[LegendOz]

Hi,

 

A lot of my accounts have been getting hacked over the last month (or two).

A friend suggested this place for help. I am not sure what the case is, all the accounts had different passwords.

I ran a BitDefender virus scan and it came out clean, however there were some notifications I have put in the 2nd post.

OLT Scan is in the 3rd Post.

Edited by LegendOz, 07 January 2015 - 05:33 PM.

[Advertisements]

This popped up on BitDefender (didn't make much sense to me but if it helps)

Edited by LegendOz, 07 January 2015 - 05:27 PM.

[LegendOz]

This popped up on BitDefender (didn't make much sense to me but if it helps)

Edited by LegendOz, 07 January 2015 - 05:27 PM.

[LegendOz]

OLT Scan was too long

Posted it on GitHub Gist:
OLT: https://gist.githubusercontent.com/anonymous/0878b90d39f2cf27a0b0/raw/gistfile1.txt
Extra: https://gist.githubusercontent.com/anonymous/f6f6bb7c861ce8aa446c/raw/2b751396751b42d4de7d92e4ca8053b969cb630f/gistfile1.txt

Edited by LegendOz, 07 January 2015 - 05:32 PM.

[LegendOz]

Accounts still getting hacked.

Will really appreciate if someone can help.

[Valinorum]

Hi LegendOz,



My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):

• Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
• Please do not install any new software while we are working on this system as it may hinder our process.
• Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
• Please do not try to fix anything without being ask.
• Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
• Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
• Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
• If you are confused about any instruction, stop and ask. Do not keep on going.
• Do not repeat the steps if you face any problems.
• I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
• Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
• The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.

 

Change all your login information from a clean computer and do not use this computer while we are working on it. If you do financial transaction, please, change your PIN codes or call the authority for unusual activities.


 

• Step #1 Scan with Farbar Recovery Scan Tool
  • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
    Download link for 32 bit system
    Download link for 64 bit system
  • Right-click on the program and choose Run as administrator;
  • Put tick-mark on all boxes under Whitelist and Optional Scan;
  • Click on Scan;
  • After the scan two notepad files will be opened --
    • FRST.txt;
    • Addition.txt
  • Copy and Paste the contents of the logs in your next reply.

 

• Required Log(s):
  • Farbar Tool Log(s)--
    • FRST.txt
    • Addition.txt

Regards,
Valinorum

[LegendOz]

FRST.txt was too long to be posted so I have put it on GitHub Gist (not sure how else to provide it)

Link: https://gist.githubu...1/gistfile1.txt

 

I have posted the Addition.txt and Shortcut.txt

Edited by LegendOz, 11 January 2015 - 04:33 AM.

[LegendOz]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2015

Ran by Aditya at 2015-01-11 05:22:27

Running from C:\Users\Aditya\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Application Insights Tools for Visual Studio 2013 (x32 Version: 2.1 - Microsoft Corporation) Hidden

AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden

Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden

Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)

Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Box Sync (HKLM\...\{09C53B19-C578-4803-95EF-DDEDF89D080C}) (Version: 4.0.5693.0 - Box, Inc.)

Box Sync (x32 Version: 4.0.5078.0 - Box Inc.) Hidden

Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden

Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden

Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)

Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)

Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden

Dropbox (HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)

EditPlus 3 (HKLM-x32\...\EditPlus 3) (Version:  - ES-Computing)

Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)

Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

Garena - League of Legends (HKLM-x32\...\LoL) (Version:  - Garena Online Pte Ltd.)

Garena Plus (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)

Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)

iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)

IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )

InfiniteCrisis_410193F41CAE (HKLM-x32\...\InfiniteCrisis_410193F41CAE) (Version:  - Turbine, Inc)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)

Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden

LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden

LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden

Mailbird (HKLM-x32\...\{B05594ED-BA64-40A6-995E-072813EF4E5F}) (Version: 1.7.29 - Mailbird)

Malwarebytes Anti-Exploit version 1.05.1.1016 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.05.1.1016 - Malwarebytes)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Memory Profiler (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)

Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio Professional 2013 with Update 3 (HKLM-x32\...\{ec85bfda-a752-4fe6-b9ad-f4c42d6ff44b}) (Version: 12.0.30723 - Microsoft Corporation)

Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)

Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)

Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)

NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)

NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden

Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)

PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden

Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)

PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)

Python Tools Redirection Template (x32 Version: 1.2 - Microsoft Corporation) Hidden

Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.36.1278 - Qualcomm Atheros) Hidden

Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.1.306 - Qualcomm Atheros Communications) Hidden

Qualcomm Atheros Killer Wireless-N Drivers (Version: 1.0.36.1278 - Qualcomm Atheros) Hidden

Qualcomm Atheros Network Manager (Version: 1.0.36.1278 - Qualcomm Atheros) Hidden

Qualcomm Atheros Performance Suite (HKLM-x32\...\{BB96DF0C-B36B-46E2-B8E4-635773ECD782}) (Version: 1.0.36.1278 - Qualcomm Atheros)

Razer Comms (HKLM-x32\...\Razer Comms) (Version:  - Razer USA Ltd.)

Razer Core (HKLM-x32\...\Razer Core) (Version: 0.01.137 - Razer USA Ltd.)

Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)

Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)

RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)

SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)

Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)

SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden

SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2477.0 - Hi-Rez Studios)

Spotify (HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)

StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

SugarSync (HKLM-x32\...\SugarSync) (Version: 3.2.0.5.133203 - SugarSync, Inc.)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.23 - Synaptics Incorporated)

Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)

Todoist (HKLM-x32\...\{B1B3C79A-FFD9-4B28-A456-62B6E55E2A5C}_is1) (Version: 2.6.4.0 - Doist Ltd.)

TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden

TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden

Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)

Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)

Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

VLC Streamer 4.99 (HKLM-x32\...\VLC Streamer_is1) (Version:  - )

VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden

WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden

WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden

WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)

WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)

WD Quick View (HKLM-x32\...\{79966948-BECF-4CB1-A79F-E76C830A17D2}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)

WD Security (HKLM-x32\...\{0AC340BC-4A62-4D1F-86DB-35C1C3CB66CF}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.)

WD SmartWare (HKLM\...\{7AE43D6C-B3F1-448D-AD84-1CDC7AC6EBC7}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)

WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)

Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation)

WinRAR 5.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH)

Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden

Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden

World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

XChat 2 (remove only) (HKLM-x32\...\xchat) (Version:  - )

Xilinx Design Tools  ISE WebPACK 14.7 (C:\Xilinx\14.7\ISE_DS) (HKLM\...\Xilinx Design Tools ISE WebPACK 14.7) (Version:  - Xilinx, Inc.)

Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Aditya\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2792414257-871753559-3026284368-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

03-01-2015 22:58:18 Scheduled Checkpoint

09-01-2015 17:33:34 Removed Private Internet Access Support Files

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0C7D93CF-4CFF-4C87-B7BF-2A69F0699C4E} - System32\Tasks\{BB2E667E-376C-4E57-AAF9-D98CB72E3F1E} => pcalua.exe -a C:\Xilinx\.xinstall\Vivado_2014.3\xsetup.exe -c -Uninstall

Task: {0D6DE18C-505D-45E8-848A-239CE0E098D9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)

Task: {114833F4-0541-4B61-A420-F4FA91E9E74F} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2792414257-871753559-3026284368-1002

Task: {340BBA94-984B-4786-8040-DA01FFDB0BE3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)

Task: {70D339FB-945B-48C1-9F8B-BDBEB0D2A13B} - System32\Tasks\gg_uac_daemon_Aditya => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2014-04-29] ()

Task: {75E45598-B0B9-42B7-AD78-6799B1624368} - System32\Tasks\Microsoft Office 15 Sync Maintenance for RAZERBLADEPRO-Aditya RazerBladePro => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)

Task: {846B02E9-CE06-40A7-8C4D-539CF1CF104A} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-10-18] ()

Task: {84D3D9A8-5BE0-4A8B-800F-4BEDD88755E2} - System32\Tasks\Dolby Selector => c:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)

Task: {87EBB376-C695-4B6F-B103-9B6780768BDF} - System32\Tasks\BaronReplays => C:\Users\Aditya\Desktop\Games\BaronReplays\BaronReplays.exe [2014-12-02] (Ahri.tw)

Task: {A43E437A-8799-4D0F-9E6D-37C8F70A8143} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)

Task: {BEAD21D6-553A-4CE8-9405-815F46B941C7} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe

Task: {BF204645-7A90-44A3-AB4D-E5577DCA52C8} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2792414257-871753559-3026284368-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe

Task: {CA155EAD-6C83-49E4-8E44-D2768612B3D8} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....AJKILIBNKJHIKJ"

Task: {CF74A409-D044-4F05-BCB0-66A23461033D} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {E02241A2-9B3E-4BDD-B60C-C2D66B6B4FDF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-03] (Synaptics Incorporated)

Task: {E6F8A789-F63C-4326-A45C-50F63E435C0C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)

Task: {EA73CBC2-B14A-40D1-96DE-E123DBE853F5} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....NICMJNDJCMKJBJ"

Task: {EB11F5E6-8F1C-4CD7-9EE1-6EF25EC7E12A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)

Task: {EF73692C-9DD8-4F37-91CC-69C8CB7DE86A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {F12B5576-B8BA-48F2-9099-AEC1D3A86C6E} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()

Task: {F3B29A25-F7DA-4697-9D9A-3EE33721488E} - System32\Tasks\update-S-1-5-21-2792414257-871753559-3026284368-1002 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {FE4235EC-1049-4005-B024-3B3D2BB0A320} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\update-S-1-5-21-2792414257-871753559-3026284368-1002.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-12-31 11:14 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll

2014-12-31 11:14 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll

2014-12-31 11:15 - 2014-12-17 14:34 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui

2014-12-31 11:15 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll

2014-12-31 11:14 - 2014-07-24 09:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpbr.mdl

2014-12-31 11:14 - 2014-07-24 09:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpdsp.mdl

2014-12-31 11:14 - 2014-07-24 09:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttpph.mdl

2014-12-31 11:14 - 2014-07-24 09:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_001_001\ashttprbl.mdl

2014-05-06 00:35 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2014-12-09 17:22 - 2014-12-09 17:22 - 00186048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

2014-05-06 13:51 - 2014-12-13 05:08 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-05-06 13:52 - 2014-12-13 03:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-11-20 16:11 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2014-05-17 00:10 - 2014-03-26 04:54 - 00062512 _____ () C:\Program Files (x86)\EditPlus 3\eppshell64.dll

2014-04-29 04:28 - 2014-04-29 04:28 - 00049456 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe

2013-09-25 02:04 - 2013-09-25 02:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

2013-09-25 02:01 - 2013-09-25 02:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll

2013-09-25 02:08 - 2013-09-25 02:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe

2014-12-18 22:22 - 2014-12-18 22:22 - 00290816 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe

2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-05-29 02:02 - 2013-05-02 06:16 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2014-05-06 13:51 - 2014-12-13 05:08 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2014-04-29 04:28 - 2014-04-29 04:28 - 00553776 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll

2014-10-21 19:22 - 2014-10-21 19:22 - 00750080 _____ () C:\Users\Aditya\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-01-11 04:06 - 2015-01-11 04:06 - 00043008 _____ () c:\users\aditya\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5rm0ei.dll

2014-10-21 19:22 - 2014-10-21 19:22 - 00047616 _____ () C:\Users\Aditya\AppData\Roaming\Dropbox\bin\libEGL.dll

2014-10-21 19:22 - 2014-10-21 19:22 - 00863744 _____ () C:\Users\Aditya\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2014-10-21 19:22 - 2014-10-21 19:22 - 00200704 _____ () C:\Users\Aditya\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2014-08-26 15:47 - 2014-08-26 15:47 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

2014-08-26 15:47 - 2014-08-26 15:47 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

2014-11-20 14:55 - 2014-11-25 21:12 - 40622592 _____ () C:\Users\Aditya\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll

2014-12-18 22:22 - 2014-12-18 22:22 - 00192512 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll

2014-11-20 14:55 - 2014-11-25 21:12 - 00911360 _____ () C:\Users\Aditya\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll

2014-11-20 14:55 - 2014-11-25 21:12 - 00134144 _____ () C:\Users\Aditya\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll

2013-10-22 03:24 - 2013-10-22 03:24 - 24978944 _____ () C:\ProgramData\Razer\SwitchBlade\Resources\CEF1\libcef.dll

2013-10-22 03:24 - 2013-10-22 03:24 - 00736256 _____ () C:\ProgramData\Razer\SwitchBlade\Resources\CEF1\libglesv2.dll

2013-10-22 03:24 - 2013-10-22 03:24 - 00130048 _____ () C:\ProgramData\Razer\SwitchBlade\Resources\CEF1\libegl.dll

2014-12-11 19:14 - 2014-12-05 20:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll

2014-12-11 19:14 - 2014-12-05 20:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll

2014-12-11 19:14 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll

2014-12-11 19:14 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\Aditya\OneDrive:ms-properties

AlternateDataStreams: C:\Users\Aditya\Desktop\FRST64.exe:BDU

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!

HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

HKLM\...\StartupApproved\StartupFolder: => "RazerFPSStartup.lnk"

HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"

HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"

HKLM\...\StartupApproved\StartupFolder: => "Install LastPass FF RunOnce.lnk"

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run: => "IAStorIcon"

HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"

HKLM\...\StartupApproved\Run: => "RtHDVCpl"

HKLM\...\StartupApproved\Run: => "ShadowPlay"

HKLM\...\StartupApproved\Run: => "BoxSync"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "RzSBHelper"

HKLM\...\StartupApproved\Run32: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKLM\...\StartupApproved\Run32: => "Mailbird"

HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"

HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\StartupFolder: => "Todoist.lnk"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "RoboForm"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "LightShot"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "Gyazo"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "GarenaPlus"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "iCloudServices"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "EADM"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "Mailbird"

HKU\S-1-5-21-2792414257-871753559-3026284368-1002\...\StartupApproved\Run: => "SugarSync"

 

========================= Accounts: ==========================

 

Aditya (S-1-5-21-2792414257-871753559-3026284368-1002 - Administrator - Enabled) => C:\Users\Aditya

Administrator (S-1-5-21-2792414257-871753559-3026284368-500 - Administrator - Disabled)

Guest (S-1-5-21-2792414257-871753559-3026284368-501 - Limited - Disabled)

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (01/11/2015 04:52:33 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)

Description: There was an error communicating to the Orion inference server

 

Error: (01/11/2015 04:17:17 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.

 

Error: (01/10/2015 07:30:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Explorer.EXE

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 00007FF8B364A02F

 

Error: (01/09/2015 10:49:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: RAZERBLADEPRO)

Description: Package 4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8+App was terminated because it took too long to suspend.

 

Error: (01/09/2015 10:49:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Netflix.exe version 2.9.0.29 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 5874

 

Start Time: 01d02c8858a4b281

 

Termination Time: 4294967295

 

Application Path: C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8\Netflix.exe

 

Report Id: a31c71c1-987b-11e4-becc-0c84dc9d5a46

 

Faulting package full name: 4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8

 

Faulting package-relative application ID: App

 

Error: (01/09/2015 10:39:42 PM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail (19980) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

 

Error: (01/09/2015 09:21:06 PM) (Source: Perflib) (EventID: 1023) (User: )

Description: rdyboost4

 

Error: (01/09/2015 09:21:06 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll4

 

Error: (01/09/2015 06:41:40 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

 

Error: (01/09/2015 06:41:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )

Description: The volume \\?\Volume{241d97e8-2284-43f2-a69e-43698d13ce07}\ was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)

 

 

System errors:

=============

Error: (01/10/2015 07:31:02 AM) (Source: DCOM) (EventID: 10010) (User: RAZERBLADEPRO)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

 

Error: (01/10/2015 07:31:00 AM) (Source: DCOM) (EventID: 10010) (User: RAZERBLADEPRO)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

 

Error: (01/09/2015 09:15:28 PM) (Source: DCOM) (EventID: 10010) (User: RAZERBLADEPRO)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

 

Error: (01/09/2015 09:15:28 PM) (Source: DCOM) (EventID: 10010) (User: RAZERBLADEPRO)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

 

Error: (01/09/2015 08:57:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 70. The Windows SChannel error state is 105.

 

Error: (01/09/2015 07:41:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for Start with the following error: 

%%5

 

Error: (01/09/2015 05:11:43 AM) (Source: DCOM) (EventID: 10010) (User: RAZERBLADEPRO)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

 

Error: (01/09/2015 05:11:43 AM) (Source: DCOM) (EventID: 10010) (User: RAZERBLADEPRO)

Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

 

Error: (01/06/2015 00:56:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (01/05/2015 08:52:48 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 3:38:15 PM on ‎1/‎5/‎2015 was unexpected.

 

 

Microsoft Office Sessions:

=========================

Error: (01/11/2015 04:52:33 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2007) (User: NT AUTHORITY)

Description: -2143485946

 

Error: (01/11/2015 04:17:17 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud_2.7.1.418\Utils\Creative Cloud Uninstaller.exe

 

Error: (01/10/2015 07:30:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: Explorer.EXE

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: exception code c0000005, exception address 00007FF8B364A02F

 

Error: (01/09/2015 10:49:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: RAZERBLADEPRO)

Description: 4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8+App

 

Error: (01/09/2015 10:49:13 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Netflix.exe2.9.0.29587401d02c8858a4b2814294967295C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8\Netflix.exea31c71c1-987b-11e4-becc-0c84dc9d5a464DF9E0F8.Netflix_2.9.0.29_x64__mcm4njqhnhss8App

 

Error: (01/09/2015 10:39:42 PM) (Source: ESENT) (EventID: 215) (User: )

Description: WinMail19980WindowsMail0:

 

Error: (01/09/2015 09:21:06 PM) (Source: Perflib) (EventID: 1023) (User: )

Description: rdyboost4

 

Error: (01/09/2015 09:21:06 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll4

 

Error: (01/09/2015 06:41:40 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud_2.7.1.418\Utils\Creative Cloud Uninstaller.exe

 

Error: (01/09/2015 06:41:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )

Description: \\?\Volume{241d97e8-2284-43f2-a69e-43698d13ce07}\The parameter is incorrect. (0x80070057)

 

 

CodeIntegrity Errors:

===================================

  Date: 2015-01-10 01:31:21.224

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-01-10 01:31:21.176

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-01-10 01:31:21.122

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2015-01-10 01:31:21.075

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™ i7-4700HQ CPU @ 2.40GHz

Percentage of memory in use: 47%

Total physical RAM: 8110.18 MB

Available physical RAM: 4259.17 MB

Total Pagefile: 11566.18 MB

Available Pagefile: 7370.19 MB

Total Virtual: 131072 MB

Available Virtual: 131071.75 MB

 

==================== Drives ================================

 

Drive c: (Razer Blade Pro) (Fixed) (Total:459.74 GB) (Free:230.93 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 476.9 GB) (Disk ID: C5AEBD62)

 

Partition: GPT Partition Type.

 

==================== End Of Log ============================

[LegendOz]

Users shortcut scan result (x64) Version: 11-01-2015

Ran by Aditya at 2015-01-11 05:23:04

Running from C:\Users\Aditya\Desktop

Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

 

 

 

Shortcut: C:\Users\Aditya\Links\Box Sync.lnk -> C:\Users\Aditya\Box Sync ()

Shortcut: C:\Users\Aditya\Links\Desktop.lnk -> C:\Users\Aditya\Desktop ()

Shortcut: C:\Users\Aditya\Links\Downloads.lnk -> C:\Users\Aditya\Downloads ()

Shortcut: C:\Users\Aditya\Links\Dropbox.lnk -> C:\Users\Aditya\Dropbox ()

Shortcut: C:\Users\Aditya\Links\My SugarSync.lnk -> C:\Users\Aditya\My SugarSync ()

Shortcut: C:\Users\Aditya\Documents\StarCraft II\[email protected] -> C:\Users\Aditya\Documents\StarCraft II\Accounts\256139229\1-S2-1-6342568 ()

Shortcut: C:\Users\Aditya\Desktop\Programs\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)

Shortcut: C:\Users\Aditya\Desktop\Programs\DocNav.lnk -> C:\Xilinx\DocNav\docnav.exe (No File)

Shortcut: C:\Users\Aditya\Desktop\Programs\EditPlus 3.lnk -> C:\Program Files (x86)\EditPlus 3\editplus.exe (ES-Computing)

Shortcut: C:\Users\Aditya\Desktop\Programs\Evernote.lnk -> C:\Windows\Installer\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}\Evernote.ico ()

Shortcut: C:\Users\Aditya\Desktop\Programs\Fraps.lnk -> C:\Fraps\fraps.exe (Beepa P/L)

Shortcut: C:\Users\Aditya\Desktop\Programs\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)

Shortcut: C:\Users\Aditya\Desktop\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\Gyazo GIF.lnk -> C:\Program Files (x86)\Gyazo\GyazoGIF.exe (Nota Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\Gyazo.lnk -> C:\Program Files (x86)\Gyazo\Gyazowin.exe (Nota Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\Hi-Rez Diagnostics and Support.lnk -> C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company)

Shortcut: C:\Users\Aditya\Desktop\Programs\Internet Download Manager.lnk -> C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\Killer Network Manager.lnk -> C:\Windows\Installer\{C855D7CE-4D71-4F75-8270-8F5405DC37F0}\NetworkManager.exe_E38B8113745D486384C281C6EE6C49DB.exe (Flexera Software LLC)

Shortcut: C:\Users\Aditya\Desktop\Programs\Mailbird.lnk -> C:\Program Files (x86)\Mailbird\Mailbird.exe (Mailbird)

Shortcut: C:\Users\Aditya\Desktop\Programs\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)

Shortcut: C:\Users\Aditya\Desktop\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

Shortcut: C:\Users\Aditya\Desktop\Programs\Private Internet Access.lnk -> C:\Program Files\pia_manager\pia_manager.exe ()

Shortcut: C:\Users\Aditya\Desktop\Programs\Skype.lnk -> C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe ()

Shortcut: C:\Users\Aditya\Desktop\Programs\Spotify.lnk -> C:\Users\Aditya\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)

Shortcut: C:\Users\Aditya\Desktop\Programs\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (No File)

Shortcut: C:\Users\Aditya\Desktop\Programs\SugarSync.lnk -> C:\Program Files (x86)\SugarSync\SugarSync.exe (SugarSync, Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version 9\TeamViewer.exe (TeamViewer GmbH)

Shortcut: C:\Users\Aditya\Desktop\Programs\Todoist.lnk -> C:\Program Files (x86)\Todoist\Todoist.exe (Doist Ltd.)

Shortcut: C:\Users\Aditya\Desktop\Programs\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)

Shortcut: C:\Users\Aditya\Desktop\Programs\WD Drive Utilities.lnk -> C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe (Western Digital Technologies, Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\WD SmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe (Western Digital Technologies, Inc.)

Shortcut: C:\Users\Aditya\Desktop\Programs\Webroot SecureAnywhere .lnk -> C:\Program Files\HgRVqtLL\SaTFSFmX.exe (No File)

Shortcut: C:\Users\Aditya\Desktop\Programs\XChat.lnk -> C:\Program Files (x86)\xChat\xchat.exe ()

Shortcut: C:\Users\Aditya\Desktop\Programs\Xilinx PlanAhead 14.7.lnk -> C:\Xilinx\14.7\ISE_DS\PlanAhead\bin\planAhead.bat ()

Shortcut: C:\Users\Aditya\Desktop\Games\BaronReplays.lnk -> C:\Users\Aditya\Desktop\Games\BaronReplays\BaronReplays.exe (Ahri.tw)

Shortcut: C:\Users\Aditya\Desktop\Games\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)

Shortcut: C:\Users\Aditya\Desktop\Games\Curse.lnk -> C:\Users\Aditya\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

Shortcut: C:\Users\Aditya\Desktop\Games\Garena Plus.lnk -> C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe ()

Shortcut: C:\Users\Aditya\Desktop\Games\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)

Shortcut: C:\Users\Aditya\Desktop\Games\League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.admin.exe ()

Shortcut: C:\Users\Aditya\Desktop\Games\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)

Shortcut: C:\Users\Aditya\Desktop\Games\PVZ Garden Warfare.lnk -> C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe (EA PopCap)

Shortcut: C:\Users\Aditya\Desktop\Games\StarCraft II.lnk -> C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment)

Shortcut: C:\Users\Aditya\Desktop\Games\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

Shortcut: C:\Users\Aditya\Desktop\Games\uPlay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)

Shortcut: C:\Users\Aditya\Desktop\Games\World of Warcraft.lnk -> C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk -> C:\Users\Aditya\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Aditya\Documents ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Aditya\Pictures ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Aditya\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe (Ubisoft)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Todoist.lnk -> C:\Program Files (x86)\Todoist\Todoist.exe (Doist Ltd.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\License.lnk -> C:\Users\Aditya\jagexcache\jagexlauncher\LICENSE.txt ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access\Private Internet Access.lnk -> C:\Program Files\pia_manager\pia_manager.exe ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass\LastPass Installer and Importer.lnk -> C:\Program Files (x86)\LastPass\lastpass.exe (LastPass)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk -> C:\Program Files (x86)\Internet Download Manager\grabber.chm ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk -> C:\Program Files (x86)\Internet Download Manager\idman.chm ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk -> C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk -> C:\Program Files (x86)\Internet Download Manager\license.txt ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk -> C:\Program Files (x86)\Internet Download Manager\tutor.chm ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe (Tonec Inc.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EditPlus 3\EditPlus 3.lnk -> C:\Program Files (x86)\EditPlus 3\editplus.exe (ES-Computing)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EditPlus 3\Online Manual.lnk -> C:\Program Files (x86)\EditPlus 3\editplus.chm ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EditPlus 3\Readme.lnk -> C:\Program Files (x86)\EditPlus 3\readme.txt ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Aditya\Dropbox ()

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\SendTo\EditPlus 3.lnk -> C:\Program Files (x86)\EditPlus 3\editplus.exe (ES-Computing)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\SendTo\Evernote.lnk -> C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk -> C:\Program Files (x86)\Gyazo\GyazoGIF.exe (Nota Inc.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk -> C:\Program Files (x86)\Gyazo\Gyazowin.exe (Nota Inc.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Server Manager.lnk -> C:\WINDOWS\system32\ServerManager.exe (No File)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Evernote.lnk -> C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mailbird.lnk -> C:\Program Files (x86)\Mailbird\Mailbird.exe (Mailbird)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Users\Aditya\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)

Shortcut: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Todoist.lnk -> C:\Program Files (x86)\Todoist\Todoist.exe (Doist Ltd.)

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)

Shortcut: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EditPlus 3.lnk -> C:\Program Files (x86)\EditPlus 3\editplus.exe (ES-Computing)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Web Platform Installer.lnk -> C:\Program Files\Microsoft\Web Platform Installer\WebPlatformInstaller.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk -> C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Server Manager.lnk -> C:\WINDOWS\system32\ServerManager.exe (No File)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SugarSync.lnk -> C:\Program Files (x86)\SugarSync\SugarSync.exe (SugarSync, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk -> C:\Program Files (x86)\TeamViewer\Version 9\TeamViewer.exe (TeamViewer GmbH)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\PlanAhead\PlanAhead.lnk -> C:\Xilinx\14.7\ISE_DS\PlanAhead\bin\planAhead.bat ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\EDK\Documentation\SDK Help Contents.lnk -> C:\Xilinx\14.7\ISE_DS\EDK\doc\usenglish\SDK_doc\index.html ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xChat\FAQ.lnk -> C:\Program Files (x86)\xChat\faq.html ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xChat\Plugin Docs.lnk -> C:\Program Files (x86)\xChat\plugin20.html ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xChat\ReadMe.lnk -> C:\Program Files (x86)\xChat\README.HTML ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xChat\Uninstall.lnk -> C:\Program Files (x86)\xChat\uninstall.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xChat\XChat.lnk -> C:\Program Files (x86)\xChat\xchat.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk -> C:\Program Files (x86)\World of Warcraft\World of Warcraft Launcher.exe (Blizzard Entertainment)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1\Windows Phone Application Deployment 8.1.lnk -> C:\Program Files (x86)\Microsoft SDKs\Windows Phone\v8.1\Tools\AppDeploy\AppDeploy.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1\Windows Phone Developer Power Tools 8.1.lnk -> C:\Program Files (x86)\Microsoft SDKs\Windows Phone\v8.1\Tools\PowerTools\PwTools.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1\Windows Phone Developer Registration 8.1.lnk -> C:\Program Files (x86)\Microsoft SDKs\Windows Phone\v8.1\Tools\Phone Registration\PhoneReg.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0\Application Deployment.lnk -> C:\Program Files (x86)\Microsoft SDKs\Windows Phone\v8.0\Tools\XAP Deployment\XapDeploy.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.0\Windows Phone Developer Registration.lnk -> C:\Program Files (x86)\Microsoft SDKs\Windows Phone\v8.0\Tools\Phone Registration\PhoneReg.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Documentation for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Shortcuts\DesktopDevCenterLearn.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Documentation for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Shortcuts\WindowsStoreAppDevCenterLearn.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Samples for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Shortcuts\DesktopDevCenterSamples.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Samples for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Shortcuts\WindowsStoreAppDevCenterSamples.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Tools for Desktop Apps.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Shortcuts\DesktopDevCenterToolsDocumentation.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Tools for Windows Store Apps.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Shortcuts\WindowsStoreAppDevCenterToolsDocumentation.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Performance Toolkit\Windows Performance Analyzer.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\wpa.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Performance Toolkit\Windows Performance Recorder.lnk -> C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\WPRUI.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows App Certification Kit\Windows App Cert Kit.lnk -> C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\appcertui.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X86)\Application Verifier (WOW).lnk -> C:\Windows\SysWOW64\appverif.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X64)\Application Verifier (X64).lnk -> C:\Windows\System32\appverif.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Application Verifier (X64)\Application Verifier Help.lnk -> C:\Windows\System32\appverif.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD Quick View.lnk -> C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD SmartWare\WD SmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe (Western Digital Technologies, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Unlocker.lnk -> C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Drive Utilities.lnk -> C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilities.exe (Western Digital Technologies, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital\WD Apps\WD Security.lnk -> C:\Program Files (x86)\Western Digital\WD Security\WDSecurity.exe (Western Digital Technologies, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Streamer\Uninstall VLC Streamer Helper.lnk -> C:\Program Files (x86)\Hobbyist Software\VLC Streamer\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Streamer\VLC Streamer Helper.lnk -> C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe (Hobbyist Software)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013\Blend for Visual Studio 2013.lnk -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Blend\Blend.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013\Visual Studio 2013.lnk -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013\Visual Studio Tools.lnk -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Tools\Shortcuts ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Todoist\Todoist.lnk -> C:\Program Files (x86)\Todoist\Todoist.exe (Doist Ltd.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\RazerFPSStartup.lnk -> C:\ProgramData\Razer\SwitchBlade\Apps\Razer\65BFE244-2354-4E41-ADC9-CCF6BE3B5F75\RzFPS\RzFPS.exe (Razer USA Ltd)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Battle.net Account Management.lnk -> C:\Program Files (x86)\StarCraft II\Support\BattlenetAccount.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\Blizzard Technical Support.lnk -> C:\Program Files (x86)\StarCraft II\Support\TechSupport.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Manual.lnk -> C:\Program Files (x86)\StarCraft II\Support\Manual.url ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II - Map Editor.lnk -> C:\Program Files (x86)\StarCraft II\Support\SC2Editor.exe (Blizzard Entertainment, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II.lnk -> C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype for desktop.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Core\SetupFinish.lnk -> C:\Users\Aditya\AppData\Local\Temp\RzSetupFinish.exe (No File)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\PerformanceSuite\Killer Diagnostics.lnk -> C:\Program Files\Qualcomm Atheros\Network Manager\KillerDiagnose\KillerDiagnose.exe (Microsoft)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros\PerformanceSuite\Killer Network Manager.lnk -> C:\Windows\Installer\{C855D7CE-4D71-4F75-8270-8F5405DC37F0}\NetworkManager.exe_57A52662FCCD47C9AAA02E5E7FCEFD5C.exe (Flexera Software LLC)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\mspub.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msouc.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression\Microsoft Expression Blend SDK\Expression Blend SDK Documentation.lnk -> C:\Program Files (x86)\Microsoft SDKs\Expression\Blend\.NETFramework\v4.0\Help\en\.NETFramework40BlendSDK.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Malwarebytes Anti-Exploit.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit\Uninstall Malwarebytes Anti-Exploit.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Exploit\unins000.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird\Mailbird.lnk -> C:\Program Files (x86)\Mailbird\Mailbird.exe (Mailbird)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Grabber Help.lnk -> C:\Program Files (x86)\Internet Download Manager\grabber.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\IDM Help.lnk -> C:\Program Files (x86)\Internet Download Manager\idman.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Internet Download Manager.lnk -> C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\license.lnk -> C:\Program Files (x86)\Internet Download Manager\license.txt ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\TUTORIALS.lnk -> C:\Program Files (x86)\Internet Download Manager\tutor.chm ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager\Uninstall IDM.lnk -> C:\Program Files (x86)\Internet Download Manager\Uninstall.exe (Tonec Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorUI.exe (Intel Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis\410193F41CAE\InfiniteCrisis.lnk -> C:\Program Files (x86)\InfiniteCrisis\TurbineLauncher.exe (Turbine, Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infinite Crisis\410193F41CAE\Uninstall.lnk -> C:\Program Files (x86)\InfiniteCrisis\uninstall.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Photos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk -> C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone\Hearthstone.lnk -> C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe (Blizzard Entertainment)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo GIF.lnk -> C:\Program Files (x86)\Gyazo\GyazoGIF.exe (Nota Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo.lnk -> C:\Program Files (x86)\Gyazo\Gyazowin.exe (Nota Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena\Garena Plus.lnk -> C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena\Garena+.lnk -> C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena\League of Legends\Start LoL.lnk -> C:\Program Files (x86)\Garena LoL\LoLLauncher.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena\Garena+\Garena+.lnk -> C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena\Garena Plus\Garena Plus.lnk -> C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> C:\Fraps\fraps.exe (Beepa P/L)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> C:\Fraps\uninstall.exe (Beepa Pty Ltd)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk -> C:\Windows\Installer\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}\Evernote.ico ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Demo.lnk -> C:\Program Files (x86)\Dolby Home Theater v4\pcee4d.exe (Dolby Laboratories Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Profile.lnk -> C:\Program Files (x86)\Dolby Home Theater v4\pcee4e.exe (Dolby Laboratories Inc.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync\Box Sync.lnk -> C:\Windows\Installer\{09C53B19-C578-4803-95EF-DDEDF89D080C}\BoxSync.ico ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Bitdefender Safepay.lnk -> C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\obk.exe (Bitdefender)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Help.lnk -> C:\Program Files\Bitdefender\Bitdefender 2015\support\offlinemanual\html\index.html ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Readme.lnk -> C:\Program Files\Bitdefender\Bitdefender 2015\_enHTML\readme.html ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Repair or Uninstall.lnk -> C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\installer.exe (Bitdefender)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe (Blizzard Entertainment)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Aditya\Documents ()

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Aditya\Pictures ()

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)

Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)

 

 

 

 

ShortcutWithArgument: C:\Users\Aditya\Desktop\Programs\Adobe Creative Cloud.lnk -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) -> --appletID=HomePanel_BL --appletVersion=1.0

ShortcutWithArgument: C:\Users\Aditya\Desktop\Programs\Dropbox.lnk -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home

ShortcutWithArgument: C:\Users\Aditya\Desktop\Programs\Intel® HD Graphics Control Panel.lnk -> C:\Windows\System32\GfxUIEx.exe (Intel Corporation) -> Desktop

ShortcutWithArgument: C:\Users\Aditya\Desktop\Programs\ISE Design Suite 14.7.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\ise.exe

ShortcutWithArgument: C:\Users\Aditya\Desktop\Programs\Razer Comms.lnk -> C:\Program Files (x86)\Razer\Core\RazerCore.exe (Razer) -> /ChatApplet

ShortcutWithArgument: C:\Users\Aditya\Desktop\Games\RuneScape.lnk -> C:\Users\Aditya\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape

ShortcutWithArgument: C:\Users\Aditya\Desktop\Games\Smite.lnk -> C:\Program Files (x86)\Hi-Rez Studios\HiRezLauncherUI.exe (Hi-Rez Studios Inc.) -> game=300 product=17

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk -> C:\Users\Aditya\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk -> C:\Users\Aditya\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) -> /startup

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape\RuneScape.lnk -> C:\Users\Aditya\jagexcache\jagexlauncher\bin\JagexLauncher.exe () -> runescape

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access\Reinstall TAP Driver.lnk -> C:\Program Files\pia_manager\pia_manager.exe () -> --reinstall-tap

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access\Uninstall Private Internet Access.lnk -> C:\Program Files\pia_manager\installer_win.exe () -> --uninstall

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass\Uninstall LastPass.lnk -> C:\Program Files (x86)\LastPass\lastpass.exe (LastPass) -> --uninstall

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Aditya\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version 9\TeamViewer.exe (TeamViewer GmbH) -> --sendto

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Control Panel.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> shell32.dll,Control_RunDLL

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files\Microsoft Office 15\root\office15\outlook.exe (Microsoft Corporation) -> /recycle

ShortcutWithArgument: C:\Users\Aditya\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> -incognito

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Google\Chrome\User Data\Default\Web Applications\www.zopim.com\https_80\Zopim Live Chat Software _ Engage your Customers _ Live Support.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=https://www.zopim.com/#login

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Google\Chrome\User Data\Default\Web Applications\dashboard.zopim.com\https_80\Dashboard - Home.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=https://dashboard.zo...lang=en-us#home

ShortcutWithArgument: C:\Users\Aditya\AppData\Local\Google\Chrome\User Data\Default\Web Applications\account.zopim.com\https_80\Zopim - Login.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=https://account.zopi...unt/?lang=en-us

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> %ProgramData%\Microsoft\Windows\Start Menu\Programs\Administrative Tools

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\PlanAhead\PlanAhead (32-bit).lnk -> C:\Xilinx\14.7\ISE_DS\PlanAhead\bin\planAhead.bat () -> -m32

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\32-bit Project Navigator.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\ise.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Project Navigator.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\ise.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Tools\Constraints Editor.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\constraints_editor.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Tools\CORE Generator.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\coregen.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Tools\FPGA Editor.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\fpga_editor.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Tools\iMPACT.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\impact.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Tools\Simulation Library Compilation Wizard.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\compxlibgui.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Tools\Timing Analyzer.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\timingan.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\64-bit Tools\XPower Analyzer.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\xpa.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\32-bit Tools\Constraints Editor.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\constraints_editor.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\32-bit Tools\CORE Generator.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\coregen.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\32-bit Tools\FPGA Editor.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\fpga_editor.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\32-bit Tools\Simulation Library Compilation Wizard.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\compxlibgui.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\32-bit Tools\Timing Analyzer.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\timingan.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ISE Design Tools\32-bit Tools\XPower Analyzer.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\xpa.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\EDK\Xilinx Platform Studio.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\EDK\bin\nt64\xps.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\EDK\Xilinx Software Development Kit.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\EDK\bin\nt64\xsdk.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\EDK\Tools\Compile Simulation Libraries.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\EDK\bin\nt64\compedklib.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\EDK\Tools\Create and Import Peripheral Wizard.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\EDK\bin\nt64\createip.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\EDK\Documentation\XPS Help Contents.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\EDK\bin\nt64\isehelpviewer.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Documentation\ISE Help Viewer.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\isehelpviewer.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ChipScope Pro\ChipScope 64-bit\Analyzer.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\analyzer.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ChipScope Pro\ChipScope 64-bit\Core Inserter.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt64\inserterw.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ChipScope Pro\ChipScope 32-bit\Analyzer.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\analyzer.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\ChipScope Pro\ChipScope 32-bit\Core Inserter.lnk -> C:\Xilinx\14.7\ISE_DS\settings32.bat () -> C:\Xilinx\14.7\ISE_DS\ISE\bin\nt\inserterw.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Accessories\Check For Updates.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\common\bin\nt64\xilinxnotify.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Accessories\ISE Design Suite 32 Bit Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k C:\Xilinx\14.7\ISE_DS\settings32.bat

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Accessories\ISE Design Suite 64 Bit Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k C:\Xilinx\14.7\ISE_DS\settings64.bat

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Accessories\Manage Xilinx Licenses.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> C:\Xilinx\14.7\ISE_DS\common\bin\nt64\xlcm.exe -manage

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Accessories\Uninstall.lnk -> C:\Xilinx\14.7\ISE_DS\.xinstall\bin\nt64\xsetup.exe () -> -uninstall 

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Accessories\XInfo System Checker.lnk -> C:\Xilinx\14.7\ISE_DS\settings64.bat () -> cmd /k C:\Xilinx\14.7\ISE_DS\common\bin\nt64\xinfo.exe

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits\Windows Software Development Kit\Windows Software Development Kit.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Windows Kits\8.1\"

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) -> -q -name=LastPass -ffuuid [email protected]

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Killer Network Manager.lnk -> C:\Windows\Installer\{C855D7CE-4D71-4F75-8270-8F5405DC37F0}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) -> -minimize

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer Comms\Razer Comms.lnk -> C:\Program Files (x86)\Razer\Core\RazerCore.exe (Razer) -> /ChatApplet

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse 2.0\Razer Synapse 2.0.lnk -> C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.) -> -launch

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012\Visual Studio Tools\Visual Studio 2012 ARM Phone Tools Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\WPSDK\WP80\vcvarsphoneall.bat"" x86_arm

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012\Visual Studio Tools\Visual Studio 2012 x86 Phone Tools Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\WPSDK\WP80\vcvarsphoneall.bat"" x86

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012\Visual Studio Tools\VS2012 ARM Cross Tools Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\vcvarsall.bat"" x86_arm

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012\Visual Studio Tools\VS2012 x64 Cross Tools Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\vcvarsall.bat"" x86_amd64

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012\Visual Studio Tools\VS2012 x86 Native Tools Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC\vcvarsall.bat"" x86

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird\Check for updates.lnk -> C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe (Mailbird) -> /checknow

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {B05594ED-BA64-40A6-995E-072813EF4E5F}

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass\LastPass Importer.lnk -> C:\Program Files (x86)\LastPass\lastpass.exe (LastPass) -> -s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab about

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab update

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Reminders.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Smite.lnk -> C:\Program Files (x86)\Hi-Rez Studios\HiRezLauncherUI.exe (Hi-Rez Studios Inc.) -> game=300 product=17

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Uninstall All Hi-Rez Games.lnk -> C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe (Hewlett-Packard Company) -> uninstall=all

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo Settings.lnk -> C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.) -> /option

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Bitdefender Total Security 2015.lnk -> C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Bitdefender) -> /seccenter

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX

ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo

ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files (x86)\TeamViewer\Version 9\TeamViewer.exe (TeamViewer GmbH) -> --sendto

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0

ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

 

 

InternetURL: C:\Users\Aditya\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142

InternetURL: C:\Users\Aditya\Favorites\Dell\Dell Auction.url -> hxxp://www.dellauction.com/

InternetURL: C:\Users\Aditya\Favorites\Dell\Dell Internet Security.url -> hxxp://support.dell.com/support/topics/global.aspx/support/security/security?c=us&cs=19&l=en&s=dhs

InternetURL: C:\Users\Aditya\Favorites\Dell\Dell.url -> hxxp://www.dell.com/

InternetURL: C:\Users\Aditya\Favorites\Dell\Support.Dell.Com.url -> hxxp://support.dell.com/support/index.aspx?c=us&l=en&s=gen

InternetURL: C:\Users\Aditya\Favorites\Alienware\Alienware Download Store.url -> hxxp://downloads.alienware.com/

InternetURL: C:\Users\Aditya\Favorites\Alienware\Alienware Support.url -> hxxp://support.dell.com/alienware

InternetURL: C:\Users\Aditya\Favorites\Alienware\Alienware.url -> hxxp://www.alienwarearena.com/welcome-us

InternetURL: C:\Users\Aditya\Desktop\Games\Hitman Absolution.url -> steam://rungameid/203140

InternetURL: C:\Users\Aditya\Desktop\Games\Tomb Raider.url -> steam://rungameid/203160

InternetURL: C:\Users\Aditya\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\ISE Design Suite 14.7\Accessories\Software Download Center.url -> hxxp://www.xilinx.com/xlnx/xil_sw_updates_home.jsp

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/

InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird\Mailbird online support.url -> hxxp://support.getmailbird.com

 

==================== End of log =============================

[Valinorum]

Next time, attach the posts if they are too big.


 

• Step #2 Fix with FRST
  Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
  • Open Notepad.exe. Do not use any other text editor software;
  • Copy and Paste the contents inside the code-box to your Notepad --
    

    Start
    CreateRestorePoint:
    Closeprocesses:
    Emptytemp:
    AlternateDataStreams: C:\Users\Aditya\Desktop\FRST64.exe:BDU
    HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
    HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
    HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    
    End

  • Click on File > Save as...
    • Inside the File Name box type fixlist.txt;
    • From the Save as type drop down list, choose All Files
  • Save the file to your Desktop;
  • Re-run FRST.exe and click Fix;
    • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
  • After the completion, a log will be produced;
  • Copy and Paste the contents of the log in your next reply.
•  
  • Step #3 Fix with MBAR
    Please download Malwarebytes Anti-Rootkit from here
    • Unzip the contents to a folder in a convenient location.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

 

• Required Log(s):
  • FRST Fix Log
  • MBAR-Log.txt
• Regards,
  Valinorum

[LegendOz]

During Step #3 when I ran MBAR this appeared (I pressed No)

[LegendOz]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2015

Ran by Aditya at 2015-01-11 11:51:12 Run:1

Running from C:\Users\Aditya\Desktop

Loaded Profile: Aditya (Available profiles: Aditya)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Start

CreateRestorePoint:

Closeprocesses:

Emptytemp:

AlternateDataStreams: C:\Users\Aditya\Desktop\FRST64.exe:BDU

HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!

HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!

HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

 

End

*****************

 

Restore point was successfully created.

Processes closed successfully.

C:\Users\Aditya\Desktop\FRST64.exe => ":BDU" ADS removed successfully.

"HKU\S-1-5-19\Software\Classes\exefile" => Key deleted successfully.

"HKU\S-1-5-19\Software\Classes\.exe" => Key deleted successfully.

HKU\S-1-5-19\Software\Classes\exefile => Key not found. 

"HKU\S-1-5-20\Software\Classes\exefile" => Key deleted successfully.

"HKU\S-1-5-20\Software\Classes\.exe" => Key deleted successfully.

HKU\S-1-5-20\Software\Classes\exefile => Key not found. 

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.

EmptyTemp: => Removed 200.4 MB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog 11:51:45 ====

[LegendOz]

Malwarebytes Anti-Rootkit BETA 1.08.2.1001

www.malwarebytes.org

 

Database version: v2015.01.11.09

 

Windows 8.1 x64 NTFS

Internet Explorer 11.0.9600.17498

Aditya :: RAZERBLADEPRO [administrator]

 

1/11/2015 11:56:40 AM

mbar-log-2015-01-11 (11-56-40).txt

 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 403577

Time elapsed: 7 minute(s), 6 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

Physical Sectors Detected: 0

(No malicious items detected)

 

(end)

[LegendOz]

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.08.2.1001

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.3.9200 Windows 8.1 x64

 

Account is Administrative

 

Internet Explorer version: 11.0.9600.17498

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 2.394000 GHz

Memory total: 8504143872, free: 5383016448

 

Downloaded database version: v2015.01.11.09

Downloaded database version: v2015.01.07.01

Downloaded database version: v2014.12.06.01

Initializing...

======================

This version of Malwarebytes Anti-Rootkit requires you to completely exit the Malwarebytes Anti-Malware application to continue.

=======================================

 

 

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.08.2.1001

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.3.9200 Windows 8.1 x64

 

Account is Administrative

 

Internet Explorer version: 11.0.9600.17498

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 2.394000 GHz

Memory total: 8504143872, free: 5700272128

 

Initializing...

======================

------------ Kernel report ------------

     01/11/2015 11:56:33

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kd.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\System32\drivers\werkernel.sys

\SystemRoot\System32\drivers\CLFS.SYS

\SystemRoot\System32\drivers\tm.sys

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CI.dll

\SystemRoot\System32\drivers\msrpc.sys

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\System32\Drivers\acpiex.sys

\SystemRoot\System32\Drivers\WppRecorder.sys

\SystemRoot\System32\drivers\ACPI.sys

\SystemRoot\System32\drivers\WMILIB.SYS

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\msisadrv.sys

\SystemRoot\System32\drivers\pci.sys

\SystemRoot\System32\drivers\vdrvroot.sys

\SystemRoot\system32\DRIVERS\trufos.sys

\SystemRoot\system32\DRIVERS\FLTMGR.SYS

\SystemRoot\system32\drivers\pdc.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\System32\drivers\spaceport.sys

\SystemRoot\System32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\System32\drivers\iaStorA.sys

\SystemRoot\System32\drivers\storport.sys

\SystemRoot\System32\drivers\EhStorClass.sys

\SystemRoot\System32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\Wof.sys

\SystemRoot\system32\DRIVERS\avc3.sys

\SystemRoot\system32\DRIVERS\gzflt.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\DRIVERS\wfplwfs.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\System32\drivers\volsnap.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\system32\DRIVERS\nvpciflt.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\intelpep.sys

\SystemRoot\System32\drivers\disk.sys

\SystemRoot\System32\drivers\CLASSPNP.SYS

\SystemRoot\System32\Drivers\crashdmp.sys

\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\BasicRender.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\System32\drivers\BasicDisplay.sys

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\System32\Drivers\Msfs.SYS

\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys

\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vwififlt.sys

\SystemRoot\system32\DRIVERS\bwcW8x64.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\DRIVERS\nvkflt.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\System32\drivers\npsvctrig.sys

\SystemRoot\System32\drivers\mssmbios.sys

\??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\bdvedisk.sys

\SystemRoot\system32\DRIVERS\ahcache.sys

\SystemRoot\system32\drivers\windrvr6.sys

\SystemRoot\system32\drivers\USBD.SYS

\SystemRoot\system32\DRIVERS\tap0901.sys

\SystemRoot\System32\drivers\CompositeBus.sys

\SystemRoot\system32\DRIVERS\kdnic.sys

\SystemRoot\System32\drivers\umbus.sys

\??\C:\Windows\system32\drivers\RzDxgk.sys

\SystemRoot\system32\DRIVERS\nvlddmkm.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\HDAudBus.sys

\SystemRoot\System32\drivers\USBXHCI.SYS

\SystemRoot\System32\drivers\ucx01000.sys

\SystemRoot\System32\drivers\HECIx64.sys

\SystemRoot\System32\drivers\usbehci.sys

\SystemRoot\System32\drivers\USBPORT.SYS

\SystemRoot\system32\DRIVERS\Rt630x64.sys

\SystemRoot\system32\DRIVERS\akwbx64.sys

\SystemRoot\System32\drivers\vwifibus.sys

\SystemRoot\System32\drivers\CmBatt.sys

\SystemRoot\System32\drivers\BATTC.SYS

\SystemRoot\System32\drivers\wmiacpi.sys

\SystemRoot\System32\drivers\intelppm.sys

\SystemRoot\System32\drivers\UEFI.sys

\SystemRoot\system32\drivers\nvvad64v.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ks.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\System32\drivers\NdisVirtualBus.sys

\SystemRoot\System32\drivers\swenum.sys

\SystemRoot\System32\drivers\iwdbus.sys

\SystemRoot\System32\drivers\btath_bus.sys

\SystemRoot\System32\drivers\rdpbus.sys

\SystemRoot\system32\drivers\RzMaelstromVAD.sys

\SystemRoot\System32\drivers\usbhub.sys

\SystemRoot\System32\drivers\UsbHub3.sys

\SystemRoot\system32\drivers\HdAudio.sys

\SystemRoot\system32\drivers\RTKVHD64.sys

\SystemRoot\system32\DRIVERS\btfilter.sys

\SystemRoot\System32\Drivers\BTHUSB.sys

\SystemRoot\System32\Drivers\bthport.sys

\SystemRoot\System32\drivers\usbccgp.sys

\SystemRoot\System32\drivers\SynTP.sys

\SystemRoot\System32\drivers\hidusb.sys

\SystemRoot\System32\drivers\HIDCLASS.SYS

\SystemRoot\System32\drivers\HIDPARSE.SYS

\SystemRoot\System32\drivers\rzendpt.sys

\SystemRoot\System32\Drivers\rzhnet.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\mouhid.sys

\SystemRoot\System32\drivers\rzudd.sys

\SystemRoot\system32\drivers\RzFilter.sys

\SystemRoot\System32\drivers\mouclass.sys

\SystemRoot\System32\drivers\kbdhid.sys

\SystemRoot\System32\drivers\kbdclass.sys

\SystemRoot\System32\drivers\rzjstk.sys

\SystemRoot\System32\drivers\mshidkmdf.sys

\SystemRoot\system32\DRIVERS\BthLEEnum.sys

\SystemRoot\System32\drivers\rfcomm.sys

\SystemRoot\System32\drivers\BthEnum.sys

\SystemRoot\System32\drivers\bthpan.sys

\SystemRoot\System32\drivers\btath_rcp.sys

\SystemRoot\system32\drivers\btath_avdt.sys

\SystemRoot\system32\drivers\btath_a2dp.sys

\SystemRoot\System32\drivers\btath_hcrp.sys

\SystemRoot\system32\DRIVERS\btath_flt.sys

\SystemRoot\system32\DRIVERS\btath_lwflt.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\System32\drivers\monitor.sys

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_iaStorA.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\DRIVERS\avckf.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\vwifimp.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\DRIVERS\idmwfp.sys

\SystemRoot\System32\drivers\condrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\drivers\Ndu.sys

\SystemRoot\system32\drivers\peauth.sys

\??\C:\WINDOWS\system32\drivers\rzpmgrk.sys

\??\C:\WINDOWS\system32\drivers\rzpnk.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\drivers\xpc4drvr.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\System32\drivers\rdpvideominiport.sys

\SystemRoot\System32\drivers\rdpdr.sys

\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\psi_mf_amd64.sys

\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffe00006576630

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\0000003c\

Lower Device Object: 0xffffe000041f62d0

Lower Device Driver Name: \Driver\iaStorA\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffe00006576630, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffe00006575040, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffe00006576630, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

DevicePointer: 0xffffe00003d85c10, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffe000043f75e0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffe000041f62d0, DeviceName: \Device\0000003c\, DriverName: \Driver\iaStorA\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)

File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)

File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)

File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)

Done!

Drive 0

This is a System drive

Scanning MBR on drive 0...

Inspecting partition table:

This drive is a GPT Drive.

MBR Signature: 55AA

Disk Signature: C5AEBD62

 

GPT Protective MBR Partition information:

 

    Partition 0 type is EFI-GPT (0xee)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 1  Numsec = 4294967295

 

    Partition 1 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 2 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

    Partition 3 type is Empty (0x0)

    Partition is NOT ACTIVE.

    Partition starts at LBA: 0  Numsec = 0

 

GPT Partition information:

 

    GPT Header Signature 4546492050415254

    GPT Header Revision 65536 Size 92 CRC 2336492224

    GPT Header CurrentLba = 1 BackupLba 1000215215

    GPT Header FirstUsableLba 34  LastUsableLba 1000215182

    GPT Header Guid 96d00643-fa25-4afb-858a-2317df9efaad

    GPT Header Contains 128 partition entries starting at LBA 2

    GPT Header Partition entry size = 128

 

    Backup GPT header Signature 4546492050415254

    Backup GPT header Revision 65536 Size 92 CRC 2336492224

    Backup GPT header CurrentLba = 1000215215 BackupLba 1

    Backup GPT header FirstUsableLba 34  LastUsableLba 1000215182

    Backup GPT header Guid 96d00643-fa25-4afb-858a-2317df9efaad

    Backup GPT header Contains 128 partition entries starting at LBA 1000215183

    Backup GPT header Partition entry size = 128

 

    Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac

    Partition ID 33ebf2e3-3cc8-4963-bbea-70d88767092

    FirstLBA 2048  Last LBA 33556479

    Attributes 1

    Partition Name                 Basic data partition

 

    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b

    Partition ID 8a15df69-ec12-4793-bb80-82f6f4364a9

    FirstLBA 33556480  Last LBA 34170879

    Attributes 0

    Partition Name                 EFI system partition

 

    GPT Partition 1 is bootable

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae

    Partition ID 19bef05-d6c2-463e-bc32-59869571aba7

    FirstLBA 34170880  Last LBA 34433023

    Attributes 0

    Partition Name         Microsoft reserved partition

 

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7

    Partition ID de744caa-5843-4197-9e60-a619b2499d82

    FirstLBA 34433024  Last LBA 998576127

    Attributes 0

    Partition Name                 Basic data partition

 

    Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac

    Partition ID 97ff1668-17b5-4c19-9780-1b9b9712ca4b

    FirstLBA 998576128  Last LBA 999497727

    Attributes 1

    Partition Name                                     

 

    Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac

    Partition ID 241d97e8-2284-43f2-a69e-43698d13ce7

    FirstLBA 999497728  Last LBA 1000214527

    Attributes 1

    Partition Name                                     

 

Disk Size: 512110190592 bytes

Sector size: 512 bytes

 

Done!

Scan finished

=======================================

 

 

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...

Removal finished

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.08.2.1001

 

© Malwarebytes Corporation 2011-2012

 

OS version: 6.3.9200 Windows 8.1 x64

 

Account is Administrative

 

Internet Explorer version: 11.0.9600.17498

 

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 2.394000 GHz

Memory total: 8504143872, free: 5703577600

 

=======================================

[Valinorum]

Re-run MBAR and see if the error it showed earlier, comes back.

[LegendOz]

Yes the exact same message shows up, but the scan comes out clean.

 

Could it be due to the FRST fix?