Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

iwintoolbarforpogo removal [Solved]


  • This topic is locked This topic is locked

#16
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2015
Ran by Maria at 2015-01-17 21:18:50
Running from C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A882WID4
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Classic Start 8 (HKLM-x32\...\{913D024D-5EB4-4AC3-A412-C87588574A74}_is1) (Version: 1.0.0.13 - Crawler, LLC)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.217 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.8.23 - Symantec Corporation)
NVIDIA Graphics Driver 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.37 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.0.3 - Reimage) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - Yahoo! Inc.)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Maria\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Maria\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Maria\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Maria\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Maria\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1695502234-2404808496-3934146252-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

31-12-2014 20:22:36 Scheduled Checkpoint
14-01-2015 08:16:00 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 00:26 - 2012-07-26 00:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10C29DBD-B3EF-44C7-9C57-E54597891A55} - System32\Tasks\Microsoft Office 15 Sync Maintenance for BEDROOM-PC-Maria Bedroom-pc => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {1E4E44BE-2398-4702-922B-6F7F3722D3D4} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {2EECB885-5DF8-489B-8932-F27CADC1197E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
Task: {34FF3F05-55D5-4798-B735-9CCCF6B3BCC8} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-12-12] () <==== ATTENTION
Task: {39F07E2B-421B-4FBF-8A00-1BD91696979D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage No Task File <==== ATTENTION
Task: {5BCB7F6E-C92A-4B28-8405-F0F4363FA6B4} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Pogo Games\PogoDGC.exe
Task: {66781D78-3372-478B-9184-E40F169C3AD0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {76151E98-429A-45A2-8452-694991590B25} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {80C50275-FE99-4558-8507-DD3D1D2DFAB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {932AD516-EE66-43D4-B692-923352FC7B13} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {9B09B3CB-C972-4DE5-961B-253963137CC7} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {9C030A2F-10DB-4D00-B795-C8B5BB166A48} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {9C759B76-7455-444A-B538-3BB8FD38E07E} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask No Task File <==== ATTENTION
Task: {E1F457F0-57F8-4C8A-86FB-92784AF446DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {F0C76B64-A93F-4C6F-A157-8D9F7E08806D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)
Task: {FD4CA422-48D7-4344-B313-48906292560F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-22 07:29 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-07-31 04:18 - 2012-04-24 21:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-11-18 08:48 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-07-31 04:25 - 2013-04-19 17:51 - 00020256 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIcon.dll
2013-07-31 04:25 - 2013-04-19 17:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2013-07-31 04:25 - 2013-04-19 17:51 - 00019232 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayNotBackuped.dll
2013-07-31 03:43 - 2012-10-26 13:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-14 05:07 - 2015-01-14 05:07 - 06757728 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2013-07-31 04:25 - 2013-04-19 17:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-25 07:50 - 2014-09-25 07:50 - 00081056 _____ () C:\Users\Maria\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-11-18 08:46 - 2014-11-18 08:46 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-11-18 08:48 - 2014-11-18 08:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2013-07-31 04:17 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-22 22:39 - 2014-10-22 22:39 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e5fff0dbaa6ea962dc3bd611929ad347\PSIClient.ni.dll
2013-07-31 04:01 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-07-31 04:25 - 2013-05-02 18:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_0favicon-2079221766
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_1favicon1313128964
AlternateDataStreams: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_2favicon-2092717923

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1695502234-2404808496-3934146252-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"

========================= Accounts: ==========================

Administrator (S-1-5-21-1695502234-2404808496-3934146252-500 - Administrator - Disabled)
Guest (S-1-5-21-1695502234-2404808496-3934146252-501 - Limited - Disabled)
Maria (S-1-5-21-1695502234-2404808496-3934146252-1002 - Administrator - Enabled) => C:\Users\Maria
UpdatusUser (S-1-5-21-1695502234-2404808496-3934146252-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2015 08:38:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BEDROOM-PC)
Description: Activation of app Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (01/17/2015 08:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4237765

Error: (01/17/2015 08:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4237765

Error: (01/17/2015 08:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2015 07:27:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140

Error: (01/17/2015 07:27:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140

Error: (01/17/2015 07:27:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2015 04:11:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1515

Error: (01/17/2015 04:11:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1515

Error: (01/17/2015 04:11:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/17/2015 06:06:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 05:15:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:41:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:40:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:40:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:39:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:39:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:38:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:38:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (01/17/2015 03:37:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.


Microsoft Office Sessions:
=========================
Error: (01/17/2015 08:38:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BEDROOM-PC)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2147023170

Error: (01/17/2015 08:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4237765

Error: (01/17/2015 08:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4237765

Error: (01/17/2015 08:37:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2015 07:27:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140

Error: (01/17/2015 07:27:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140

Error: (01/17/2015 07:27:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/17/2015 04:11:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1515

Error: (01/17/2015 04:11:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1515

Error: (01/17/2015 04:11:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
Date: 2015-01-16 19:54:20.689
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:20.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:20.595
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:20.548
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:20.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:20.398
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:20.166
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:19.646
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:19.504
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.

Date: 2015-01-16 19:54:19.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll with signing level Unsigned while the system requires signing level 6 or better to load.


==================== Memory info ===========================

Processor: Intel® Core™ i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 25%
Total physical RAM: 8052.05 MB
Available physical RAM: 6004.58 MB
Total Pagefile: 9268.05 MB
Available Pagefile: 7105.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:915.47 GB) (Free:866.73 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.18 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B42BE5A3)

Partition: GPT Partition Type.

==================== End Of Log ============================
  • 0

Advertisements


#17
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Users shortcut scan result (x64) Version: 18-01-2015
Ran by Maria at 2015-01-17 21:19:29
Running from C:\Users\Maria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A882WID4
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT Audio Control Panel.lnk -> C:\Windows\System32\IDTNC64.cpl (IDT, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Run in safe mode.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageSafeMode.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Website.lnk -> C:\Program Files\Reimage\Reimage Repair\Reimage Repair.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msouc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel® WiDi\Intel® WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk -> C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Photo Stream.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\PhotoStream.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Backup and Recovery.lnk -> C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe (SoftThinks - Dell)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Media Suite Essentials.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDVD 10\CyberLink PowerDVD 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDirector 10\PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\CyberLink Power2Go 8.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink LabelPrint 2.5\CyberLink LabelPrint 2.5.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Start 8\Classic Start 8.lnk -> C:\Program Files (x86)\CStart8\CStart8Tray64.exe (Crawler.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Start 8\Uninstall Classic Start 8.lnk -> C:\Program Files (x86)\CStart8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Intel\ExtremeGraphics\CUI\Resource\Intel® HD Graphics.lnk -> C:\Windows\System32\GfxUI.exe (Intel Corporation)
Shortcut: C:\Users\Default\Links\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\Links\Desktop.lnk -> C:\Users\Maria\Desktop ()
Shortcut: C:\Users\Maria\Links\Downloads.lnk -> C:\Users\Maria\Downloads ()
Shortcut: C:\Users\Maria\Links\Dropbox.lnk -> C:\Users\Maria\Dropbox ()
Shortcut: C:\Users\Maria\Links\OneDrive.lnk -> C:\Users\Maria\SkyDrive ()
Shortcut: C:\Users\Maria\Desktop\Continue Adobe Flash Player Installation.lnk -> C:\Users\Maria\AppData\Local\Temp\ICReinstall_adobe_flash_setup.exe (No File)
Shortcut: C:\Users\Maria\Desktop\Norton Installation Files.lnk -> C:\Users\Public\Downloads\Norton\{N360P212038-SHPD-FSD40014} ()
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Maria\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost Technology Monitor 2.6.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Maria\Dropbox ()
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader XI.lnk -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk -> C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe (Reimage®)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)


ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-11546616430.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x70c58629 -pinnedTimeHigh 0x01cfb0d3 -securityFlags 0x00000000 -url 0x0000001d hxxp://beadsmagic.com/?p=7164
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-11547174120.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x589ae044 -pinnedTimeHigh 0x01cf8689 -securityFlags 0x00000000 -url 0x0000001d hxxp://beadsmagic.com/?p=5554
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-11595935510.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x133c07ed -pinnedTimeHigh 0x01cf97f4 -securityFlags 0x00000000 -url 0x00000053 hxxp://socrafty.squidoo.com/video-2/crafty-video-how-to-tie-a-sliding-knot-bracelet
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-12376328720.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xe44e0246 -pinnedTimeHigh 0x01cee526 -securityFlags 0x00000000 -url 0x0000001e hxxp://www.spanishcentral.com/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-12663404190.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xc276feba -pinnedTimeHigh 0x01cf890c -securityFlags 0x00000000 -url 0x0000001d hxxp://atlanta.shambhala.org/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-13696074840.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xe186e6c5 -pinnedTimeHigh 0x01cea18e -securityFlags 0x00000000 -url 0x00000023 hxxp://archive.org/details/DeltaBox
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-14223175500.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x64d3b8c9 -pinnedTimeHigh 0x01cf8692 -securityFlags 0x00000000 -url 0x0000004f hxxp://www.create-your-style.com/Content.Node/get-started/Color-Carousel.en.php
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-14353794200.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xa100936a -pinnedTimeHigh 0x01cf19dc -securityFlags 0x00000000 -url 0x0000005a hxxp://www.verizonwireless.com/b2c/device/smartphone/samsung-galaxy-note-3-white?&zipRdr=y
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-15152777510.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x6b4e54cd -pinnedTimeHigh 0x01cf024c -securityFlags 0x00000000 -url 0x00000020 hxxp://www.e2designz.com/32.html
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-15669408180.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x3a1c2db9 -pinnedTimeHigh 0x01cef51e -securityFlags 0x00000000 -url 0x00000024 hxxp://www.stumbleupon.com/su/6hJDaz
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-17216922080.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x4a462d3c -pinnedTimeHigh 0x01cfa419 -securityFlags 0x00000000 -url 0x0000002b hxxp://www.amalthee-creations.com/jewells-9
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-17216922110.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x3bd33509 -pinnedTimeHigh 0x01cfa419 -securityFlags 0x00000000 -url 0x0000002b hxxp://www.amalthee-creations.com/jewells-6
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-17216922160.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x14dc499b -pinnedTimeHigh 0x01cfa419 -securityFlags 0x00000000 -url 0x0000002b hxxp://www.amalthee-creations.com/jewells-1
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-17790954610.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x82305037 -pinnedTimeHigh 0x01cea922 -securityFlags 0x00000000 -url 0x00000031 hxxp://www.beadshop.com/products/beads/tila-beads
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-17908270980.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xe9f5b158 -pinnedTimeHigh 0x01cee6c4 -securityFlags 0x00000000 -url 0x0000001a hxxp://www.xeno-canto.org/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-18331084030.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x3d2a1d4e -pinnedTimeHigh 0x01cea683 -securityFlags 0x00000000 -url 0x0000003d hxxp://www.sundancecatalog.com/product/59188.do?code=TELPTRET
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-19560269180.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x60f2702e -pinnedTimeHigh 0x01cf76bd -securityFlags 0x00000000 -url 0x00000036 hxxp://whimbeads.com/cart.asp?pg=classroom_spiral-rope
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-3750682930.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x1026a0d6 -pinnedTimeHigh 0x01cf7057 -securityFlags 0x00000000 -url 0x00000048 hxxp://www.etsy.com/listing/75513794/freashwater-pearl-rose-quartz-coral
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-3876580950.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x19fb54a6 -pinnedTimeHigh 0x01cf31b9 -securityFlags 0x00000000 -url 0x00000032 hxxp://www.lef.org/Vitamins-Supplements/Item01226/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-4243688200.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xad5d6a47 -pinnedTimeHigh 0x01cf0a5f -securityFlags 0x00000000 -url 0x00000028 hxxp://www.muscleandfitness.com/workouts
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-4645819960.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x5ac431a7 -pinnedTimeHigh 0x01ceeeec -securityFlags 0x00000000 -url 0x00000039 hxxp://www.limabeads.com/store/designs/ViewDesign?d=14918
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-5059225900.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x646763c2 -pinnedTimeHigh 0x01cfb241 -securityFlags 0x00000000 -url 0x0000003c hxxp://jennyhoople.com/blog/how-to-drill-small-beach-stones/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-5304292940.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x76b7bba8 -pinnedTimeHigh 0x01cf31c1 -securityFlags 0x00000000 -url 0x0000002e hxxp://www.artandsoulbeads.com/store/home.html
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-6495828560.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xaee806be -pinnedTimeHigh 0x01cf831c -securityFlags 0x00000000 -url 0x0000004a hxxp://anthurium.biz/anthurium-care-how-to-keep-your-anthurium-plant-alive
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-7246974290.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xfa2cacc1 -pinnedTimeHigh 0x01cf9199 -securityFlags 0x00000000 -url 0x0000003e hxxp://mb.abc.go.com/discussions/The_View/abc0000d5?redirCnt=1
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-9130721380.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x70ff03e1 -pinnedTimeHigh 0x01cf8511 -securityFlags 0x00000000 -url 0x0000004c hxxp://www.instructables.com/id/How-To-Make-A-Bowling-Ball-Planter/?ALLSTEPS
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-9584075450.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x167921d5 -pinnedTimeHigh 0x01cef5ff -securityFlags 0x00000000 -url 0x00000020 hxxp://www.thejazzmind.com/about
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\10256297550.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x103c02c5 -pinnedTimeHigh 0x01cee880 -securityFlags 0x00000000 -url 0x0000001d hxxp://www.savvyhomeblog.com/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\10298482970.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x0d60c658 -pinnedTimeHigh 0x01cee857 -securityFlags 0x00000000 -url 0x0000001b hxxp://jewelrywithsoul.com/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\12309488130.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xee344530 -pinnedTimeHigh 0x01cf735e -securityFlags 0x00000000 -url 0x0000003e hxxp://www.finegardening.com/make-your-own-hypertufa-container
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\12515035890.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x11a93e11 -pinnedTimeHigh 0x01cf1258 -securityFlags 0x00000000 -url 0x00000055 hxxp://www.etsy.com/listing/168525135/unique-turquoise-and-coral-dangle?ref=related-6
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\12617792730.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xe376514e -pinnedTimeHigh 0x01cf1327 -securityFlags 0x00000000 -url 0x0000002f hxxp://www.beadbuddies.net/Semiprecious_HQ.html
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\1276198510.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xed1caac2 -pinnedTimeHigh 0x01cec629 -securityFlags 0x00000000 -url 0x00000016 hxxp://ziacouture.com/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\1414768480.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x27b733b6 -pinnedTimeHigh 0x01cf0a5c -securityFlags 0x00000000 -url 0x0000002f hxxp://www.bodybuilding.com/fun/bbmaintrain.htm
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\17680091420.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x735c5084 -pinnedTimeHigh 0x01ceeb7a -securityFlags 0x00000000 -url 0x000000c0 hxxp://www.firemountaingems.com/encyclobeadia/beading_resources.asp?docid=D51Z&doccat=articles&WT.fmg_linksection=231DW2QCSGV
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\19316879580.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x1681a2aa -pinnedTimeHigh 0x01ceab6c -securityFlags 0x00000000 -url 0x0000004f hxxp://abc.go.com/shows/the-chew/recipes/Pork-Parmesan-Medallions-Michael-Symon
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\20465424340.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x67ba04c6 -pinnedTimeHigh 0x01cf04da -securityFlags 0x00000000 -url 0x00000040 hxxp://www.sanssoucie.com/etched-glass/piece-types/window-glass/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\5879802510.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x9ab0d524 -pinnedTimeHigh 0x01ceeb94 -securityFlags 0x00000000 -url 0x0000004b hxxp://www.pantone.com/pages/fcr/Default.aspx?season=spring&year=2014&pid=3
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\8236292270.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xe4059591 -pinnedTimeHigh 0x01cef6e4 -securityFlags 0x00000000 -url 0x00000041 hxxp://safavieh.com/rugs/ganges-river/transitional/knotted/gr423a
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\9268409870.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x1a676a6c -pinnedTimeHigh 0x01cf7ae9 -securityFlags 0x00000000 -url 0x00000029 hxxp://www.bluefoxfarm.com/#axzz334FlOtTU
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\9601316040.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x62e763ec -pinnedTimeHigh 0x01cf0387 -securityFlags 0x00000000 -url 0x00000031 hxxp://www.pinterest.com/source/dorjedesigns.com/


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Change Reimage Repair Language.lnk -> C:\Program Files\Reimage\Reimage Repair\LanguageSelect.exe (Reimage®) -> /Branch=Reimage /Product=Reimage_Repair
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {111EE7DF-FC45-40C7-98A7-753AC46B12FB} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe\Norton Identity Safe.LNK -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coSAStub.exe (Symantec Corporation) -> /install /force
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Advanced Statistics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel® Corporation) -> /sf Advanced Statistics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Event Viewer.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel® Corporation) -> /sf Wireless Event Viewer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Manual Diagnostics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel® Corporation) -> /sf Wireless Diagnostics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\My Dell.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -lloc dsc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\PC Checkup.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -startingpage pccheckup -lloc pccheckup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Maria\Desktop\Dropbox.lnk -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Maria\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-1380534050.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x169d5235 -pinnedTimeHigh 0x01cea4b1 -securityFlags 0x00000000 -url 0x0000001e https://www.bankofamerica.com/
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-15500980650.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x6c2f813f -pinnedTimeHigh 0x01cf1254 -securityFlags 0x00000000 -url 0x00000406 https://images.searc...DaW1nBG9pZAMwZm
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-2269230550.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x32ffa4c4 -pinnedTimeHigh 0x01ce9ded -securityFlags 0x00000000 -url 0x00000050 https://picasaweb.go...356628549038210
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\-8083997240.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xdbd94366 -pinnedTimeHigh 0x01cf7056 -securityFlags 0x00000000 -url 0x00000407 https://images.searc...DaW1nBG9pZAMwZm
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\15103100070.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0xb55432be -pinnedTimeHigh 0x01cf06fb -securityFlags 0x00000000 -url 0x0000002f https://www.annualcr...om/index.action
ShortcutWithArgument: C:\Users\Maria\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.InternetExplorer.Default\5117432050.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x9d40dc07 -pinnedTimeHigh 0x01cf16c0 -securityFlags 0x00000000 -url 0x0000001b https://www.mymedicare.gov/
ShortcutWithArgument: C:\Users\Public\Desktop\Norton Identity Safe.LNK -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\coSAStub.exe (Symantec Corporation) -> /install /force
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Start 8\classicstart8.com.url -> hxxp://www.classicstart8.com/
InternetURL: C:\Users\Maria\SkyDrive\Documents\Fitness.url -> https://skydrive.liv...ype=3&page=view
InternetURL: C:\Users\Maria\SkyDrive\Documents\Maria's Notebook.url -> https://skydrive.liv...ype=3&page=view
InternetURL: C:\Users\Maria\Favorites\3 Ways to Cook Steel Cut Oats - wikiHow.url -> hxxp://www.wikihow.com/Cook-Steel-Cut-Oats
InternetURL: C:\Users\Maria\Favorites\Amazing Facts About the Human Body from Travis Stork, MD Reader's Digest.url -> hxxp://www.rd.com/slideshows/amazing-facts-about-the-human-body-travis-stork/
InternetURL: C:\Users\Maria\Favorites\att.net – Email, News, Sports, Finance, Lifestyle, and Entertainment.url -> hxxp://att.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Beading Daily.url -> hxxp://www.beadingdaily.com/media/p/189219/showcontent.aspx
InternetURL: C:\Users\Maria\Favorites\Binaural Beats From HealingBeats.com HealingBeats.com Free Download & Streaming Internet Archive.url -> hxxp://archive.org/details/DeltaBox
InternetURL: C:\Users\Maria\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Maria\Favorites\Fusion Beads Beading Techniques All the Techniques you need to bead.url -> hxxp://www.fusionbeads.com/Techniques
InternetURL: C:\Users\Maria\Favorites\Jewelry Inspiration - Jewelry Projects on Craftsy!.url -> hxxp://www.craftsy.com/project/jewelry?_ct=wberqbdql-fhezusji
InternetURL: C:\Users\Maria\Favorites\Latino Americans The 500-Year Legacy That Shaped a Nation Ray Suarez 9780451238146 Amazon.com Books.url -> hxxp://www.amazon.com/Latino-Americans-500-Year-Legacy-Shaped/dp/0451238141
InternetURL: C:\Users\Maria\Favorites\Pork Parmesan Medallions Recipe - Michael Symon - The Chew.url -> hxxp://abc.go.com/shows/the-chew/recipes/Pork-Parmesan-Medallions-Michael-Symon
InternetURL: C:\Users\Maria\Favorites\Shaun T - Bio and Workouts by Shaun T - beachbody.url -> hxxp://www.beachbody.com/product/about-trainer-shaun-t.do
InternetURL: C:\Users\Maria\Favorites\The Dr. Oz Show.url -> hxxp://www.doctoroz.com/
InternetURL: C:\Users\Maria\Favorites\Tila bracelet plus - ABS - Picasa Web Albums.url -> https://picasaweb.go...356628549038210
InternetURL: C:\Users\Maria\Favorites\xeno-canto Sharing bird sounds from around the world.url -> hxxp://www.xeno-canto.org/
InternetURL: C:\Users\Maria\Favorites\XO Gallery Jewelry.url -> hxxp://jewelrywithsoul.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\Answers.url -> hxxp://answers.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\Finance.url -> hxxp://finance.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\Flickr.url -> hxxp://www.flickr.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\Mail.url -> hxxp://mail.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\My Yahoo!.url -> hxxp://my.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\News.url -> hxxp://news.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\Shopping.url -> hxxp://software.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\Sports.url -> hxxp://sports.yahoo.com/
InternetURL: C:\Users\Maria\Favorites\Yahoo! Websites\Yahoo!.url -> hxxp://www.yahoo.com/?fr=fp-yie10
InternetURL: C:\Users\Maria\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Maria\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=44661
InternetURL: C:\Users\Maria\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55424
InternetURL: C:\Users\Maria\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68920
InternetURL: C:\Users\Maria\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?LinkId=140813
InternetURL: C:\Users\Maria\Favorites\Microsoft Websites\Welcome to IE10.url -> hxxp://go.microsoft.com/fwlink/?LinkId=191282
InternetURL: C:\Users\Maria\Favorites\Links\Yahoo! Mail.url -> hxxp://webslice.mail.yahoo.com/ms/update
InternetURL: C:\Users\Maria\Favorites\Laptop Folder\My Account - Office.com.url -> https://office.micro.../MyAccount.aspx
InternetURL: C:\Users\Maria\Favorites\Fitness\Search Muscle and Fitness Hers.url -> hxxp://www.muscleandfitnesshers.com/search/apachesolr_search/seniors
InternetURL: C:\Users\Maria\Favorites\Dell\Dell Auction.url -> hxxp://www.dellauction.com/
InternetURL: C:\Users\Maria\Favorites\Dell\Dell Internet Security.url -> hxxp://support.dell.com/support/topics/global.aspx/support/security/security?c=us&cs=19&l=en&s=dhs
InternetURL: C:\Users\Maria\Favorites\Dell\Dell.url -> hxxp://www.dell.com/
InternetURL: C:\Users\Maria\Favorites\Dell\Support.Dell.Com.url -> hxxp://support.dell.com/support/index.aspx?c=us&l=en&s=gen
InternetURL: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
InternetURL: C:\Users\Public\Desktop\eBay.url -> hxxp://rover.ebay.com/rover/1/711-86042-13409-7/4

==================== End of log =============================
  • 0

#18
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
How am I doing?
  • 0

#19
ruggie_uk

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts
hi. The scans are great thanks but please do not use REimage repair. It is not a legitimate program.
Now that I have your logs I will work up the first stage of the fix for you.
  • 0

#20
ruggie_uk

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Hi. Just to confirm, you are doing really well by the way. Hardest part is over :)

 

Ok , let's get started :)
 
Step 1
 
FRST Fix

If FRST.exe/FRST64.exe is not on your desktop, please download Farbar Recovery Scan Tool and save it to your desktop.

  • Download the attached Attached File  fixlist.txt   5.82KB   104 downloadsand save it to your desktop <<< very important - it must be in the same location as FRST.exe/FRST64.exe (on the desktop)
  • Right click frst.png and run as administrator. When the tool opens click Yes to the disclaimer.
  • Press the Fix button.
  • It will produce a log called fixlog.txt on your Desktop.
  • Please copy and paste the contents of that log back here.

    NOTICE: This script was written specifically for this user, for use on that particular machine, at this point in time. Running this on another machine may cause damage to your operating system.

Step 2

 

jrt.pngJunkware Removal Tool
Please download Junkware Removal Tool to your desktop. << Important
Ensure that any security software is temporarily disabled for the duration of the scan. Don't forget to re-enable it afterwards.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by right-clicking jrt.png and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Items I need to see in your next post:

  • FRST fixlog
  • JRT log

 


  • 0

#21
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Thanks. Re loading FRST. Not sure hot to get it on my desktop. Laptop came with Win 8 but I also have and mostly use Win 7. That is the desk top I would place FRST on. As soon as it finishes downloading again, I'll see if I can get it on my desktop.
  • 0

#22
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

I have frst.txt     shortcut,txt  and addition.txt    on desktop plus the FRST box which automatically appeared on my desktop.  Not sure if that is a save? 


  • 0

#23
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

Want you to know that I initially hit reimage download thinking it was the FRST scan.  Afterall I had never done frst download and had no idea what to expect but I've uninstalled it.  The next thing is as I mentioned previously,  the frst box is on my desktop.  Happened automatically.  Down below is a little note book where the three txt are in.  But I also have them open on the desktop.  Also,  when you say download the fixlist,  does that mean I hit the link you provide?


  • 0

#24
ruggie_uk

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts
Yes please. Click the link ans save the file to the desktop
Then make sure frst is also there.
Start frst and click fix.
  • 0

#25
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

Well I clicked the fixlist blue link.  I opens text on desktop but no admin logo comes up for me to right click.  SOS


  • 0

Advertisements


#26
ruggie_uk

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts
Ok lets do it slightly different.
The blue link for the fixlist, right click it. Then select save target as. And navigate to the desktop and click save
  • 0

#27
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

Really scared right now.  Pc turned off.  Had to restart it and all the txt and FRST box gone from desktop.  Came back to other Home page.  Will deal with that later but want to confirm before I re-download all again?


  • 0

#28
ruggie_uk

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts
All you need to download is frst64.exe to your desktop and then the fixlist.txt.

We dont need to scan again. Just start frst64 and press fix.
:)
  • 0

#29
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts

A bit confused but working on it.


  • 0

#30
rubymars

rubymars

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I hit fix and it restarted my pc. Have to FRST download again.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP