thread and follow the listed steps carefully.
  • The absence of symptoms does not necessarily mean that your system is clean. Please stick with me until I state that your system is clean.
  • If It's been a total of three days and you've yet to receive a response from myself. Please send myself a reminder by clicking here and attaching the appropriate thread link where I can respond.
Extra
 
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have two people examining your issue. Thanks for your consideration. :thumbsup:

  • 0

#3
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
Thanks for your patience, it's much appreciated! It looks like there is a bit of adware present at the moment. I'll assist you with removing it. :)
 
Step One
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following.
:Commands
[CREATERESTOREPOINT]
 
:OTL
SRV - [2014/03/26 17:06:53 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2014/08/28 16:05:58 | 000,178,160 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- C:\Program Files (x86)\Coupons\CouponPrinterService.exe -- (CouponPrinterService)IE:64bit: - HKLM\..\SearchScopes\{04DEBFB8-06B7-4E88-8292-5BF7D79559ED}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{04DEBFB8-06B7-4E88-8292-5BF7D79559ED}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2E61XwH4kJI7p1gGjBFoqTdFMk_5FGy3C-65Gh3lTPDs-mL4prt8dK3gBaenD_wDy52JlaTpbwKT5uAj_Jb8l2R4XyFRKj1m1I6cknnKFRpr91k9H0gPDXIeSID18FKqlWnzcS4GvyojtwtBO_QiY_7cl4YaZ7OH1V-ZQ&q={searchTerms}
FF - prefs.js..browser.search.defaultthis.engineName: "Road Runner Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2187784&SearchSource=3&q={searchTerms}"
FF - prefs.js..keyword.URL: "http://mysearch.avg.com/search?pid=safeguard&sg=&cid={03352ebe-e40e-458c-81ee-be79975c5cfa}&mid=92a71decffec4844b5c0a5412a8da2f1-ae81d00d74ab0aeb889ffff56b5955faea7f8a0b&ds=hk018&coid=avgtbdishk&cmpid=&v=18.1.7.598&lang=en&pr=sa&d=2014-03-16%2020%3A22%3A01&sap=ku&q="
FF - HKCU\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator: C:\Users\KVogler\AppData\Roaming\CATALI~2\NPBCSK~1.DLL (Catalina Marketing Corporation)
[2014/06/21 10:40:45 | 000,000,000 | ---D | M] ("Shopop Widget") -- C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}
[2014/01/23 13:36:59 | 000,000,000 | ---D | M] (Road Runner Community Toolbar) -- C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}
[2014/03/20 20:45:43 | 000,248,304 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2014/08/28 16:29:31 | 000,248,304 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - !{b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{b278d9f8-0fa9-465e-9938-0c392605d8e3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Wisdom-soft toolbar) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} - C:\Program Files (x86)\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
03 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Wisdom-soft toolbar) - {6DFC55BB-BFFF-485A-9709-90C3FDF6DB58} - C:\Program Files (x86)\Wisdom-soft\tbWisd.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\KVogler\AppData\Local\Smartbar\Application\Shopop.exe startup File not found
O4 - HKCU..\Run: [SmileboxTray] C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
[2013/08/18 13:26:46 | 002,162,416 | ---- | C] (Catalina Marketing Corp) -- C:\Users\KVogler\AppData\Local\BcsKtYcHW.dll
[2011/05/18 14:15:55 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Catalina Marketing Corp
[2013/08/18 13:26:42 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Catalina  Print Savings
[2014/03/08 03:18:33 | 000,000,000 | ---D | M] -- C:\Users\KVogler\AppData\Roaming\Smilebox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = B3 82 36 01 5E 77 16 46 BE 9C 43 98 BB 0B 15 E7 [binary data]

:commands  
[EMPTYTEMP]
  • Click run fix.
  • OTL may ask to reboot the machine. Please click the OK button if prompted.
  • Once done a report will be displayed. Copy and paste the contents of that report within your next response.
Step Two
 
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Step Three
 
I'd highly recommend that you uninstall Frostwire as this has been identified as additional P2P program.
 
Please note that even if you are using a safe P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected.
 
To remove Frostwire please navigate to Control Panel > Programs and Features and select the uninstall option.
  • 0

#4
mom2dylkay

mom2dylkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Thank you!  Here is what you requested:

 

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Service APNMCP stopped successfully!
Service APNMCP deleted successfully!
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe moved successfully.
Service CouponPrinterService stopped successfully!
Service CouponPrinterService deleted successfully!
C:\Program Files (x86)\Coupons\CouponPrinterService.exe moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{04DEBFB8-06B7-4E88-8292-5BF7D79559ED}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04DEBFB8-06B7-4E88-8292-5BF7D79559ED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Prefs.js: "Road Runner Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...archSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "http://mysearch.avg....eguard&sg=&cid={03352ebe-e40e-458c-81ee-be79975c5cfa}&mid=92a71decffec4844b5c0a5412a8da2f1-ae81d00d74ab0aeb889ffff56b5955faea7f8a0b&ds=hk018&coid=avgtbdishk&cmpid=&v=18.1.7.598&lang=en&pr=sa&d=2014-03-16%2020%3A22%3A01&sap=ku&q=" removed from keyword.URL
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\CouponNetwork.com/CMDUniversalCouponPrintActivator\ deleted successfully.
C:\Users\KVogler\AppData\Roaming\CATALI~2\NPBCSK~1.DLL moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\components folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\chrome\PublisherImages folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\chrome\images folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\chrome folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e} folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\searchplugin folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\Plugins folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\modules folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\META-INF folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\defaults folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\components folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b}\chrome folder moved successfully.
C:\Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll moved successfully.
C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{b278d9f8-0fa9-465e-9938-0c392605d8e3} deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{b278d9f8-0fa9-465e-9938-0c392605d8e3} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6dfc55bb-bfff-485a-9709-90c3fdf6db58} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6dfc55bb-bfff-485a-9709-90c3fdf6db58}\ deleted successfully.
File soft\tbWisd.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0123B506-0AD9-43AA-B0CF-916C122AD4C5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0123B506-0AD9-43AA-B0CF-916C122AD4C5}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6DFC55BB-BFFF-485A-9709-90C3FDF6DB58} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DFC55BB-BFFF-485A-9709-90C3FDF6DB58}\ not found.
File soft\tbWisd.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon deleted successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SmileboxTray deleted successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxTray.exe moved successfully.
C:\Users\KVogler\AppData\Local\BcsKtYcHW.dll moved successfully.
C:\Users\KVogler\AppData\Roaming\Catalina Marketing Corp folder moved successfully.
Folder C:\Users\KVogler\AppData\Roaming\Catalina  Print Savings\ not found.
C:\Users\KVogler\AppData\Roaming\Smilebox\work\cf82d47830eeee14f286f2734c4c0606 folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\work folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\thumbnails\cf82d47830eeee14f286f2734c4c0606 folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\thumbnails\af9005bf983fdf58e8c671a9b169308d folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\thumbnails\6db65dcce866ef2482a0a6cac8804541 folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\thumbnails\55242fc1bfad82606e659312ea68d7a4 folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\thumbnails folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\Templates\16239 folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\Templates folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox\Config folder moved successfully.
C:\Users\KVogler\AppData\Roaming\Smilebox folder moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\XMLHTTP_UUID_Default| /E : value set successfully!
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Kaylan
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: KVogler
->Temp folder emptied: 12706617 bytes
->Temporary Internet Files folder emptied: 5243146 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 365846326 bytes
->Flash cache emptied: 506 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15041 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 366.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 09222014_124929
 
Files\Folders moved on Reboot...
C:\Users\KVogler\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\KVogler\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
I will post next entry in a few mintues.

  • 0

#5
mom2dylkay

mom2dylkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
# AdwCleaner v3.310 - Report created 22/09/2014 at 13:01:18
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : KVogler - KROSS-HP
# Running from : C:\Users\KVogler\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\Program Files (x86)\Wisdom-soft
Folder Deleted : C:\Users\Kaylan\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\KVogler\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\KVogler\AppData\Local\LPT
Folder Deleted : C:\Users\KVogler\AppData\Local\Smartbar
Folder Deleted : C:\Users\KVogler\AppData\Local\WeatherAlerts
Folder Deleted : C:\Users\KVogler\AppData\Local\Wisdom-soft
Folder Deleted : C:\Users\KVogler\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\KVogler\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\KVogler\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\KVogler\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\KVogler\AppData\Roaming\Systweak
Folder Deleted : C:\Users\KVogler\Documents\DealRunner
Folder Deleted : C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\ConduitCommon
Folder Deleted : C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
File Deleted : C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\Extensions\[email protected]
File Deleted : C:\END
File Deleted : C:\ProgramData\uninstaller.exe
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\searchplugins\search-here.xml
File Deleted : C:\Users\Kaylan\AppData\Roaming\Mozilla\Firefox\Profiles\lvny86s2.default\searchplugins\Web Search.xml
File Deleted : C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\searchplugins\Web Search.xml
File Deleted : C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\user.js
File Deleted : C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Deleted : C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DFC55BB-BFFF-485A-9709-90C3FDF6DB58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DFC55BB-BFFF-485A-9709-90C3FDF6DB58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B278D9F8-0FA9-465E-9938-0C392605D8E3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6DFC55BB-BFFF-485A-9709-90C3FDF6DB58}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Wisdom-soft
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Default Tab
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Wisdom-soft
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.10
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wisdom-soft Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Mozilla Firefox v9.0.1 (en-US)
 
[ File : C:\Users\Kaylan\AppData\Roaming\Mozilla\Firefox\Profiles\lvny86s2.default\prefs.js ]
 
Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2E61XwH4kJI7p1gGjBFoqTdFMk_5FGy3C-65Gh3lTPDs-mL4prt8dK3gBaenD_wDy52JlaTpbwKT5uAj_Jb8l2R4XyFRKj1m1I6cknn5FYgWa[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2E61XwH4kJI7p1gGjBFoqTdFMk_5FGy3C-65Gh3lTPDs-mL4prt8dK3gBaenD_wDy52JlaTpbwKT5uAj_Jb8l2R4XyFRKj1m1I6cknnKFRpr91k9H0gPDXIeSI[...]
Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbPGr6Jy1Ks2E61XwH4kJI7p1gGjBFoqTdFMk_5FGy3C-65Gh3lTPDs-mL4prt8dK3gBaenD_wDy52JlaTpbwKT5uAj_Jb8l2R4XyFRKj1m1I6cknnikZnX7uvo2bB[...]
 
[ File : C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\prefs.js ]
 
Line Deleted : user_pref("CT2187784..clientLogIsEnabled", false);
Line Deleted : user_pref("CT2187784..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2187784..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2187784.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT2187784.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/default.aspx");
Line Deleted : user_pref("CT2187784.BrowserCompStateIsOpen_1394705568000", true);
Line Deleted : user_pref("CT2187784.CT2187784", "CT2187784");
Line Deleted : user_pref("CT2187784.CurrentServerDate", "21-6-2014");
Line Deleted : user_pref("CT2187784.DSChangedManually", false);
Line Deleted : user_pref("CT2187784.DSInstall", true);
Line Deleted : user_pref("CT2187784.DSProtectChoice", true);
Line Deleted : user_pref("CT2187784.DSProtectCount", 1);
Line Deleted : user_pref("CT2187784.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2187784.DialogsGetterLastCheckTime", "Sat Jun 21 2014 10:40:58 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2187784.EMailNotifierPollDate", "Sat Jun 21 2014 10:40:57 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.FirstServerDate", "12-8-2013");
Line Deleted : user_pref("CT2187784.FirstTime", true);
Line Deleted : user_pref("CT2187784.FirstTimeFF3", true);
Line Deleted : user_pref("CT2187784.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2187784.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2187784.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2187784.HPChangedManually", false);
Line Deleted : user_pref("CT2187784.HPInstall", true);
Line Deleted : user_pref("CT2187784.HPProtectChoice", true);
Line Deleted : user_pref("CT2187784.HPProtectCount", 2);
Line Deleted : user_pref("CT2187784.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2187784.HomePageProtectorEnabled", true);
Line Deleted : user_pref("CT2187784.HomepageBeforeUnload", "hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7B03352ebe-e40e-458c-81ee-be79975c5cfa%7D&mid=92a71decffec4844b5c0a5412a8da2f1-ae81d00d74ab0aeb889ffff56b595[...]
Line Deleted : user_pref("CT2187784.Initialize", true);
Line Deleted : user_pref("CT2187784.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2187784.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT2187784.InstallationType", "UnknownIntegration");
Line Deleted : user_pref("CT2187784.InstalledDate", "Sun Aug 11 2013 18:09:03 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT2187784.IsGrouping", false);
Line Deleted : user_pref("CT2187784.IsInitSetupIni", true);
Line Deleted : user_pref("CT2187784.IsMulticommunity", false);
Line Deleted : user_pref("CT2187784.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2187784.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2187784.IsProtectorsInit", true);
Line Deleted : user_pref("CT2187784.LanguagePackLastCheckTime", "Sat Jun 21 2014 10:40:58 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2187784.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2187784.LastLogin_3.19.0.3", "Sat Jun 21 2014 10:40:58 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.LastLogin_3.9.0.3", "Wed Aug 14 2013 20:24:22 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.LatestVersion", "3.20.0.4");
Line Deleted : user_pref("CT2187784.Locale", "en-us");
Line Deleted : user_pref("CT2187784.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2187784.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2187784.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2187784.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT2187784.OriginalFirstVersion", "3.9.0.3");
Line Deleted : user_pref("CT2187784.SavedHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT2187784.SearchCaption", "Road Runner Customized Web Search");
Line Deleted : user_pref("CT2187784.SearchEngineBeforeUnload", "Road Runner Customized Web Search");
Line Deleted : user_pref("CT2187784.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2187784.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2187784&SearchSource=2&q=");
Line Deleted : user_pref("CT2187784.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2187784.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2187784.SearchInNewTabLastCheckTime", "Sat Jun 21 2014 10:40:57 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Line Deleted : user_pref("CT2187784.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT2187784.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT2187784.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT2187784.ServiceMapLastCheckTime", "Sat Jun 21 2014 10:40:57 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.SettingsLastCheckTime", "Sat Jun 21 2014 10:40:55 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.SettingsLastUpdate", "1402935053");
Line Deleted : user_pref("CT2187784.TBHomePageUrl", "hxxp://www.rr.com");
Line Deleted : user_pref("CT2187784.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2187784.ThirdPartyComponentsLastCheck", "Sat Jun 21 2014 10:40:54 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT2187784.ToolbarShrinkedFromSetup", false);
Line Deleted : user_pref("CT2187784.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2187784");
Line Deleted : user_pref("CT2187784.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,codefuel.com,tbccint.com,trovi.com,seccint.com,cpccint.com,appstrm.com,OurTool[...]
Line Deleted : user_pref("CT2187784.UserID", "UN89074100080175762");
Line Deleted : user_pref("CT2187784.alertChannelId", "586406");
Line Deleted : user_pref("CT2187784.backendstorage.hxxp://fastcontent_conduit_com/discoverapps.rematchagent-matkot-user-id", "22313430313435303636303838373931323334353622");
Line Deleted : user_pref("CT2187784.backendstorage.hxxp://fastcontent_conduit_com/discoverapps.rematchagent-periodic-reports", "7B2270696E675F30223A5B313430333336313636313633302C31343430303030305D7D");
Line Deleted : user_pref("CT2187784.backendstorage.hxxp://fastcontent_conduit_com/discoverapps.rematchground.upstairs", "7B22687474703A2F2F66617374636F6E74656E742E636F6E647569742E636F6D2F646973636F766572617070732F72[...]
Line Deleted : user_pref("CT2187784.components.1000034", true);
Line Deleted : user_pref("CT2187784.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com;social.tbccint.com;apps.tbccint.com;services.a[...]
Line Deleted : user_pref("CT2187784.globalFirstTimeInfoLastCheckTime", "Sat Jun 21 2014 10:40:58 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2187784.initDone", true);
Line Deleted : user_pref("CT2187784.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT2187784.myStuffEnabled", true);
Line Deleted : user_pref("CT2187784.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2187784.myStuffSearchUrl", "hxxp://appstrm.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2187784.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2187784.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2187784.revertSettingsEnabled", true);
Line Deleted : user_pref("CT2187784.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT2187784.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT2187784.testingCtid", "");
Line Deleted : user_pref("CT2187784.toolbarAppMetaDataLastCheckTime", "Sat Jun 21 2014 10:40:58 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.toolbarContextMenuLastCheckTime", "Sat Jun 21 2014 10:40:58 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CT2187784.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://www.rr.com");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Road Runner Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2187784/CT2187784", "\"b1680f7c403669695637e8abaaa490d03\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/586406/582268/US", "\"07ac5b59f2421728ac2c79ec2e616a01\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2187784", "\"1394705572\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us&ctid=CT2187784", "SA8f/YRfs6V19wkAK/I6CA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us&ctid=CT2187784", "HYogGBUvv90IWu2NxeLYvA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us&ctid=CT2187784", "aXc5Vsxqu/hbyzW/5Q4N6w==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us&ctid=CT2187784", "9tP0a9tLQ7LYpUSrjHx9xA==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us&ctid=CT2187784&UM=UM_UNINSTALL_ID", "Eqyi+rnB/8DP7DHXRtMrLg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"f4cb1557a8bece1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"f414eeaa6bece1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", "\"23c5489aa686ce1:16c0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2187784", "\"a238378f7d0708034a0defa297cb8b8b\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"4e33503ce9d142398d8d9e613fef54bf\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\KVogler\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\guu3u9oy.default\\conduitCommon\\modules\\3.19.0.3");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.19.0.3");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://defaulttab/content/keywordURL.xul?");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2187784");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2187784");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2187784");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "a6597f84-d41e-402b-a3f1-1004b6b60e02");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2187784");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Jun 21 2014 10:41:01 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Jun 21 2014 10:41:09 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alertsnotifications.ourtoolbar.com");
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Jun 21 2014 10:41:01 GMT-0400 (Eastern Daylight Time)");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1401369664");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.tbccint.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "0fb373b6-d4fe-48d3-b351-cef511389cbc");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Search By ZoneAlarm");
Line Deleted : user_pref("browser.search.order.1", "Search Results");
 
-\\ Google Chrome v37.0.2062.120
 
[ File : C:\Users\Kaylan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [28932 octets] - [22/09/2014 12:57:59]
AdwCleaner[S0].txt - [28564 octets] - [22/09/2014 13:01:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28625 octets] ##########

  • 0

#6
mom2dylkay

mom2dylkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Regarding Frostwire, I was unable to find the actual program on my PC any longer.  I did, however, find some saved files in a "Frostwire" folder, so I did delete them.

 

Thank you so much!  I await your response.


  • 0

#7
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
Hi. I'll have a response done in 12 hours. I'm just finalizing something with my instructor!
  • 0

#8
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
Hello. Thanks for the information which was provided it's much appreciated. How does the computer appear to be running at the moment? We'll proceed with some additional checks.
  • Step One Scan with Farbar Recovery Scan Tool
    • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
      Download link for 32 bit system
      Download link for 64 bit system
    • Right-click on the program and choose Run as administrator;
    • Put tick-mark on all boxes under Whitelist and Optional Scan;
    • Click on Scan;
    • After the scan two notepad files will be opened --
      • FRST.txt;
      • Addition.txt
    • Copy and Paste the contents of the logs in your next reply.

  • 0

#9
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
Hello. Are you still with me?
  • 0

#10
mom2dylkay

mom2dylkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Yes.  I'm so sorry I did not respond until now.  I missed the last e-mail somehow.  Give me  just a few minutes to complete your task from your last post. Thank you.


  • 0

Advertisements


#11
mom2dylkay

mom2dylkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

I am running Farbar now. All has been running smoothly prior to your instructions.  Will post shortly. Thank you, again, for your time.


  • 0

#12
mom2dylkay

mom2dylkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Here you go.:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by KVogler (administrator) on KROSS-HP on 27-09-2014 08:51:30
Running from C:\Users\KVogler\Downloads
Loaded Profile: KVogler (Available profiles: KVogler & Kaylan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Pen_TabletUser.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Wacom Technology, Corp.) C:\Windows\System32\Pen_Tablet.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\OSDManager.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 4.0\EMET_Agent.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11049576 2010-06-29] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [563736 2009-10-14] (PDF Complete Inc)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DT HPO] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-06-23] ()
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ZoneAlarm Installer] => "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r  /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml"
HKLM-x32\...\Run: [EMET Agent] => C:\Program Files (x86)\EMET 4.0\EMET_agent.exe [78496 2013-06-14] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Run: [Facebook Update] => C:\Users\KVogler\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-08] (Facebook Inc.)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-09-20] (Google Inc.)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Run: [GoogleChromeAutoLaunch_3F7885D730C6246880E3540AFCD030AF] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-09-19] (Electronic Arts)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\hp\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\MountPoints2: {236a7a58-1621-11e3-afee-da112998330f} - I:\TL-Bootstrap.exe
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\MountPoints2: {326a057d-da9f-11e2-97cd-c82f88bf0008} - I:\TL-Bootstrap.exe
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\MountPoints2: {326a05b7-da9f-11e2-97cd-c82f88bf0008} - I:\TL-Bootstrap.exe
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\MountPoints2: {cab21cb2-4b46-11e2-b408-c80aa9ff7b7b} - I:\TL-Bootstrap.exe
HKU\S-1-5-21-1571443309-931790819-2916665362-1000\...\MountPoints2: {cab21ccc-4b46-11e2-b408-c80aa9ff7b7b} - I:\TL-Bootstrap.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-1571443309-931790819-2916665362-1001\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKLM - {04DEBFB8-06B7-4E88-8292-5BF7D79559ED} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKLM - {47A4B628-31E9-429A-A606-CDC7D5013AC8} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {E24DA2F1-F494-4506-9BF2-26DB37F61856} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKLM-x32 - {47A4B628-31E9-429A-A606-CDC7D5013AC8} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {E24DA2F1-F494-4506-9BF2-26DB37F61856} URL = http://search.yahoo....psg&type=HPDTDF
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: IEPlugin Class -> {11222041-111B-46E3-BD29-EFB2449479B1} -> C:\Program Files (x86)\ArcSoft\Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {E4878B45-E2C0-4307-B6E8-734922F92F5B} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect121.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
FF Keyword.URL: hxxp://mysearch.avg.com/search?pid=safeguard&sg=&cid=%7B03352ebe-e40e-458c-81ee-be79975c5cfa%7D&mid=92a71decffec4844b5c0a5412a8da2f1-ae81d00d74ab0aeb889ffff56b5955faea7f8a0b&ds=hk018&coid=avgtbdishk&cmpid=&v=18.1.7.598&lang=en&pr=sa&d=2014-03-16%2020%3A22%3A01&sap=ku&q=
FF Plugin: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop -> C:\Users\KVogler\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\KVogler\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\KVogler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: Printing Helper - C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\Extensions\[email protected] [1644-09-15]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-07-12]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}] - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox
FF Extension: ArcSoft Video Downloader Extension - C:\Program Files (x86)\ArcSoft\Video Downloader\Plugin_FireFox [2012-05-24]
FF Extension: No Name - C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{e4878b45-e2c0-4307-b6e8-734922f92f5b} [Not Found]
FF Extension: No Name - C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e} [Not Found]
FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.7.598 [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (A Quotation) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpinjhlpmg [2013-08-13]
CHR Extension: (Bejeweled) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2013-08-13]
CHR Extension: (Radio) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh [2013-08-13]
CHR Extension: (Word Search Puzzle) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl [2013-08-13]
CHR Extension: (Google Docs) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-11]
CHR Extension: (Google Drive) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-11]
CHR Extension: (TV) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2013-08-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YOUZEEK Free Music) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce [2013-08-13]
CHR Extension: (YouTube) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-11]
CHR Extension: (Solitaire) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim [2013-08-13]
CHR Extension: (eBay) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2013-08-13]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-12]
CHR Extension: (Adblock for Youtube™) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-03-27]
CHR Extension: (Google Search) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-11]
CHR Extension: (Fun Switcher) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2013-08-13]
CHR Extension: (Read Later Fast) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2013-08-13]
CHR Extension: (Solitaire Games) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\eljmkmbmhmgmpmmbkagbobpmpocacdbo [2013-08-13]
CHR Extension: (Google Finance) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgckldmmjdbpdejkclmfnnnehhocbfp [2013-08-13]
CHR Extension: (Google Play Movies) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\fppdphmgcddhjeddoeghpjefkdlccljb [2013-08-13]
CHR Extension: (AdBlock) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-27]
CHR Extension: (Flixster) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2013-08-13]
CHR Extension: (AirDroid) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2013-08-22]
CHR Extension: (Crackle) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2013-08-13]
CHR Extension: (Zillow) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\iifccoboedmhjapdlpgkigibgnkmdjoh [2013-08-13]
CHR Extension: (iPiccy Photo Editor) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\imokeandodnlammaoenbgcnbhigjbpjh [2013-08-13]
CHR Extension: (Craigslist) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhkdighkjbghfkkelkgdlmbkjopoali [2013-08-13]
CHR Extension: (My Browser Page) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg [2013-08-13]
CHR Extension: (Google Forms) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2013-08-13]
CHR Extension: (Typing Test - KeyHero) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2013-08-13]
CHR Extension: (Calculator) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2013-08-13]
CHR Extension: (Autodesk Homestyler) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2013-08-13]
CHR Extension: (No Name) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-08-13]
CHR Extension: (Webcam Toy) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2013-08-13]
CHR Extension: (Skype Click to Call) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-11]
CHR Extension: (Google Maps) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-08-13]
CHR Extension: (Planner 5D) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2013-08-13]
CHR Extension: (Who defriended me?) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcnpokbajkllnoffpnidngefobkpglbg [2013-08-13]
CHR Extension: (Mint) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhgffcfekbglhpcdjkhhjekhdnddkflg [2013-08-13]
CHR Extension: (DSL speedtest) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mibbfkdeofpfmkclkgjfnjppdblhpddj [2013-08-13]
CHR Extension: (Facebook Cover Maker) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjibidejkfaggepnbcnobhinfpojlcmb [2013-08-13]
CHR Extension: (Google Play Books) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2013-08-13]
CHR Extension: (Asana) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafkcmbfnknnkmbdbdhflbidiigecfln [2013-08-13]
CHR Extension: (Do It (Tomorrow)) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2013-08-13]
CHR Extension: (Lumosity) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffmfbhcjemfledhndnpllechagamlfp [2013-08-13]
CHR Extension: (Google Wallet) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (My Chrome Theme) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-08-13]
CHR Extension: (FREE TV) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofddcjfikfghkmoapnjnmmflbcjohbic [2013-08-13]
CHR Extension: (Gmail) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-11]
CHR Extension: (eBay Deals) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pllkgmcojhajjmojfoagiegoibjognlc [2013-08-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [125552 2010-06-23] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-12-22] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\supportsoft\bin\ssrc.exe [386424 2010-02-24] (SupportSoft, Inc.)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127272 2009-07-15] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 75E4BACA583AE02C11E9AC8747E2ABE0
C:\Windows\System32\DRIVERS\atikmpag.sys B765CF4B32F347BE747B21AE22641025
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdsata.sys F747497A0EE5498F79B207F215B3D2D8
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys 2946D695E158615BAAA16248E63C7ADB
C:\Windows\System32\DRIVERS\amd_sata.sys 352476C98EF3952563A14F767491BBA9
C:\Windows\System32\DRIVERS\amd_xata.sys F4805C309FE48D6939147FE5CCDB1AD4
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AtiPcie64.sys E82E61F46D1336447F4DEFF8C074F13E
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\clwvd.sys 9573E8C7C3B3D1625FD941841FD0859C
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 07DA62C960DDCCC2D35836AEAB4FC578
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 1C11E5D258BC374E7FBD598D75E49B75
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\itecir.sys 8D990A44B4F2B68E2C56A3724EC3EB84
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 6439D1E559D08BD8A1465A8943357053
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28x.sys 2EED549279D7FBD10B846B5397573967
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys F9EEFFC65C68A45001D1349E652B8B6F
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys A6BF0A9B5A30D743623CA0D3BE35DF05
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 5790BCA445CC40DF8B38C2C48608AAC2
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys FCAF9C2C9EADF8F397C3350760EF500F
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\system32\DRIVERS\usbfilter.sys 2C780746DC44A28FE67004DC58173F05
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\System32\DRIVERS\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacmoumonitor.sys 4F1FBD963F8520B7CE80FFA73EF7DE1D
C:\Windows\System32\DRIVERS\wacommousefilter.sys E04D43C7D1641E95D35CAE6086C7E350
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacomvhid.sys 26B430E7C5F598FE7353E3BC4B261321
C:\Windows\System32\DRIVERS\WacomVKHid.sys 8B4255329EDFBA3ECFBD0714476FAD38
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-27 08:51 - 2014-09-27 08:52 - 00049159 _____ () C:\Users\KVogler\Downloads\FRST.txt
2014-09-27 08:50 - 2014-09-27 08:51 - 00000000 ____D () C:\FRST
2014-09-27 08:50 - 2014-09-27 08:50 - 02108928 _____ (Farbar) C:\Users\KVogler\Downloads\FRST64.exe
2014-09-24 02:49 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 02:49 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 19:41 - 2014-09-22 19:41 - 04703358 _____ () C:\Users\KVogler\Downloads\Plant Reproduction and Adaptations (2).pptx
2014-09-22 19:38 - 2014-09-22 19:38 - 04703358 _____ () C:\Users\KVogler\Downloads\Plant Reproduction and Adaptations.pptx
2014-09-22 19:38 - 2014-09-22 19:38 - 04703358 _____ () C:\Users\KVogler\Downloads\Plant Reproduction and Adaptations (1).pptx
2014-09-22 13:12 - 2014-09-22 13:12 - 00003116 _____ () C:\Windows\System32\Tasks\{DFDE5C3C-14F8-4F5E-8B65-9E7A17AB8ED1}
2014-09-22 12:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 12:57 - 2014-09-22 13:01 - 00000000 ____D () C:\AdwCleaner
2014-09-22 12:57 - 2014-09-22 12:57 - 01373475 _____ () C:\Users\KVogler\Downloads\AdwCleaner.exe
2014-09-22 12:55 - 2014-09-22 12:55 - 00028259 _____ () C:\Users\KVogler\Desktop\download.htm
2014-09-22 12:51 - 2014-09-22 18:14 - 00000224 _____ () C:\Windows\setupact.log
2014-09-22 12:51 - 2014-09-22 13:02 - 00000612 _____ () C:\Windows\PFRO.log
2014-09-22 12:51 - 2014-09-22 12:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:49 - 2014-09-22 12:49 - 00000000 ____D () C:\_OTL
2014-09-22 00:12 - 2014-09-22 00:13 - 00000000 ____D () C:\Users\KVogler\AppData\Local\{66C27D5C-C13B-4DD5-B0A0-518D2D96E97D}
2014-09-21 18:46 - 2014-09-21 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-21 17:17 - 2014-09-21 17:18 - 00000000 ____D () C:\Users\KVogler\Documents\asdfghjkl
2014-09-19 23:54 - 2014-09-19 23:55 - 04901352 _____ (Piriform Ltd) C:\Users\KVogler\Downloads\ccsetup417.exe
2014-09-19 11:31 - 2014-09-19 14:13 - 00118216 _____ () C:\Users\KVogler\Downloads\Extras.Txt
2014-09-19 11:27 - 2014-09-20 00:00 - 00159986 _____ () C:\Users\KVogler\Downloads\OTL.Txt
2014-09-19 11:16 - 2014-09-19 11:16 - 00602112 _____ (OldTimer Tools) C:\Users\KVogler\Downloads\OTL (1).exe
2014-09-19 11:15 - 2014-09-19 11:15 - 00602112 _____ (OldTimer Tools) C:\Users\KVogler\Downloads\OTL.exe
2014-09-19 10:53 - 2014-09-19 10:53 - 00000000 ____D () C:\Users\KVogler\Downloads\backups
2014-09-19 10:48 - 2014-09-19 10:48 - 00022034 _____ () C:\Users\KVogler\Downloads\hijackthis.log
2014-09-19 10:46 - 2014-09-19 10:46 - 00388608 _____ (Trend Micro Inc.) C:\Users\KVogler\Downloads\HiJackThis.exe
2014-09-19 10:37 - 2014-09-19 10:37 - 00222982 _____ () C:\Users\KVogler\Documents\KaperskyTSSKillerReport9192014.txt
2014-09-19 10:35 - 2014-09-19 10:35 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\KVogler\Downloads\tdsskiller.exe
2014-09-19 10:34 - 2014-09-19 10:34 - 00001804 _____ () C:\Users\KVogler\Desktop\GooredFix.txt
2014-09-19 10:34 - 2014-09-19 10:34 - 00000000 ____D () C:\Users\KVogler\Desktop\GooredFix Backups
2014-09-19 10:33 - 2014-09-19 10:34 - 00071398 _____ (jpshortstuff) C:\Users\KVogler\Downloads\GooredFix.exe
2014-09-19 10:25 - 2014-09-19 10:25 - 00000000 ____D () C:\_OTM
2014-09-19 10:23 - 2014-09-19 10:23 - 00522240 _____ (OldTimer Tools) C:\Users\KVogler\Downloads\OTM.exe
2014-09-19 10:23 - 2014-09-19 10:23 - 00522240 _____ (OldTimer Tools) C:\Users\KVogler\Downloads\OTM (1).exe
2014-09-19 10:21 - 2014-09-19 10:21 - 00000000 ____D () C:\Users\KVogler\Downloads\erunt
2014-09-19 10:20 - 2014-09-19 10:20 - 00513320 _____ () C:\Users\KVogler\Downloads\erunt.zip
2014-09-19 10:19 - 2014-09-19 10:20 - 00028454 _____ () C:\Users\KVogler\Documents\RemovingRedirectsInstructionsGeeksToGocom.txt
2014-09-19 01:49 - 2014-09-19 01:49 - 00000000 ____D () C:\Users\KVogler\AppData\Local\{C36E8F83-8B66-4969-B66B-A70E0D7BF655}
2014-09-18 13:48 - 2014-09-18 13:48 - 00000000 ____D () C:\Users\KVogler\AppData\Local\{27FE60C1-F20F-449D-B056-34F1852479E5}
2014-09-12 03:27 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 03:27 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 03:27 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 03:27 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 03:27 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 03:27 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 03:27 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 03:27 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 03:27 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 03:27 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 03:27 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 03:27 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 03:27 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 03:27 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 03:27 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 03:27 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 03:27 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 03:27 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 03:27 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 03:27 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 03:27 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 03:27 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 03:27 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 03:27 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 03:27 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 03:27 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 03:27 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 03:27 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 03:27 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 03:27 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 03:27 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 03:27 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 03:27 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 03:27 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 03:27 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 03:27 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 03:27 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 03:27 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 03:27 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 03:27 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 03:27 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 03:27 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 03:27 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 03:27 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 03:27 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 03:27 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 03:27 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 03:27 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 03:27 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 03:27 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 03:27 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 03:27 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 03:27 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 03:27 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 03:27 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 03:27 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 03:00 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 03:00 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 03:44 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 03:44 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 03:44 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 03:44 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 03:44 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 03:44 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 03:44 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 03:44 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 03:44 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 03:44 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 03:44 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 20:20 - 2014-09-10 20:20 - 00003731 _____ () C:\Users\KVogler\Downloads\d8b9ca_f9fe8f18a15a4079a8de9145c0d5cdf8.xlsx
2014-09-09 23:10 - 2014-09-09 23:32 - 00011097 _____ () C:\Users\KVogler\Documents\Grocery Price Book.xlsx
2014-09-09 15:31 - 2014-09-09 15:31 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\Incline Software
2014-09-09 10:36 - 2014-09-09 10:36 - 02072488 _____ (Coupons.com Incorporated) C:\Users\KVogler\Downloads\CouponPrinter (4).exe
2014-09-09 10:35 - 2014-09-09 10:35 - 02072488 _____ (Coupons.com Incorporated) C:\Users\KVogler\Downloads\CouponPrinterCPS.exe
2014-09-09 10:15 - 2014-09-09 10:15 - 00918440 _____ (Oracle Corporation) C:\Users\KVogler\Downloads\chromeinstall-7u67 (1).exe
2014-09-09 10:03 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-09 10:03 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-09 10:03 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-09 10:03 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-09 10:02 - 2014-09-09 10:03 - 00004578 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-09 10:02 - 2014-09-09 10:02 - 00918440 _____ (Oracle Corporation) C:\Users\KVogler\Downloads\chromeinstall-7u67.exe
2014-09-09 09:59 - 2014-09-09 09:59 - 00921000 _____ (Oracle Corporation) C:\Users\KVogler\Downloads\chromeinstall-7u51.exe
2014-09-08 12:18 - 2014-09-09 03:19 - 00000000 ____D () C:\Users\KVogler\Documents\Geneology Info
2014-09-08 12:12 - 2014-09-08 12:12 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-09-08 12:11 - 2014-09-08 12:11 - 19659405 _____ (Incline Software ) C:\Users\KVogler\Downloads\AQ12-1Basic.exe
2014-09-06 13:01 - 2014-09-06 13:12 - 00023667 _____ () C:\Users\KVogler\Documents\StatementAcct500VeteransDonato28.xlsx
2014-09-02 12:42 - 2014-09-02 12:42 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-02 12:42 - 2014-09-02 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-02 12:41 - 2014-09-02 12:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-02 12:41 - 2014-09-02 12:42 - 00000000 ____D () C:\Program Files\iTunes
2014-09-02 12:41 - 2014-09-02 12:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-02 12:41 - 2014-09-02 12:41 - 00000000 ____D () C:\Program Files\iPod
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-27 08:51 - 2011-03-25 17:59 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-27 07:54 - 2012-04-11 16:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-27 07:28 - 2010-11-19 14:51 - 01443595 _____ () C:\Windows\WindowsUpdate.log
2014-09-27 06:15 - 2012-08-08 15:10 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000UA.job
2014-09-26 15:15 - 2012-08-08 15:10 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000Core.job
2014-09-26 11:51 - 2011-03-25 17:59 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 20:38 - 2013-12-06 13:59 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKVogler
2014-09-25 20:38 - 2013-12-06 13:59 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForKVogler.job
2014-09-25 20:37 - 2011-11-10 11:30 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-25 20:37 - 2011-03-03 14:42 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-09-25 11:04 - 2012-07-12 22:29 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\Skype
2014-09-24 20:56 - 2013-08-11 22:04 - 00002104 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-24 19:07 - 2013-06-06 19:47 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\.minecraft
2014-09-24 13:18 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-24 13:18 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 19:54 - 2012-04-11 16:05 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-23 19:54 - 2012-04-11 16:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-23 19:54 - 2011-05-23 18:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 13:10 - 2011-02-22 09:33 - 00000000 ____D () C:\Users\KVogler
2014-09-22 13:04 - 2014-07-24 13:35 - 00000000 ____D () C:\ProgramData\Origin
2014-09-22 13:03 - 2014-07-24 13:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-22 13:03 - 2013-06-24 16:19 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\WTablet
2014-09-22 13:03 - 2012-10-07 22:18 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-22 13:03 - 2011-12-22 15:14 - 00000000 ____D () C:\WTablet
2014-09-22 13:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 13:01 - 2013-01-13 00:36 - 00000000 ____D () C:\Users\Kaylan\AppData\Roaming\CheckPoint
2014-09-22 13:01 - 2012-12-30 16:25 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\CheckPoint
2014-09-22 12:50 - 2013-08-18 13:26 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\Catalina – Print Savings
2014-09-22 12:50 - 2011-05-18 13:51 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-09-22 02:42 - 2011-02-24 12:41 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-22 00:09 - 2010-11-19 14:58 - 00000000 ____D () C:\ProgramData\PDFC
2014-09-21 18:46 - 2014-03-01 17:50 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-21 18:46 - 2012-07-12 22:34 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-21 18:46 - 2012-07-12 22:29 - 00000000 ____D () C:\ProgramData\Skype
2014-09-21 17:17 - 2011-05-11 21:26 - 00000000 ____D () C:\Users\KVogler\Documents\gegl-0.0
2014-09-19 23:57 - 2011-03-02 23:26 - 00000000 ____D () C:\Users\KVogler\AppData\Local\CrashDumps
2014-09-19 23:57 - 2009-07-24 15:22 - 00000000 ____D () C:\Windows\Panther
2014-09-19 23:55 - 2011-03-25 17:59 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-19 23:55 - 2011-03-25 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-19 23:55 - 2011-03-25 17:59 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-19 11:00 - 2014-08-16 00:20 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-09-19 10:33 - 2012-07-23 23:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-17 23:52 - 2014-08-14 22:41 - 00000000 ____D () C:\Users\KVogler\AppData\Local\HP
2014-09-12 04:42 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-12 03:26 - 2010-11-19 14:54 - 00775462 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 03:26 - 2009-07-14 01:13 - 00775462 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 03:07 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 03:07 - 2012-05-24 11:31 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-12 03:07 - 2012-05-24 11:31 - 00002010 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-12 03:07 - 2012-05-24 11:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-12 03:07 - 2012-05-24 11:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-12 03:01 - 2011-02-27 11:16 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 03:00 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 10:35 - 2011-05-18 13:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2014-09-09 10:04 - 2013-10-17 20:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-09 10:03 - 2011-03-12 20:51 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-08 12:46 - 2010-11-19 14:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-29 17:03 - 2014-06-25 23:11 - 00000000 ____D () C:\Users\KVogler\Documents\PTC
2014-08-28 16:29 - 2014-05-19 17:58 - 00659440 _____ () C:\Windows\couponprinter_x64.ocx
2014-08-28 16:29 - 2014-05-19 17:56 - 00444912 _____ () C:\Windows\CouponPrinter.ocx
2014-08-28 03:18 - 2009-07-14 00:45 - 00313344 _____ () C:\Windows\system32\FNTCACHE.DAT
 
Some content of TEMP:
====================
C:\Users\KVogler\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
extendedinput           Yes
default                 {current}
resumeobject            {5312aa06-7887-11de-b1db-001321be213f}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
customactions           0x1000085000001
                        0x5400000f
custom:5400000f         {6c949cad-3ea9-11e0-99ab-c80aa9ff7b7b}
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {6c949cad-3ea9-11e0-99ab-c80aa9ff7b7b}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {5312aa06-7887-11de-b1db-001321be213f}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {6c949cad-3ea9-11e0-99ab-c80aa9ff7b7b}
device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{6c949cae-3ea9-11e0-99ab-c80aa9ff7b7b}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{6c949cae-3ea9-11e0-99ab-c80aa9ff7b7b}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {5312aa06-7887-11de-b1db-001321be213f}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {6c949cae-3ea9-11e0-99ab-c80aa9ff7b7b}
description             Ramdisk Options
ramdisksdidevice        partition=D:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
 
 
LastRegBack: 2014-09-26 00:47
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2014
Ran by KVogler at 2014-09-27 08:53:25
Running from C:\Users\KVogler\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
Ancient Hearts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version:  - ArcSoft)
ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version:  - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version:  - ArcSoft)
ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version:  - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version:  - ArcSoft)
ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version:  - ArcSoft)
ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version:  - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version:  - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version:  - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{F03EC055-F34E-4F6B-A684-8A370E11A304}) (Version: 3.0.255.500 - ArcSoft)
ArcSoft Video Downloader (HKLM-x32\...\{C8B44566-839A-459C-A73D-49764CE216CC}) (Version: 2.0.0.39 - ArcSoft)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C0A06}) (Version: 12.10.6.48 - APN, LLC) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{E2D662AD-3FE3-26C5-5540-90E4974EF412}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Azteca (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version:  - Wacom Technology Corp.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.95 - WildTangent) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0511.2153.37435 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help English (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help French (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help German (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
ccc-utility64 (Version: 2010.0511.2153.37435 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Color Efex Pro 3.0 Wacom Edition 3 (HKLM-x32\...\Color Efex Pro 3.0 Wacom Edition 3) (Version: 3.0.0.1 - Nik Software, Inc.)
Cool Flash Maker v14.06 Trial (Feb-11-2010) (HKLM-x32\...\Cool Flash Maker_is1) (Version:  - www.go2share.net)
Corel Paint it! touch - IPM (x32 Version: 1.1 - Corel Corporation) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2823 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.4030 - Hewlett-Packard)
DVD Menu Pack for HP TouchSmart Video (x32 Version: 4.0.4030 - Hewlett-Packard) Hidden
eGames Collector's Edition (HKLM-x32\...\eGames Collector's Edition) (Version:  - )
EMET 4.0 (HKLM-x32\...\{1F7019BB-1C9A-4E54-9B59-1744629E63B1}) (Version: 4.0 - Microsoft)
Evernote v. 4.6.7 (HKLM-x32\...\{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}) (Version: 4.6.7.8409 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FUJIFILM MyFinePix Studio 2.0 (HKLM-x32\...\FinePix Genie_is1) (Version:  - )
Gem Shop (x32 Version: 2.2.0.95 - WildTangent) Hidden
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP AppsCenter 1.00 (HKLM-x32\...\HP AppsCenter 1.00) (Version:  - )
HP Bubble Wrap for TouchSmart (HKLM-x32\...\{B88CCDC2-96EB-448F-B709-0AF1FCD624A6}) (Version: 4.0.0.0 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{C5B6133F-8943-44F2-AF72-778E2701481A}) (Version: 1.0.8.0 - Hewlett-Packard)
HP My Display TouchSmart Edition (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.00.165 - Portrait Displays, Inc.)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Tap Tap Bear for TouchSmart (HKLM-x32\...\{D94D4514-5D20-4952-8E02-5C96DB688EC4}) (Version: 4.0.0.0 - Hewlett-Packard)
HP TouchSmart (HKLM-x32\...\{32A2B967-279F-457D-B767-76352DA2F108}) (Version: 4.0.32.0 - Hewlett-Packard)
HP TouchSmart Browser (HKLM-x32\...\{89DE8F46-0495-46F7-94EB-DC6AA71BD3EE}) (Version: 4.0.0008 - Hewlett-Packard)
HP TouchSmart Calendar (HKLM-x32\...\{22CD5AA1-C28D-458A-AC3D-FB30F74111F9}) (Version: 4.0.3845.32287 - Hewlett-Packard)
HP TouchSmart Canvas (HKLM-x32\...\{157A2E65-1D59-4BE2-BBD4-D16A14EEF959}) (Version: 2.0.3832.30169 - Hewlett-Packard)
HP TouchSmart Clock (HKLM-x32\...\{053BC793-EB2F-48B6-AB61-6B76CCCCB041}) (Version: 3.0.3572.25998 - Hewlett-Packard)
HP TouchSmart Default Magnets (x32 Version: 1.0.0.0 - Hewlett-Packard) Hidden
HP TouchSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.4229 - Hewlett-Packard)
HP TouchSmart DVD (x32 Version: 4.0.4229 - Hewlett-Packard) Hidden
HP TouchSmart eBay (HKLM-x32\...\{0134AC9F-A694-4A95-B554-D6A1271EC50C}) (Version: 1.0.4003.20832 - Hewlett-Packard)
HP TouchSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.4301 - Hewlett-Packard)
HP TouchSmart Music (x32 Version: 4.0.4301 - Hewlett-Packard) Hidden
HP TouchSmart Notes (HKLM-x32\...\{5A9DADC3-6C03-4C83-8622-60405126D1E0}) (Version: 4.0.3845.23935 - Hewlett-Packard)
HP TouchSmart Paint it! by Corel - Content (x32 Version: 1.0 - Your Company Name) Hidden
HP TouchSmart Paint it! by Corel - Core (x32 Version: 1.0 - Corel Corporation) Hidden
HP TouchSmart Paint it! by Corel - ICA (x32 Version: 1.0 - Hewlett-Packard) Hidden
HP TouchSmart Paint it! by Corel - Langauge (x32 Version: 1.0 - Your Company Name) Hidden
HP TouchSmart Paint it! by Corel - Langauge (x32 Version: 1.0 - 会社名) Hidden
HP TouchSmart Paint it! by Corel (HKLM-x32\...\_{6807F13C-A925-4DD8-80C0-24D93A6FFE83}) (Version: 1.5.0.100 - Hewlett-Packard)
HP TouchSmart Photo (HKLM-x32\...\InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}) (Version: 4.0.4215 - Hewlett-Packard)
HP TouchSmart Photo (x32 Version: 4.0.4215 - Hewlett-Packard) Hidden
HP TouchSmart RecipeBox (HKLM-x32\...\{A1CE6220-A44F-4B0B-B445-738ACB55C25D}) (Version: 3.0.3822.27722 - Hewlett-Packard)
HP TouchSmart RSS (HKLM-x32\...\{8ABB6A99-E2D5-47E4-905A-2FD4657D235E}) (Version: 4.0.0006 - Hewlett-Packard)
HP TouchSmart Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 3.2.0.2 - Hewlett-Packard)
HP TouchSmart Twitter (HKLM-x32\...\{29F19C52-0B82-4741-8015-8D46E28638EC}) (Version: 3.0.3833.22527 - Hewlett-Packard)
HP TouchSmart Video (HKLM-x32\...\InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}) (Version: 4.0.4211 - Hewlett-Packard)
HP TouchSmart Video (x32 Version: 4.0.4211 - Hewlett-Packard) Hidden
HP TouchSmart Weather (HKLM-x32\...\{29CE5C81-B7F9-40EA-997E-606C09F515A6}) (Version: 4.0.2.0 - Hewlett-Packard)
HP TouchSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.3107 - Hewlett-Packard)
HP TouchSmart Webcam (x32 Version: 4.0.3107 - Hewlett-Packard) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.4.0 - Hewlett-Packard)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MahJongg Master Special Edition (HKLM-x32\...\MahJongg Master Special Edition) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Money 2007 (HKLM-x32\...\Money2007b) (Version: 16 - Microsoft)
Microsoft Money Shared Libraries (x32 Version: 16.0.0.621 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Movie Theme Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.4030 - Hewlett-Packard)
Movie Theme Pack for HP TouchSmart Video (x32 Version: 4.0.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 9.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 9.0.1 (x86 en-US)) (Version: 9.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Myst III: Exile (HKLM-x32\...\{9F05B89E-2873-11D5-9E9D-0050DA1EA555}) (Version:  - )
Myst Masterpiece Edition (HKLM-x32\...\{7D1CE80E-3EAE-441E-BE97-625F9ABD07D9}) (Version:  - )
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.0 - Nikon)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.2 - Nikon)
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6146 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3025 - CyberLink Corp.) Hidden
Riven (HKLM-x32\...\{D9577427-2D9D-4580-BDB3-FFDDE06A9554}) (Version:  - )
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
SDK (x32 Version: 2.22.002 - Portrait Displays, Inc.) Hidden
Shopop (HKLM-x32\...\{541BE6FB-36AD-4E09-BB17-BFE43C68F980}) (Version: 11.79.68.17682 - My Pop Shop Ltd.) <==== ATTENTION
Skip-Bo - Castaway Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Smilebox (HKCU\...\Smilebox) (Version: 1.1.1.1 - Smilebox, Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.6.2 - )
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
TWC Customer Controls (HKLM-x32\...\{A2E5F2AA-2996-41EA-BCCD-9FD0476A5326}) (Version: 11 - SupportSoft)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.3.0 - Nikon)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Where's Waldo The Fantastic Journey (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wisdom-soft Set up ScreenHunter 5.1 Free (HKLM-x32\...\Wisdom-soft Set up ScreenHunter 5.1 Free) (Version:  - Wisdom Software Inc.)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
19-09-2014 14:57:40 Removed Cobra HomeBase
19-09-2014 15:00:59 Removed Facebook for HP TouchSmart.
21-09-2014 15:19:25 Windows Update
21-09-2014 23:00:08 Windows Backup
22-09-2014 16:49:46 OTL Restore Point - 9/22/2014 12:49:46 PM
24-09-2014 07:00:14 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2014-09-19 10:25 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {144BD3D7-63C5-4C73-9306-DC2DE712AD66} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2411CBE9-3B41-4788-AD15-D45DE08F1024} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-25] (Google Inc.)
Task: {35218F0F-1246-4349-A328-7BA7DBD701A2} - System32\Tasks\HPCeeScheduleForKVogler => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {365D9EC7-4D11-4615-BE19-599018A8E05C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)
Task: {499E48B9-E75E-451D-9216-A10A49251492} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN459713Z30602 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)
Task: {562A6A47-2D46-4CD4-9FE0-62552EF8C8AC} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {658E286A-282E-46BE-A9AC-088310923B5B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000UA => C:\Users\KVogler\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-08] (Facebook Inc.)
Task: {6DB2A086-763D-4CC4-90D5-852D1AC6D4FB} - System32\Tasks\{C3503BC3-7F7D-40A1-8D00-75638218995C} => Iexplore.exe http://ui.skype.com/...e=tsProgressBar
Task: {7EB835AF-6596-49E2-B4EE-CCD4D39F16E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {84705ACF-D0A1-4412-8444-1FAAE8D99A9C} - System32\Tasks\4879 => Wscript.exe C:\Users\KVogler\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {8E8D0541-D4D4-4406-95CE-7FF48B20ADDA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-25] (Google Inc.)
Task: {97B33BC0-ABBA-4559-AFDB-8487C7038829} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9BC519F7-A68B-426A-A485-40F7916AB5FF} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {A1940DF7-854C-4683-8757-2CAEF5E8F416} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-18] (CyberLink)
Task: {BC5C4DA6-9CA1-4C72-ACE4-65B08B682F19} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {BCB888A6-BA8D-440E-B8A1-B3CC40998A05} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000Core => C:\Users\KVogler\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-08] (Facebook Inc.)
Task: {BEE812E2-51DD-4E1C-A885-30A0148778B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {C09844BC-B39B-4152-9320-8D1787F6317C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {CFEC0E3A-6250-4E65-8CED-2922B224BC05} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D26F325F-7136-4090-9538-4ECDD2FE4254} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E9DD68EC-A83C-4A95-AE5A-0F8597371D41} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F10BC997-790B-4C24-ABC6-8B3F4E64DDD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {FC62C8CC-9A52-4540-A4D6-65CF76D3350D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2014-04-22] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000Core.job => C:\Users\KVogler\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1571443309-931790819-2916665362-1000UA.job => C:\Users\KVogler\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKVogler.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-06-14 16:19 - 2013-06-14 16:19 - 00069280 _____ () C:\Program Files (x86)\EMET 4.0\EMET_CE64.DLL
2010-11-19 15:34 - 2010-06-23 16:09 - 00125552 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
2013-06-14 16:19 - 2013-06-14 16:19 - 00116384 _____ () C:\Program Files (x86)\EMET 4.0\HelperLib.dll
2013-06-14 16:19 - 2013-06-14 16:19 - 00034464 _____ () C:\Program Files (x86)\EMET 4.0\ReportingSubsystem.dll
2013-06-12 16:53 - 2013-06-12 16:53 - 00348160 _____ () C:\Program Files (x86)\EMET 4.0\DevExpress.UserSkins.HighContrast.dll
2013-06-14 16:19 - 2013-06-14 16:19 - 00029856 _____ () C:\Program Files (x86)\EMET 4.0\TrayIconSubsystem.dll
2013-06-14 16:19 - 2013-06-14 16:19 - 00049824 _____ () C:\Program Files (x86)\EMET 4.0\PKIPinningSubsystem.dll
2009-06-08 20:45 - 2009-06-08 20:45 - 00098304 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-11-19 15:01 - 2010-11-19 15:01 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-14 16:19 - 2013-06-14 16:19 - 00062112 _____ () C:\Program Files (x86)\EMET 4.0\EMET_CE.DLL
2010-05-19 14:05 - 2010-05-19 14:05 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-05-19 14:05 - 2010-05-19 14:05 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-05-19 14:05 - 2010-05-19 14:05 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2014-09-24 20:56 - 2014-09-23 00:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-24 20:56 - 2014-09-23 00:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-24 20:56 - 2014-09-23 00:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-24 20:56 - 2014-09-23 00:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-24 20:56 - 2014-09-23 00:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Public\Desktop\Myst III: Exile.lnk
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListen => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SprtListenPush => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmileboxTray => "C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxTray.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1571443309-931790819-2916665362-500 - Administrator - Disabled)
Guest (S-1-5-21-1571443309-931790819-2916665362-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1571443309-931790819-2916665362-1006 - Limited - Enabled)
Kaylan (S-1-5-21-1571443309-931790819-2916665362-1001 - Limited - Enabled) => C:\Users\Kaylan
KVogler (S-1-5-21-1571443309-931790819-2916665362-1000 - Administrator - Enabled) => C:\Users\KVogler
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCIe GBE Family Controller #2
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/25/2014 10:25:24 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (09/24/2014 09:47:21 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (09/23/2014 01:26:11 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
 
Error: (09/22/2014 07:27:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Lagoon.scr, version: 1.0.40517.0, time stamp: 0x4a10ed29
Faulting module name: wmpeffects.dll, version: 12.0.7601.17514, time stamp: 0x4ce7ba83
Exception code: 0xc0000005
Fault offset: 0x0004a7ea
Faulting process id: 0x%9
Faulting application start time: 0xLagoon.scr0
Faulting application path: Lagoon.scr1
Faulting module path: Lagoon.scr2
Report Id: Lagoon.scr3
 
Error: (09/22/2014 00:52:52 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/22/2014 00:52:52 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/22/2014 00:52:52 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/22/2014 00:52:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (09/22/2014 00:52:51 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (09/22/2014 00:52:51 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
 
System errors:
=============
Error: (09/27/2014 04:37:24 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/27/2014 02:37:20 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/27/2014 02:07:19 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/27/2014 01:37:19 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/27/2014 00:37:16 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/27/2014 00:07:15 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/26/2014 10:07:11 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/26/2014 09:37:10 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/26/2014 07:37:06 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/26/2014 05:37:02 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-28 18:40:18.460
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-28 18:40:18.289
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-28 18:40:02.240
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-28 18:40:02.060
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-04-25 20:29:55.066
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-25 07:30:26.084
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-23 16:11:55.595
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-23 14:07:18.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-23 13:24:58.791
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-23 07:16:55.062
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 240e Processor
Percentage of memory in use: 62%
Total physical RAM: 3839.3 MB
Available physical RAM: 1424.62 MB
Total Pagefile: 7676.77 MB
Available Pagefile: 4625.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:683.81 GB) (Free:519.52 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:14.73 GB) (Free:1.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:29.82 GB) (Free:25.71 GB) FAT32
Drive g: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: F8E0DC38)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=683.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)
 
========================================================
Disk: 2 (Size: 29.8 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Users shortcut scan result (x64) Version: 27-09-2014
Ran by KVogler at 2014-09-27 08:55:17
Running from C:\Users\KVogler\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
 
 
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 7.0.lnk -> C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Photoshop Elements 7.0.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk -> C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Money 2007.lnk -> C:\Program Files (x86)\Microsoft Money 2007\MNYCoreFiles\msmoney.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk -> C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 5 Free\Mail FAX Order Form.lnk -> C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\order_form.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 5 Free\ScreenHunter 5.1 Free.lnk -> C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe (Wisdom Software Inc. )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 5 Free\ScreenHunter Help File.lnk -> C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 5 Free\Uninstall.lnk -> C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\UNWISE.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk -> C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2 Help.lnk -> C:\Program Files\Nikon\ViewNX 2\ViewNX 2\ViewNX2.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2 Readme.lnk -> C:\Program Files\Nikon\ViewNX 2\ViewNX 2\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2.lnk -> C:\Program Files\Nikon\ViewNX 2\ViewNX 2\ViewNX2.exe (Nikon Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Operating Specifications.lnk -> C:\hp\documentation\opspecs_WW.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety & Comfort Guide.lnk -> C:\hp\documentation\SCG_en-US.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety and Regulatory Information.lnk -> C:\hp\documentation\safetyreg_EN.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Riven\Manual.lnk -> C:\Program Files (x86)\Ubi Soft\Riven\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Riven\Register Riven.lnk -> C:\Program Files (x86)\Ubi Soft\Riven\UBI1.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Riven\Riven Readme.lnk -> C:\Program Files (x86)\Ubi Soft\Riven\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Riven\Riven.lnk -> C:\Program Files (x86)\Ubi Soft\Riven\Riven.exe (Ubi Soft Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Riven\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{D9577427-2D9D-4580-BDB3-FFDDE06A9554}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Interview with Rand Miller.lnk -> C:\Program Files (x86)\Ubi Soft\Myst Masterpiece Edition\rmiller.mov ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Manual.lnk -> C:\Program Files (x86)\Ubi Soft\Myst Masterpiece Edition\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Myst Masterpiece Edition Readme.lnk -> C:\Program Files (x86)\Ubi Soft\Myst Masterpiece Edition\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Myst Masterpiece Edition.lnk -> C:\Program Files (x86)\Ubi Soft\Myst Masterpiece Edition\Myst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Register Myst Masterpiece Edition.lnk -> C:\Program Files (x86)\Ubi Soft\Myst Masterpiece Edition\UBI1.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{7D1CE80E-3EAE-441E-BE97-625F9ABD07D9}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst III Exile\Manual.lnk -> C:\Program Files (x86)\Ubi Soft\Myst III Exile\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst III Exile\Myst III Exile Readme.lnk -> C:\Program Files (x86)\Ubi Soft\Myst III Exile\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst III Exile\Myst III Exile.lnk -> C:\Program Files (x86)\Ubi Soft\Myst III Exile\bin\M3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst III Exile\Register Myst III Exile.lnk -> C:\Program Files (x86)\Ubi Soft\Myst III Exile\bin\UBI1.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst III Exile\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{9F05B89E-2873-11D5-9E9D-0050DA1EA555}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection\Technical Support.lnk -> C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Support\EA Help\Technical Support.en_US.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection\The Sims 2 Ultimate Collection End User License Agreement.lnk -> C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Support\eula\en_US_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 2 Ultimate Collection\The Sims 2 Ultimate Collection.lnk -> C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Disc Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\CDCreator.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pen Tablet\Bamboo Properties.lnk -> C:\Windows\System32\PenTablet.cpl (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pen Tablet\Read Me.lnk -> C:\Program Files (x86)\Tablet\Pen\Read Me.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pen Tablet\Tutorial.lnk -> C:\Program Files (x86)\Tablet\Pen\Tutorial\Tutorial.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pen Tablet\User's Manual.lnk -> C:\Program Files (x86)\Tablet\Pen\User's Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete\PDF Complete.lnk -> C:\Program Files (x86)\PDF Complete\pdfvista.exe (PDF Complete Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP support information.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP Vision Diagnostics Disc Creation.lnk -> C:\Program Files\Hewlett-Packard\HP Vision Hardware Diagnostics\DiscCreation\disccreation.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Uninstall Origin.lnk -> C:\Program Files (x86)\Origin\OriginUninstall.exe (Electronic Arts, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2\Nikon Message Center 2 Help.lnk -> C:\Program Files (x86)\Nikon\Nikon Message Center 2\Localization\EN\NikonMessageCenter2_EN.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2\Nikon Message Center 2.lnk -> C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Touch Pack for Windows 7\Microsoft Blackboard.lnk -> C:\Windows\Installer\{8FF90DB8-6DED-44A3-B182-244FEC09012F}\Icon.Machine.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Touch Pack for Windows 7\Microsoft Garden Pond.lnk -> C:\Windows\Installer\{8FF90DB8-6DED-44A3-B182-244FEC09012F}\Icon.Ripple.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Touch Pack for Windows 7\Microsoft Rebound.lnk -> c:\Windows\Installer\{8FF90DB8-6DED-44A3-B182-244FEC09012F}\Icon.Haptik.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Touch Pack for Windows 7\Microsoft Surface Globe.lnk -> C:\Windows\Installer\{8FF90DB8-6DED-44A3-B182-244FEC09012F}\Icon.Globe.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LabelPrint.lnk -> C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Quick Demo.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\Quick Demo.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre8\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Photos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP TouchSmart.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter\SmartCenter.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\Hp\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP TouchSmart\HP TouchSmart DVD.lnk -> C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\Help.lnk -> C:\Program Files (x86)\Hp\HP Photosmart 5520 series\bin\HelpViewer\hpqlpvwr.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\Printer Setup & Software.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\Bin\DeviceSetupLauncher.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\Product Support Website.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\ProductSupportShortcut.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\Shop for Supplies.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\Bin\hpqDTSS.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\Wireless Printing Online Help.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\WirelessEasyShortcut.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\Uninstall HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP My Display TouchSmart Edition\HP My Display TouchSmart Edition.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP My Display TouchSmart Edition\dthtml.exe (Portrait Displays, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\AdvisorVideo.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\AdvisorVideo\Doc.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP\GIMP 2.lnk -> C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP\Uninstall.lnk -> C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJIFILM\MyFinePix Studio.lnk -> C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\Loader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJIFILM\Uninstall MyFinePix Studio.lnk -> C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk -> C:\Windows\Installer\{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}\Evernote.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\Kobo.lnk -> C:\Program Files (x86)\Kobo\Kobo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\PressReader.lnk -> C:\Program Files (x86)\NewspaperDirect\PressReader\PressReader.exe (NewspaperDirect)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\Zinio Reader 4.lnk -> C:\Program Files (x86)\Zinio Reader 4\Zinio Reader 4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit\EMET GUI.lnk -> C:\Windows\Installer\{1F7019BB-1C9A-4E54-9B59-1744629E63B1}\_993836BC7820C5AFA8B802.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enhanced Mitigation Experience Toolkit\EMET Users Guide.lnk -> C:\Windows\Installer\{1F7019BB-1C9A-4E54-9B59-1744629E63B1}\_DC9D78454E01C72B6C9C90.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7\doPDF Help.lnk -> C:\Program Files\Softland\doPDF 7\dopdf7.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7\doPDF.lnk -> C:\Program Files\Softland\doPDF 7\dopdf.exe (Softland)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7\Uninstall doPDF 7.lnk -> C:\Program Files\Softland\doPDF 7\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital DJ Pro\Manual.lnk -> C:\Program Files (x86)\Digital DJ Pro\Mixxx-Manual.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons\Coupons.com - Print Coupons.lnk -> C:\Program Files (x86)\Coupons\CouponsDotCom.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Color Efex Pro 3.0 Wacom Edition 3\Color Efex Pro 3.0 Wacom Edition 3 Uninstall.lnk -> C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Plug-Ins\Nik Software\Color Efex Pro 3.0 Wacom Edition 3\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Color Efex Pro 3.0 Wacom Edition 3\License Agreement.lnk -> C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Plug-Ins\Nik Software\Color Efex Pro 3.0 Wacom Edition 3\License.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Color Efex Pro 3.0 Wacom Edition 3\Read me.lnk -> C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Plug-Ins\Nik Software\Color Efex Pro 3.0 Wacom Edition 3\CEP 3.0 Install Help.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Color Efex Pro 3.0 Wacom Edition 3\User Guide.lnk -> C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Plug-Ins\Nik Software\Color Efex Pro 3.0 Wacom Edition 3\Help\pdf\Color Efex Pro 3.0 UG.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7\CamStudio.lnk -> C:\Program Files\CamStudio 2.7\Recorder.exe (CamStudio Group)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7\Uninstall CamStudio.lnk -> C:\Program Files\CamStudio 2.7\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Video Downloader\Video Downloader.lnk -> C:\Program Files (x86)\ArcSoft\Video Downloader\VideoDownloader.exe (ArcSoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Print Creations.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\Start ArcSoft Connect.lnk -> C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACStart.exe (ArcSoft Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon MP3 Downloader\Amazon MP3 Downloader.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\AmazonMP3Downloader.exe (Amazon.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon MP3 Downloader\Uninstall Amazon MP3 Downloader.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\CinemaNow\MediaManager\shortcuts\CinemaNow\CinemaNow Media Manager.lnk -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe (CinemaNow Inc.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk -> C:\Users\KVogler\AppData\Local\HuluDesktop\HuluDesktop.exe (Hulu LLC)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaylan\Links\Desktop.lnk -> C:\Users\KVogler\Desktop ()
Shortcut: C:\Users\Kaylan\Links\Downloads.lnk -> C:\Users\KVogler\Downloads ()
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk -> C:\Users\KVogler\AppData\Local\HuluDesktop\HuluDesktop.exe (Hulu LLC)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP TouchSmart.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter\SmartCenter.exe (Hewlett-Packard)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Kaylan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\Links\Desktop.lnk -> C:\Users\KVogler\Desktop ()
Shortcut: C:\Users\KVogler\Links\Downloads.lnk -> C:\Users\KVogler\Downloads ()
Shortcut: C:\Users\KVogler\Desktop\1.7.2-Forge10.12.0.977.lnk -> C:\Users\KVogler\AppData\Roaming\.minecraft\versions\1.7.2-Forge10.12.0.977\1.7.2-Forge10.12.0.977.jar ()
Shortcut: C:\Users\KVogler\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe ()
Shortcut: C:\Users\KVogler\Desktop\CD Drive - Shortcut.lnk -> E:\ ()
Shortcut: C:\Users\KVogler\Desktop\Evernote.lnk -> C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Shortcut: C:\Users\KVogler\Desktop\HP Scan (2).lnk -> C:\Program Files (x86)\Hp\HP Photosmart 5520 series\bin\HPScan.exe (Hewlett-Packard Co.)
Shortcut: C:\Users\KVogler\Desktop\HP Scan.lnk -> C:\Program Files (x86)\Hp\HP Photosmart 5520 series\bin\HPScan.exe (Hewlett-Packard Co.)
Shortcut: C:\Users\KVogler\Desktop\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company)
Shortcut: C:\Users\KVogler\Desktop\Pesterchum.lnk -> C:\Pesterchum\pesterchum.exe (No File)
Shortcut: C:\Users\KVogler\Desktop\ScreenHunter 5.1 Free.lnk -> C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe (Wisdom Software Inc. )
Shortcut: C:\Users\KVogler\Desktop\Smilebox.lnk -> C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxStarter.exe (No File)
Shortcut: C:\Users\KVogler\Desktop\Spotify - Copy.lnk -> C:\Users\KVogler\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
Shortcut: C:\Users\KVogler\Desktop\Spotify.lnk -> C:\Users\KVogler\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\ScreenHunter 5.1 Free.lnk -> C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe (Wisdom Software Inc. )
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk -> C:\Users\KVogler\AppData\Local\HuluDesktop\HuluDesktop.exe (Hulu LLC)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smilebox.lnk -> C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxStarter.exe (No File)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\KVogler\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files (x86)\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\SendTo\Evernote.lnk -> C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk -> C:\Users\KVogler\AppData\Roaming\Smilebox\SmileboxStarter.exe (No File)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP TouchSmart.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter\SmartCenter.exe (Hewlett-Packard)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Minecraft (2).lnk -> C:\Users\KVogler\Desktop\Minecraft (2).exe ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Minecraft.lnk -> C:\Users\KVogler\Downloads\Minecraft.exe ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\sai.lnk -> C:\Users\KVogler\Downloads\Sai 1.1.0 full + brushes\Sai 1.1.0\sai.exe ()
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Movie Maker 2.6.lnk -> C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\KVogler\AppData\Roaming\.minecraft\texturepacks\egg v2.lnk -> C:\Users\KVogler\Downloads\egg v2.zip ()
Shortcut: C:\Users\KVogler\AppData\Roaming\.minecraft\texturepacks\LB Photo Realism x32 10.0.0-converted-1374012771783.lnk -> C:\Users\KVogler\AppData\Roaming\.minecraft\resourcepacks\LB Photo Realism x32 10.0.0-converted-1374012771783.zip ()
Shortcut: C:\Users\KVogler\AppData\Local\Microsoft\Windows\GameExplorer\{DFD0ACA2-1FC0-4490-A60C-583BB32588FA}\PlayTasks\0\Play.lnk -> C:\eGames\Collectors_Edition\gbrowser.exe (eGames, Inc.)
Shortcut: C:\Users\Public\Desktop\Adobe Photoshop Elements 7.0.lnk -> C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\Photoshop Elements 7.0.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Adobe Reader X.lnk -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Amazon Cloud Player.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\Amazon Cloud Player.url ()
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\GIMP 2.lnk -> C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\Users\Public\Desktop\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk -> C:\Program Files (x86)\Hp\Diagnostics\PSDR\HPPSDr.exe ()
Shortcut: C:\Users\Public\Desktop\HP TouchSmart.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter\SmartCenter.exe (Hewlett-Packard)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\MyFinePix Studio.lnk -> C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\Loader.exe ()
Shortcut: C:\Users\Public\Desktop\Myst Masterpiece Edition.lnk -> C:\Program Files (x86)\Ubi Soft\Myst Masterpiece Edition\Myst.exe ()
Shortcut: C:\Users\Public\Desktop\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\Paint.NET.lnk -> C:\Program Files\Paint.NET\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\Users\Public\Desktop\Print Creations.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Riven.lnk -> C:\Program Files (x86)\Ubi Soft\Riven\Riven.exe (Ubi Soft Entertainment)
Shortcut: C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart 5520 series.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\Bin\hpqDTSS.exe (Hewlett-Packard Co.)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk -> C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\Users\Public\Desktop\Video Downloader.lnk -> C:\Program Files (x86)\ArcSoft\Video Downloader\VideoDownloader.exe (ArcSoft, Inc.)
Shortcut: C:\Users\Public\Desktop\ViewNX 2.lnk -> C:\Program Files\Nikon\ViewNX 2\ViewNX 2\ViewNX2.exe (Nikon Corporation)
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Download Store.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\HP Barnes & Noble Desktop eReader.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=onlinesvs&pf=cndt&locale=en_us&bd=all&c=104
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk -> C:\swsetup\APP\Applications\HP\HPPA\1.1\src\QuickLnk.exe (Hewlett-Packard Company) -> -exec /T:"c:\SWSETUP\APP\Applications\HP\HPPA\1.1\src\HPPA_Setup-1.1.1.5.exe" /L:"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2 Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {635BE602-BB9C-4C59-8CC5-93F9366E8A21}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company) -> -det
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek\Realtek HD Audio Manager.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> shell32.dll,Control_RunDLL RTSnMg64.cpl,,
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {111EE7DF-FC45-40C7-98A7-753AC46B12FB} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pen Tablet\Bamboo Preference File Utility.lnk -> C:\Program Files (x86)\Tablet\Pen\Remove.exe (Wacom Technology, Corp.) -> /p
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\getonline.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=GETONLINE
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Touch Pack for Windows 7\Microsoft Surface Lagoon.lnk -> C:\Program Files (x86)\Microsoft Touch Pack for Windows 7\FirstRun.exe (Microsoft Corporation) -> /lagoon
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Getting Started.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe (Hewlett-Packard Company) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre8\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre8\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Reminders.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\HP Photosmart 5520 series.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\Bin\HP Photosmart 5520 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\HP Product Improvement Study.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\Bin\HPCustPartic.exe (Hewlett-Packard Co.) -> /changesettings /UA 11.0 /DDV 0x0a00
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /qb /x {68C0736C-3E47-43A6-B14D-236BEF198A5F}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 5520 series\Update IP Address.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\Bin\DeviceSetup.exe (Hewlett-Packard Co.) -> /changeip ""
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HP Setup.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> DESKTOP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HPAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCAlerts.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_ACTION_CENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDashboard.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_HEALTH_SECURITY TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDiscovery.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=ECENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDock.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) -> -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth .lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\-  HP Game Console  -.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe" /src gamesmenuoem 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Airport Mania.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Airport Mania\AirportMania-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All MMO Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Touch Friendly Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - touch\provider.exe (WildTangent) -> /id=a4716442-59ac-4657-b782-124436d3e105 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Ancient Hearts.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Ancient Hearts\Ancient Hearts-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Azteca.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Azteca\Azteca-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bob the Builder Can-Do-Zoo.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bob the Builder Can-Do-Zoo\BobTheBuilder Zoo-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bounce Symphony.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bounce Symphony\bounce-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Build-a-lot.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Build-a-lot\Build-a-lot-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chuzzle Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Diner Dash 2 Restaurant Rescue.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dora's Carnival Adventure.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\dora-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dora's World Adventure.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Dora's World Adventure\DoraAdventure-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FATE.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Gem Shop.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Gem Shop\GemShop-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Quest Solitaire 2.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\JQSolitaire2-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mah Jong Medley.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Mah Jong Medley\MahJong2-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from HP Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Penguins!.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Golfer.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Polar Golfer\golf-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Skip-Bo - Castaway Caper.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Skip-Bo - Castaway Caper\SKIP-BO Castaway Caper-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Slingo Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Virtual Villagers - The Secret City.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Where's Waldo The Fantastic Journey.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Where's Waldo The Fantastic Journey\Waldo[Windows]-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma-WT.exe" /launchgc /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons\Uninstall Coupon Printer for Windows.lnk -> C:\Program Files (x86)\Coupons\uninstall.exe (Indigo Rose Corporation) -> "/U:C:\Program Files (x86)\Coupons\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Advanced.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Dashboard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC - Wizard.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Wizard
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\CCC.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start CCC
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Restart Runtime.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) -> Restart
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Album Page.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 85
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Brochures & Flyers.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 343
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Funhouse II.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 251
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Funhouse.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 89
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Half-Fold Greeting Card.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 84
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Order Calendar.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 86 /O
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Order Photo Book.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 91 /O
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Photo Book.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 91
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Photo Calendar.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 86
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Photo Print.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 90
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Poster Creator.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 345
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Quarter-Fold Greeting Card.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 92
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Scrapbook.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 150
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Slimline Card.lnk -> C:\Program Files (x86)\ArcSoft\Print Creations\PrintCreations.exe (ArcSoft, Inc.) -> /M 164
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect\View My ArcSoft Info.lnk -> C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACRun.exe (ArcSoft Inc.) -> ProductInfo.ac
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{fdf91770-af7e-4c8d-bfd2-b40f6a1b7481}\PlayTasks\0\Zuma Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{f64371e9-e863-40ab-8ecd-dbd1e79683bf}\PlayTasks\0\Plants vs. Zombies.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Plants vs. Zombies\Plants vs. Zombies-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{f41abb66-f415-4c77-a2ae-917b23460332}\PlayTasks\0\FATE.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{ec48fed1-0f17-42d6-a3de-451b15d02e28}\PlayTasks\0\Skip-Bo - Castaway Caper.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Skip-Bo - Castaway Caper\SKIP-BO Castaway Caper-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{ea8fe479-489b-40fb-aa0c-96f4fdb48846}\PlayTasks\0\Airport Mania.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Airport Mania\AirportMania-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{e5541345-a785-4e1e-906e-5bf6068ba4c0}\PlayTasks\0\Chuzzle Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Chuzzle Deluxe\Chuzzle Deluxe-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{cff26f40-5eac-459a-a35e-447386a4612a}\PlayTasks\0\Azteca.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Azteca\Azteca-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{ca09659c-b1d0-44d1-9556-34a098c464ad}\PlayTasks\0\Jewel Quest Solitaire 2.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Jewel Quest Solitaire 2\JQSolitaire2-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{c74d277e-834c-48ca-824d-f4f81f44f21e}\PlayTasks\0\Slingo Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{c72b7369-81ff-40fb-8294-f5006edf73ef}\PlayTasks\0\Bob the Builder Can-Do-Zoo.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bob the Builder Can-Do-Zoo\BobTheBuilder Zoo-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{bd4b5b33-e05f-4ba5-b182-f1ff7ea5c382}\PlayTasks\0\Dora's Carnival Adventure.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Dora's Carnival Adventure\dora-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{a4716442-59ac-4657-b782-124436d3e105}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - touch\provider.exe (WildTangent) -> /id=a4716442-59ac-4657-b782-124436d3e105 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{9e81298d-ecad-4464-b46d-0ffb96e1d270}\PlayTasks\0\Mah Jong Medley.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Mah Jong Medley\MahJong2-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{9d36fecf-a272-4632-a018-906223216b09}\PlayTasks\0\Polar Bowler.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Polar Bowler\Polar-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{9c57dc32-44bf-4dad-8cce-4d334f4f725a}\PlayTasks\0\Dora's World Adventure.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Dora's World Adventure\DoraAdventure-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{9b9b12f2-7e8f-4fe3-8365-8998b415574d}\PlayTasks\0\Polar Golfer.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Polar Golfer\golf-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{93c5e4ca-9d35-4bd8-95b1-c7327601d483}\PlayTasks\0\Penguins!.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Penguins!\penguins-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{8dde8af6-a947-49ea-8858-e46765d3acb9}\PlayTasks\0\Bounce Symphony.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bounce Symphony\bounce-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{7a9c8176-242d-4ac6-8252-dc55f748e3a7}\PlayTasks\0\Where's Waldo The Fantastic Journey.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Where's Waldo The Fantastic Journey\Waldo[Windows]-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5fe74c0f-3b4e-4d19-ba1a-45d1ca676438}\PlayTasks\0\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4c920d20-e737-4cb3-9019-8dd1755ee254}\PlayTasks\0\Gem Shop.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Gem Shop\GemShop-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4c62c261-4bc4-4df9-9107-4f91e6a38018}\PlayTasks\0\Diner Dash 2 Restaurant Rescue.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4a352321-1ed2-4024-a166-65e6b23fce8f}\PlayTasks\0\Ancient Hearts.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Ancient Hearts\Ancient Hearts-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{203727b9-3ead-4178-bb5e-eaaf7beb9d38}\PlayTasks\0\Virtual Villagers - The Secret City.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{0f8ecab3-81e7-4900-87ab-0b1cdc6bc1eb}\PlayTasks\0\Build-a-lot.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Build-a-lot\Build-a-lot-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallApp
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /DelRP
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallDriver
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /RecoveryReport
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /CDCreator
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\HP Setup\launchreg.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=Registration
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\base\launch_base.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=GETONLINE
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Kaylan\Desktop\eGames.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) ->  "C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eGames"
ShortcutWithArgument: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Kaylan\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Kaylan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\Users\Kaylan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\KVogler\Desktop\eGames.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) ->  "C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eGames"
ShortcutWithArgument: C:\Users\KVogler\Desktop\Play HP Games.lnk -> C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe (WildTangent, Inc.) -> /src desktoptpd
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina – Print Savings\Uninstall Catalina Savings Printer.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {37331C16-3E97-4A20-80D8-BFB43AB0E2FB}
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Play HP Games.lnk -> C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe (WildTangent, Inc.) -> /src desktoptpd
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\KVogler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\70f62c6a7f1739bd\pinned.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %systemRoot%\system32\shell32.dll,Options_RunDLL 1
ShortcutWithArgument: C:\Users\KVogler\AppData\Local\Microsoft\Windows\GameExplorer\{cff26f40-5eac-459a-a35e-447386a4612a}\PlayTasks\0\Azteca.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Azteca\Azteca-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\Users\KVogler\AppData\Local\Microsoft\Windows\GameExplorer\{8dde8af6-a947-49ea-8858-e46765d3acb9}\PlayTasks\0\Bounce Symphony.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bounce Symphony\bounce-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\Users\KVogler\AppData\Local\Microsoft\Windows\GameExplorer\{7a9c8176-242d-4ac6-8252-dc55f748e3a7}\PlayTasks\0\Where's Waldo The Fantastic Journey.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Where's Waldo The Fantastic Journey\Waldo[Windows]-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\Users\KVogler\AppData\Local\Microsoft\Windows\GameExplorer\{5fe74c0f-3b4e-4d19-ba1a-45d1ca676438}\PlayTasks\0\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Bejeweled 2 Deluxe\Bejeweled2-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\Users\KVogler\AppData\Local\Microsoft\Windows\GameExplorer\{4c62c261-4bc4-4df9-9107-4f91e6a38018}\PlayTasks\0\Diner Dash 2 Restaurant Rescue.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Diner Dash 2 Restaurant Rescue-WT.exe" /launchgc /src gameexploreroem
ShortcutWithArgument: C:\Users\KVogler\AppData\Local\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\Users\Public\Desktop\HP Photosmart 5520 series.lnk -> C:\Program Files\hp\HP Photosmart 5520 series\Bin\HP Photosmart 5520 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage
 
 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Riven\Cyan web site.url -> hxxp://www.cyanworlds.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Riven\Ubi Soft web site.url -> hxxp://www.ubi.com/us/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Cyan web site.url -> hxxp://www.cyanworlds.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst Masterpiece Edition\Ubi Soft web site.url -> hxxp://www.ubi.com/us/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst III Exile\Cyan web site.url -> hxxp://www.cyanworlds.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Myst III Exile\Ubi Soft web site.url -> hxxp://www.ubi.com/us/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon\Camera Control Pro download – 30-day free trial.url -> hxxp://9k3x1jrq3kwx.nikonimaging.com/crosspoint/jump.cgi?R=nsa&L=en&O=w&P=CCPTRI
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon\Capture NX download – 60-day free trial.url -> hxxp://9k3x1jrq3kwx.nikonimaging.com/crosspoint/jump.cgi?R=nsa&L=en&O=w&P=NCAPTURE
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon\my Picturetown.url -> hxxp://9k3x1jrq3kwx.nikonimaging.com/crosspoint/jump.cgi?R=nsa&L=en&O=w&P=PITUTN
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon\Nikon Imaging website.url -> hxxp://www.nikonusa.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon\Nikon RAW Codec – NEF Codec download.url -> hxxp://9k3x1jrq3kwx.nikonimaging.com/crosspoint/jump.cgi?R=nsa&L=en&O=w&P=WINRCODE
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon\Online user registration.url -> hxxp://www.nikonusa.com/register
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7\CamStudio on the Web.url -> hxxp://camstudio.org
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\ArcSoft Products and Bonus Offers.url -> hxxp://www.arcsoft.com/public/download/download_group.asp?DlType=0&productType=RETAIL&gmid=arcsoft-printcreations-30-091201-web
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Print Creations\Try Online.url -> hxxp://printcreations.arcsoft.com/online/
InternetURL: C:\Users\Default\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\Login My Job Chart.url -> hxxp://www.myjobchart.com/new/login/family
InternetURL: C:\Users\Kaylan\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Kaylan\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Kaylan\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Kaylan\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Kaylan\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Kaylan\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Kaylan\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Kaylan\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Kaylan\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Kaylan\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Kaylan\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Kaylan\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Kaylan\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Kaylan\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Kaylan\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Kaylan\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\Kaylan\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\Kaylan\Favorites\Links\Goldfish & Lvl1Critters! - YouTube.url -> hxxp://www.youtube.com/watch?v=0t5BY2XKw-A&feature=feedu
InternetURL: C:\Users\Kaylan\Favorites\Links\HP - See What's Hot.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=webslice&tp=iefavbar&pf=cndt&locale=en_us&bd=pavilion&c=104
InternetURL: C:\Users\Kaylan\Favorites\Links\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=myhpgames&tp=iefavbar&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\Links\iScribble.url -> hxxp://www.iscribble.net/draw.html
InternetURL: C:\Users\Kaylan\Favorites\Links\Login My Job Chart.url -> hxxp://www.myjobchart.com/new/login/family
InternetURL: C:\Users\Kaylan\Favorites\Links\Put this on my desktop.url -> hxxp://www.weather.com/services/desktop.html
InternetURL: C:\Users\Kaylan\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
InternetURL: C:\Users\Kaylan\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Kaylan\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\All Secret Restaurant Recipes.url -> hxxp://allsecretrestaurantrecipes.com/applebees-recipes/applebees-garlic-mashed-potatoes-recipe/
InternetURL: C:\Users\KVogler\Favorites\Catawba Queen  Queen's Landing - Lake Norman, NC.url -> hxxp://www.queenslanding.com/queenslanding/catawba-queen/
InternetURL: C:\Users\KVogler\Favorites\Class Creator Davie High 1986 Reunion Web Site.url -> hxxp://www.classcreator.com/Mocksville-NC-Davie-1986/class_admin_members_upload.cfm
InternetURL: C:\Users\KVogler\Favorites\Credit Cards from Citi Cards  Compare and Apply Online - Citi.com Credit Cards.url -> https://creditcards.citi.com/
InternetURL: C:\Users\KVogler\Favorites\Davie County, NC.url -> hxxp://www.daviecountyblog.com/
InternetURL: C:\Users\KVogler\Favorites\davie high alumni site classcreator.com.url -> hxxp://www.classcreator.com/Mocksville-NC-Davie-1986/member_logout.cfm
InternetURL: C:\Users\KVogler\Favorites\Davie High Bands - Home.url -> hxxp://www.daviehighbands.com/home.htm
InternetURL: C:\Users\KVogler\Favorites\Delta Dental - Dentist Search.url -> https://www.deltaden...ntistSearchForm
InternetURL: C:\Users\KVogler\Favorites\Fairway Independent Mortgage Corp. NMLS Entity ID#2289  Home.url -> hxxp://www.loanbyashley.com/default.aspx
InternetURL: C:\Users\KVogler\Favorites\Flea Preventatives for Dogs and Cats - 1800PetMeds.url -> hxxp://www.1800petmeds.com/category.jsp?trail=1:cat50&addFacet=3:20.00-50.00
InternetURL: C:\Users\KVogler\Favorites\ForsythTech - How To Register For Classes.url -> hxxp://www.forsythtech.edu/cce/how-to-register-for-classes
InternetURL: C:\Users\KVogler\Favorites\Front Page - Davie County Arts Council.url -> hxxp://www.daviearts.org/index.php
InternetURL: C:\Users\KVogler\Favorites\Gift Ideas for Flutists  flutetunes.com.url -> hxxp://www.flutetunes.com/reviews.php
InternetURL: C:\Users\KVogler\Favorites\http--alamb.cruiseone.com-travel-promotion-special-cruises.do.url -> hxxp://alamb.cruiseone.com/travel/promotion/special-cruises.do
InternetURL: C:\Users\KVogler\Favorites\http--travelsneakpeek.com-.url -> hxxp://travelsneakpeek.com/
InternetURL: C:\Users\KVogler\Favorites\Jeff Davis County Clerk's Office Georgia.url -> hxxp://www.county-clerk.net/countyclerk.asp?state=Georgia&county=Jeff%20Davis
InternetURL: C:\Users\KVogler\Favorites\Mema's Hamburger Macaroni Casserole Goulash) Recipe - Food.com - 263239.url -> hxxp://www.food.com/recipe/memas-hamburger-macaroni-casserole-goulash-263239
InternetURL: C:\Users\KVogler\Favorites\Motel 6 - Wilmington - New Castle, DE Amenities.url -> hxxp://www.motel6.com/reservations/motel_amenities.aspx?num=403&VID=&NOA=&aDate=&dDate=&BTR=&BTRSID=&CP=&TA=
InternetURL: C:\Users\KVogler\Favorites\North Carolina Marriage License Information.url -> hxxp://marriage.about.com/cs/marriagelicenses/p/northcarolina.htm
InternetURL: C:\Users\KVogler\Favorites\Pin It.url -> hxxp://pinterest.com/about/goodies/
InternetURL: C:\Users\KVogler\Favorites\Review Your Mobile Home Listings.url -> hxxp://www.mhvillage.com/MyAccount/Listings.php
InternetURL: C:\Users\KVogler\Favorites\Time Warner Cable  Time Warner Cable  East.url -> hxxp://www.timewarnercable.com/East/support/clu/clu.ashx?CLUID=633&Image1=&Zip=27028
InternetURL: C:\Users\KVogler\Favorites\Time Warner Cable - MyServices.url -> https://myservices.t...arnercable.com/
InternetURL: C:\Users\KVogler\Favorites\Watch TV Online - Full Episodes.url -> hxxp://www.casttv.com/shows
InternetURL: C:\Users\KVogler\Favorites\YouTube - Dale Jr Snake Prank.url -> hxxp://www.youtube.com/watch?v=2kAuOB_iJo4
InternetURL: C:\Users\KVogler\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\KVogler\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\KVogler\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\KVogler\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\KVogler\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\KVogler\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\KVogler\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\KVogler\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\KVogler\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\KVogler\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\KVogler\Favorites\Moving Company Jops\Find an Agent  Allied Van Lines.url -> hxxp://www.allied.com/find-an-agent.aspx
InternetURL: C:\Users\KVogler\Favorites\Moving Company Jops\Motel 6 - Wilmington - New Castle, DE Amenities.url -> hxxp://www.motel6.com/reservations/motel_amenities.aspx?num=403&VID=&NOA=&aDate=&dDate=&BTR=&BTRSID=&CP=&TA=
InternetURL: C:\Users\KVogler\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\KVogler\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\KVogler\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\KVogler\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\KVogler\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\KVogler\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\KVogler\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\KVogler\Favorites\Links\1800Flowers.com.url -> https://ww10.1800flo...tomerwelcome.do
InternetURL: C:\Users\KVogler\Favorites\Links\800 S Salisbury St, Mocksville, NC 27028 to 2403 Willowbrook Dr, Matthews, NC 28104 - Google Maps.url -> hxxp://maps.google.com/maps?hl=en&tab=wl
InternetURL: C:\Users\KVogler\Favorites\Links\AK McCallum Co. - Boats.url -> hxxp://www.akmccallumco.com/
InternetURL: C:\Users\KVogler\Favorites\Links\amazon.com Here for a Good Time George Strait Music.url -> hxxp://www.amazon.com/Here-Good-Time-George-Strait/dp/B005CGN1TE/ref=sr_1_1?s=music&ie=UTF8&qid=1331993980&sr=1-1
InternetURL: C:\Users\KVogler\Favorites\Links\Anne Stokes  Art Gallery (www.annestokes.com).url -> hxxp://www.annestokes.com/contact.htm
InternetURL: C:\Users\KVogler\Favorites\Links\classiccars.com Thousands of Classic Cars and Muscle Cars for Sale.url -> hxxp://classiccars.com/home.html
InternetURL: C:\Users\KVogler\Favorites\Links\Convert YouTube to MP3, Get MP3 from YouTube video, FLV to MP3, extract audio from YouTube, YouTube MP3 - ListenToYouTube.url -> hxxp://www.listentoyoutube.com/
InternetURL: C:\Users\KVogler\Favorites\Links\Dixie Boat For Sale!!.url -> hxxp://winstonsalem.craigslist.org/boa/2952282901.html
InternetURL: C:\Users\KVogler\Favorites\Links\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=myhpgames&tp=iefavbar&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\Links\http--fohn.net-tiger-pictures-facts-tiger-regal-800x600.url -> hxxp://fohn.net/tiger-pictures-facts/tiger-regal-800x600.jpg
InternetURL: C:\Users\KVogler\Favorites\Links\http--thebest404pageever.com-swf-Two_Best_Friends_Play_Sburb.url -> hxxp://thebest404pageever.com/swf/Two_Best_Friends_Play_Sburb.swf
InternetURL: C:\Users\KVogler\Favorites\Links\http--www.annestokes.com-fantasy-full-water%20dragon.jpg.url -> hxxp://www.annestokes.com/fantasy/full/water%20dragon.jpg
InternetURL: C:\Users\KVogler\Favorites\Links\http--www.spineandscoliosisdocs.com-uploads-Triad%20Biz%20Journal%20eprint.url -> hxxp://www.spineandscoliosisdocs.com/uploads/Triad%20Biz%20Journal%20eprint.pdf
InternetURL: C:\Users\KVogler\Favorites\Links\iScribble.url -> hxxp://www.iscribble.net/draw.html
InternetURL: C:\Users\KVogler\Favorites\Links\Kaylan - Tinychat.url -> hxxp://tinychat.com/glaceh
InternetURL: C:\Users\KVogler\Favorites\Links\MS Paint Adventures (2).url -> hxxp://www.mspaintadventures.com/scratch.php?s=6&p=005957
InternetURL: C:\Users\KVogler\Favorites\Links\MS Paint Adventures (4).url -> hxxp://www.mspaintadventures.com/?s=6&p=006479
InternetURL: C:\Users\KVogler\Favorites\Links\MS Paint Adventures.url -> hxxp://www.mspaintadventures.com/?s=6&p=002216
InternetURL: C:\Users\KVogler\Favorites\Links\Peregrine Falcon - Animal Database.url -> hxxp://animals.wikia.com/wiki/Peregrine_Falcon
InternetURL: C:\Users\KVogler\Favorites\Links\Pin It.url -> hxxp://pinterest.com/about/goodies/
InternetURL: C:\Users\KVogler\Favorites\Links\Robe à la Française - Fashion, Costume, and Culture Clothing, Headwear, Body Decorations, and Footwear through the Ages.url -> hxxp://www.fashionencyclopedia.com/fashion_costume_culture/European-Culture-18th-Century/Robe-la-Fran-aise.html
InternetURL: C:\Users\KVogler\Favorites\Links\Ruth Thompson Monarch - Dragon’s Lair RRA.url -> hxxp://redrooart.com/dragon-s-lair/monarch.html
InternetURL: C:\Users\KVogler\Favorites\Links\Sack-back gown - Wikipedia, the free encyclopedia.url -> hxxp://en.wikipedia.org/wiki/Sack-back_gown
InternetURL: C:\Users\KVogler\Favorites\Links\Sbarg.url -> hxxp://sbarg.tumblr.com/
InternetURL: C:\Users\KVogler\Favorites\Links\Stay-at-Home Artist stencil with freezer paper (harry potter tee)...url -> hxxp://www.stayathomeartist.com/2011/07/stencil-with-freezer-paper-harry-potter.html
InternetURL: C:\Users\KVogler\Favorites\Links\Stuck on Homestuck Cosplay, Jade Master Guide.url -> hxxp://homestuckcosplayhelp.tumblr.com/post/11417994496/jade-master-guide
InternetURL: C:\Users\KVogler\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
InternetURL: C:\Users\KVogler\Favorites\Links\The Midsummer Knight's Dream. Home of the original fantasy pet, the Woodbaby the Fantasy Puppet.url -> hxxp://www.fantasypuppet.com/index.htm
InternetURL: C:\Users\KVogler\Favorites\Links\topatoco Dave's Broken Record Shirt.url -> hxxp://www.topatoco.com/merchant.mvc?Screen=PROD&Store_Code=TO&Product_Code=MSPA-BROKEN&Category_Code=MSPA
InternetURL: C:\Users\KVogler\Favorites\Links\topatoco Green Slime Ghost Shirt.url -> hxxp://www.topatoco.com/merchant.mvc?Screen=PROD&Store_Code=TO&Product_Code=MSPA-GHOST-SHIRT&Category_Code=MSPA-SHIRTS
InternetURL: C:\Users\KVogler\Favorites\Links\Web Clipper Bookmarklet.url -> javascript:(function(){EN_CLIP_HOST='hxxp://www.evernote.com';try{var%20x=document.createElement('SCRIPT');x.type='text/javascript';x.src=EN_CLIP_HOST+'/public/bookmarkClipper.js?'+(new%20Date().getTime()/100000);document.getElementsByTagName('head')[0].appendChild(x);}catch(e){location.href=EN_CLIP_HOST+'/clip.action?url='+encodeURIComponent(location.href)+'&title='+encodeURIComponent(document.title);}})();
InternetURL: C:\Users\KVogler\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\KVogler\Favorites\Links\Welcome to Davie County Schools.url -> hxxp://www.sdms.davie.k12.nc.us//views/team7.cfm
InternetURL: C:\Users\KVogler\Favorites\Links\【Lu rebellious road repair】Short Cosplay Black Wig  eBay.url -> hxxp://www.ebay.com/itm/Lu-rebellious-road-repair-Short-Cosplay-Black-Wig-/160633666150?pt=US_CSA_MWA_Wigs_Extensions&hash=item2566833a66
InternetURL: C:\Users\KVogler\Favorites\Jobs\Asurion.. offering virtual jobs in customer service!.url -> hxxp://www.findingworkathomejobs.com/asurion.html
InternetURL: C:\Users\KVogler\Favorites\Jobs\Asurion.url -> https://asurion.grea...utAction.action
InternetURL: C:\Users\KVogler\Favorites\Jobs\Virtual Jobs for us all!.url -> hxxp://www.findingworkathomejobs.com/virtual-jobs.html
InternetURL: C:\Users\KVogler\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\KVogler\Favorites\Homes\292 Rollingwood Dr.url -> hxxp://liveoakgroup.com/listing/coming-soon/292-rollingwood-dr-mocksville-nc
InternetURL: C:\Users\KVogler\Favorites\Homes\Bankrate.com.url -> hxxp://www.bankrate.com/
InternetURL: C:\Users\KVogler\Favorites\Homes\Loan prequalification calculator.url -> hxxp://www.bankrate.com/calculators/home-equity/loan-pre-qualification-calculator.aspx
InternetURL: C:\Users\KVogler\Favorites\Homes\Mortgage Rates in Greensboro-Winston Salem-High Pt, North Carolina by Bankrate.url -> hxxp://www.bankrate.com/funnel/mortgages/mortgage-results.aspx?loan=150000&market=80&points=Zero&perc=5&fico=700
719&prods=1
InternetURL: C:\Users\KVogler\Favorites\Homes\Mortgages  Corning Credit Union.url -> https://corningcu.mo...ation.asp?PID=1
InternetURL: C:\Users\KVogler\Favorites\Homes\Wells Fargo Home Mortgage Program - Public Site Forms.url -> https://mortgage.wel...0&dm=DMIGP7AU5D
InternetURL: C:\Users\KVogler\Favorites\Couponing\All You Insert Card Subscription Offer.url -> https://subscription...ml?link=1002582
InternetURL: C:\Users\KVogler\Favorites\Couponing\Cleverly Simple Couponing Site.url -> hxxp://www.cleverlysimple.com/
InternetURL: C:\Users\KVogler\Favorites\Couponing\CoolSavings.com.url -> hxxp://dealseekingmom.com/printablecoupons/coolsavings
InternetURL: C:\Users\KVogler\Favorites\Couponing\Coupon Network.url -> hxxp://www.couponnetwork.com/personal-care-coupons
InternetURL: C:\Users\KVogler\Favorites\Couponing\Coupons, Grocery Coupons - The Grocery Game - Free Coupons, Free Grocery Coupons - The Grocery Game - Free Trial.url -> https://www.thegroce...?trialZip=27028
InternetURL: C:\Users\KVogler\Favorites\Couponing\Coupons.com on Deal Seeking Mom  Real Deals for Real Moms.url -> hxxp://dealseekingmom.com/coupons-com/
InternetURL: C:\Users\KVogler\Favorites\Couponing\Free Aussie & Herbal Essences Coupons on Facebook!  Southern Savers – Couponing Ads, Frugal Living, Online Savings & Fun.url -> hxxp://www.southernsavers.com/2011/06/free-aussie-coupon-on-facebook/
InternetURL: C:\Users\KVogler\Favorites\Couponing\http--www.couponmom.com-.url -> hxxp://www.couponmom.com/
InternetURL: C:\Users\KVogler\Favorites\Couponing\Money Saving Mom®.url -> hxxp://moneysavingmom.com/2011/06/free-full-sized-aussie-hair-product-coupon-facebook-offer.html
InternetURL: C:\Users\KVogler\Favorites\Couponing\NC Coupon Deals - Find Deals and Freebies in Central NC and All Over the Internet.url -> hxxp://www.nccoupondeals.com/
InternetURL: C:\Users\KVogler\Favorites\Couponing\New and confusedStacking Printable Store Coupons with Manufacturer coupons - HotCouponWorld.url -> hxxp://www.hotcouponworld.com/forums/couponing-basics/409919-new-confused-stacking-printable-store-coupons-manufacturer-coupons.html
InternetURL: C:\Users\KVogler\Favorites\Couponing\RedPlum on Deal Seeking Mom  Real Deals for Real Moms.url -> hxxp://dealseekingmom.com/redplum/
InternetURL: C:\Users\KVogler\Favorites\Couponing\RedPlum.com.url -> hxxp://www.redplum.com/coupons.aspx?t1id=1118&t2id=2167&t1=grocery&t2=meat+%26+poultry
InternetURL: C:\Users\KVogler\Favorites\Couponing\savvydollar.org -coupon schedule 2012.url -> hxxp://www.savvydollar.org/viewtopic.php?f=9&t=17202
InternetURL: C:\Users\KVogler\Favorites\Couponing\SmartSource on Deal Seeking Mom  Real Deals for Real Moms.url -> hxxp://dealseekingmom.com/smartsource/
InternetURL: C:\Users\KVogler\Favorites\Couponing\Target Printable Coupons.url -> hxxp://www.target.com/np/affiliate-redirect/-/N-5n5q5?dest=http%3A%2F%2Fcoupons.target.com&wait=2000&ref=tgt_adv_xasd0001&AFID=Performics_Deal%20Seeking%20Mom&LNM=Target's%20Printable%20Grocery%20Coupons
InternetURL: C:\Users\KVogler\Favorites\Couponing\{Expired} Free full-sized Aussie hair product coupon (Facebook offer)  Money Saving Mom®.url -> hxxp://moneysavingmom.com/2011/06/free-full-sized-aussie-hair-product-coupon-facebook-offer.html
InternetURL: C:\Users\KVogler\Favorites\Bill Paying Sites\Belk Rewards Card.url -> https://www.belkcred...ccountType=plcc
InternetURL: C:\Users\KVogler\Favorites\Bill Paying Sites\Conexion...Service. Support. Success!.url -> https://www.conexion...s/Complete.aspx
InternetURL: C:\Users\KVogler\Favorites\Bill Paying Sites\Guitar Center - Signed Off Online Customer Care.url -> https://www.hrsaccou...Logoff=&org=632
InternetURL: C:\Users\KVogler\Favorites\Bill Paying Sites\My Kohl's Charge.url -> https://credit.kohls...CE.RX_LOGIN.GBL
InternetURL: C:\Users\KVogler\Favorites\Bill Paying Sites\North Carolina - North Carolina - Duke Energy.url -> https://www.duke-ene...th-carolina.asp
InternetURL: C:\Users\KVogler\Documents\xMWa3.3G\Cellphone Wallpaper\Dream requency - at Download.com.URL -> hxxp://download.cnet.com/windows/dream-frequency/3260-20_4-6275524.html
InternetURL: C:\Users\KVogler\Documents\xMWa3.3G\Cellphone Wallpaper\requency Artwork Wallpaper - Website.URL -> hxxp://artworkwallpaper.com/
InternetURL: C:\Users\KVogler\Documents\xMWa3.3G\Cellphone Wallpaper\requency Wallpaper - Free Support.URL -> hxxp://dreamfrequency.com/support/
InternetURL: C:\Users\KVogler\Documents\xMWa3.3G\Cellphone Wallpaper\requency Wallpaper - Mousepads+.URL -> hxxp://frequencyinc.deviantart.com/store/
InternetURL: C:\Users\KVogler\Documents\Kim Old Samsung Galaxy Cell Phone Items\download\xMWa3.3G\Cellphone Wallpaper\Dream requency - at Download.com.URL -> hxxp://download.cnet.com/windows/dream-frequency/3260-20_4-6275524.html
InternetURL: C:\Users\KVogler\Documents\Kim Old Samsung Galaxy Cell Phone Items\download\xMWa3.3G\Cellphone Wallpaper\requency Artwork Wallpaper - Website.URL -> hxxp://artworkwallpaper.com/
InternetURL: C:\Users\KVogler\Documents\Kim Old Samsung Galaxy Cell Phone Items\download\xMWa3.3G\Cellphone Wallpaper\requency Wallpaper - Free Support.URL -> hxxp://dreamfrequency.com/support/
InternetURL: C:\Users\KVogler\Documents\Kim Old Samsung Galaxy Cell Phone Items\download\xMWa3.3G\Cellphone Wallpaper\requency Wallpaper - Mousepads+.URL -> hxxp://frequencyinc.deviantart.com/store/
InternetURL: C:\Users\Public\Desktop\ArcSoft Products and Bonus Offers.url -> hxxp://www.arcsoft.com/public/download/download_group.asp?DlType=0&productType=RETAIL&gmid=arcsoft-printcreations-30-091201-web
InternetURL: C:\Users\Public\Desktop\Ubi Soft Web Site.url -> hxxp://www.ubi.com/us/
 
==================== End of log =============================
 

  • 0

#13
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
  • Step One Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
      CHR Extension: (A Quotation) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpinjhlpmg [2013-08-13]
      CHR Extension: (YOUZEEK Free Music) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce [2013-08-13]
      CHR Extension: (Last updated at $time$ on $date$) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-12]
      CHR Extension: (Fun Switcher) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2013-08-13]
      CHR Extension: (Read Later Fast) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2013-08-13]
      CHR Extension: (Who defriended me?) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcnpokbajkllnoffpnidngefobkpglbg [2013-08-13]
      2014-09-21 17:17 - 2014-09-21 17:18 - 00000000 ____D () C:\Users\KVogler\Documents\asdfghjkl
      2014-09-09 23:10 - 2014-09-09 23:32 - 00011097 _____ () C:\Users\KVogler\Documents\Grocery Price Book.xlsx
      2014-09-09 15:31 - 2014-09-09 15:31 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\Incline Software
      2014-09-09 10:36 - 2014-09-09 10:36 - 02072488 _____ (Coupons.com Incorporated) C:\Users\KVogler\Downloads\CouponPrinter (4).exe
      2014-09-09 10:35 - 2014-09-09 10:35 - 02072488 _____ (Coupons.com Incorporated) C:\Users\KVogler\Downloads\CouponPrinterCPS.exe
      2014-09-22 12:50 - 2013-08-18 13:26 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\Catalina  Print Savings
      2014-09-22 12:50 - 2011-05-18 13:51 - 00000000 ____D () C:\Program Files (x86)\Coupons
      2014-08-28 16:29 - 2014-05-19 17:58 - 00659440 _____ () C:\Windows\couponprinter_x64.ocx
      2014-08-28 16:29 - 2014-05-19 17:56 - 00444912 _____ () C:\Windows\CouponPrinter.ocx
      End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.

  • 0

#14
mom2dylkay

mom2dylkay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-09-2014
Ran by KVogler at 2014-09-30 23:48:14 Run:1
Running from C:\Users\KVogler\Desktop
Loaded Profile: KVogler (Available profiles: KVogler & Kaylan)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
CHR Extension: (A Quotation) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpinjhlpmg [2013-08-13]
CHR Extension: (YOUZEEK Free Music) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce [2013-08-13]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-12]
CHR Extension: (Fun Switcher) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb [2013-08-13]
CHR Extension: (Read Later Fast) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2013-08-13]
CHR Extension: (Who defriended me?) - C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcnpokbajkllnoffpnidngefobkpglbg [2013-08-13]
2014-09-21 17:17 - 2014-09-21 17:18 - 00000000 ____D () C:\Users\KVogler\Documents\asdfghjkl
2014-09-09 23:10 - 2014-09-09 23:32 - 00011097 _____ () C:\Users\KVogler\Documents\Grocery Price Book.xlsx
2014-09-09 15:31 - 2014-09-09 15:31 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\Incline Software
2014-09-09 10:36 - 2014-09-09 10:36 - 02072488 _____ (Coupons.com Incorporated) C:\Users\KVogler\Downloads\CouponPrinter (4).exe
2014-09-09 10:35 - 2014-09-09 10:35 - 02072488 _____ (Coupons.com Incorporated) C:\Users\KVogler\Downloads\CouponPrinterCPS.exe
2014-09-22 12:50 - 2013-08-18 13:26 - 00000000 ____D () C:\Users\KVogler\AppData\Roaming\Catalina  Print Savings
2014-09-22 12:50 - 2011-05-18 13:51 - 00000000 ____D () C:\Program Files (x86)\Coupons
2014-08-28 16:29 - 2014-05-19 17:58 - 00659440 _____ () C:\Windows\couponprinter_x64.ocx
2014-08-28 16:29 - 2014-05-19 17:56 - 00444912 _____ () C:\Windows\CouponPrinter.ocx
End
*****************
 
C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpinjhlpmg => Moved successfully.
C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce => Moved successfully.
C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb => Moved successfully.
C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb => Moved successfully.
C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji => Moved successfully.
C:\Users\KVogler\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcnpokbajkllnoffpnidngefobkpglbg => Moved successfully.
C:\Users\KVogler\Documents\asdfghjkl => Moved successfully.
C:\Users\KVogler\Documents\Grocery Price Book.xlsx => Moved successfully.
C:\Users\KVogler\AppData\Roaming\Incline Software => Moved successfully.
C:\Users\KVogler\Downloads\CouponPrinter (4).exe => Moved successfully.
C:\Users\KVogler\Downloads\CouponPrinterCPS.exe => Moved successfully.
"C:\Users\KVogler\AppData\Roaming\Catalina  Print Savings" => File/Directory not found.
C:\Program Files (x86)\Coupons => Moved successfully.
C:\Windows\couponprinter_x64.ocx => Moved successfully.
C:\Windows\CouponPrinter.ocx => Moved successfully.
 
==== End of Fixlog ====

  • 0

#15
Teima

Teima

    Member

  • Member
  • PipPipPip
  • 833 posts
How does your machine appear to be running at the moment? We are almost done.

Step One
  • ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Go here from Internet Explorer and click on Run ESET Online Scanner.
      • Note: If you use any browser other than Internet Explorer, you will have to download and install esetsmartinstaller_enu.exe when prompt to run the scan.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting --
      • Uncheck the box beside Remove Found Threats;
      • Check the box beside Scan archives
    • Click on Advanced Setting and check the following boxes--
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Click on list of threats found.
        • Click on Export to text file and save it to the Desktop as ESET SCAN.txt.
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.
Step Two
  • Scan with Malwarebytes' Anti-Malware
    • Download Malwarebytes' Anti-Malware from the suitable link below --
    • Double-click mbam-setup.exe to install the application.
    • Before clicking Finish perform the following actions --
      • Un-check the box beside Enable free trial of Malwarebytes Anti-Malware Premium.
      • Check the box beside Launch Malwarebytes Anti-Malware
    • Once the program has loaded, The MBAM dashboard will appear with an alert to update - click the green button Update Now;
    • Click on Setting--
      • Navigate to the tab Detection and Protection and check all the boxes under Detection Options
    • From the Dashboard click on Scan Now;
    • If threats are detected click on Apply actions. If the program asks to reboot your PC, let it do so;
    • On completion of the scan click on View Detailed Log after that click on Export Button, select Text File and save the log to your Desktop;
    • Copy and Paste the contents of the log in your next reply.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP