Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Desktop has tons of pop ups [Closed] [Solved]

Started by tdjones813 , Apr 29 2015 02:12 PM

  • This topic is locked This topic is locked

#1
tdjones813
Posted 29 April 2015 - 02:12 PM

tdjones813

    Member

  • Member
  • PipPip
  • 65 posts

My desktop has a ton of popups, everytime I open something, something else not even relevant pops up.  Please help.


  • 0

Advertisements

#2
Essexboy
Posted 30 April 2015 - 08:54 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, first I will need a look see :)



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.
THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
Essexboy
Posted 03 May 2015 - 03:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#4
Machiavelli
Posted 04 May 2015 - 08:10 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

User returned.


  • 0

#5
Essexboy
Posted 04 May 2015 - 08:26 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Please post the logs :)
  • 0

#6
tdjones813
Posted 04 May 2015 - 04:16 PM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Tracy (administrator) on HOME-PC on 04-05-2015 18:13:54
Running from C:\Users\Tracy\Downloads
Loaded Profiles: Tracy (Available profiles: Tracy)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
() C:\Windows\SysWOW64\CSHelper.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Google Inc.) C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Google Inc.) C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\conathst.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1612880 2010-01-27] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [225792 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [cdloader] => C:\Users\Tracy\AppData\Roaming\mjusbsp\cdloader2.exe [50520 2010-02-26] (magicJack L.P.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [Google Update] => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-30] (Google Inc.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-05-23] (Samsung)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-05-23] (Samsung)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [MusicManager] => C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk [2014-09-15]
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fast Connect.lnk [2014-12-08]
ShortcutTarget: Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk [2013-07-28]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....bestbuy&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.n...id=tbid09152014
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM -> {73FE0C01-C5C3-43B5-B15B-48A5DEFFC59A} URL = http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> DefaultScope {22222C97-CFA5-4E02-8D8A-21F3E6B3DC46} URL = http://search.whites...m={SearchTerms}
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {083368C3-5B72-4F1A-BE01-5F70570FD6E9} URL = http://www.bing.com/...ms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {1F9F832A-605A-41F5-86AE-6BB407025F1A} URL = http://www.bing.com/...ms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {22222C97-CFA5-4E02-8D8A-21F3E6B3DC46} URL = http://search.whites...m={SearchTerms}
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {73FE0C01-C5C3-43B5-B15B-48A5DEFFC59A} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-07] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-04-16] (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Fast Connect -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.15.414.3\NativeBHO.dll [2015-04-14] (WhiteSky)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default
FF DefaultSearchEngine: Connect Search
FF DefaultSearchEngine.US: Connect Search
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Connect Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-08-24] (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-08-17] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-08-17] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-04-16] (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-08-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1953429275-1861937841-2176962007-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tracy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-03] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1953429275-1861937841-2176962007-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Tracy\AppData\Roaming\CATALI~1\NPBCSK~1.DLL [2013-06-07] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-08-17] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-08-17] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-02-26] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tracy\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\searchplugins\Connect Search.xml [2015-05-04]
FF Extension: White Sky Fast Connect - C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\Extensions\idvaultaddon@whitesky [2015-04-19]
FF Extension: No Name - C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\Extensions\temp [2014-09-15]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-23]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-17]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-05-03]
FF HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\InfoAtoms.cfg [2015-03-26] <==== ATTENTION
 
Chrome: 
=======
CHR Profile: C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-21]
CHR Extension: (Bookmark Manager) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (RealDownloader) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-17]
CHR Extension: (Norton Identity Safe) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-17]
CHR Extension: (Elite Unzip) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogkcceegdcidimjaaembojgcnobnddk [2015-02-21]
CHR Extension: (ArcadeYum) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmbmildjdmppofnohldicmnkojfhggmb [2015-04-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Norton Security Toolbar) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-12-08]
CHR Extension: (Google Wallet) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413104 2015-03-04] (Coupons.com Inc.)
R2 CSHelper; C:\Windows\SysWOW64\CSHelper.exe [266240 2009-07-25] () [File not signed]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [File not signed]
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-01-17] (Puran Software) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-04-22] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-04-22] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.003\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.003\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMTDIV.SYS [510168 2014-08-25] (Symantec Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-04 18:13 - 2015-05-04 18:14 - 00028901 _____ () C:\Users\Tracy\Downloads\FRST.txt
2015-05-04 18:12 - 2015-05-04 18:12 - 02101248 _____ (Farbar) C:\Users\Tracy\Downloads\FRST64.exe
2015-05-03 07:56 - 2015-05-03 07:56 - 00000000 ____D () C:\Program Files (x86)\Valassis
2015-05-03 07:55 - 2015-05-03 07:55 - 02166416 _____ (Valassis) C:\Users\Tracy\Downloads\P@H_prod308-fmfzHXGO.exe
2015-05-02 13:52 - 2015-05-02 13:52 - 00001432 _____ () C:\Users\Tracy\Downloads\event-32645.ics
2015-04-29 21:15 - 2015-04-29 21:15 - 01081072 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (4).exe
2015-04-29 20:59 - 2015-04-29 20:59 - 01081072 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (3).exe
2015-04-27 20:43 - 2015-04-27 20:43 - 01088384 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (2).exe
2015-04-27 20:43 - 2015-04-27 20:43 - 01088384 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (1).exe
2015-04-24 20:41 - 2015-04-24 20:41 - 00110592 _____ () C:\Users\Tracy\Documents\Untitled Document.wps
2015-04-24 20:40 - 2015-04-24 20:40 - 00018432 _____ () C:\Users\Tracy\Downloads\Adams Cover letter.wps
2015-04-23 16:28 - 2015-04-23 16:28 - 00000000 ____D () C:\Users\Tracy\Documents\OmniSV
2015-04-23 09:35 - 2015-04-23 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2015-04-23 09:35 - 2015-04-23 09:35 - 00000000 ____D () C:\Program Files (x86)\Coupons
2015-04-23 09:34 - 2015-04-23 09:34 - 02811464 _____ (Coupons.com Incorporated) C:\Users\Tracy\Downloads\CouponPrinterCPS.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-19 12:59 - 2015-04-19 12:59 - 00918440 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u67.exe
2015-04-16 04:03 - 2015-04-16 04:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2015-04-16 03:32 - 2015-03-04 22:25 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-16 03:32 - 2015-03-04 21:58 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 03:31 - 2015-03-13 22:22 - 01585248 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 03:31 - 2015-03-13 22:22 - 01168080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-16 03:31 - 2015-03-12 21:44 - 04691384 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 03:31 - 2015-03-12 21:44 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-16 03:31 - 2015-03-12 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-16 03:31 - 2015-03-12 20:08 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-16 03:31 - 2015-03-12 20:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-16 03:31 - 2015-03-12 20:08 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-16 03:04 - 2015-03-04 22:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-16 03:04 - 2015-03-04 22:14 - 00360384 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 03:04 - 2015-03-04 21:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 03:03 - 2015-03-08 21:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-16 03:03 - 2015-03-08 20:40 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:09 - 2015-03-09 20:31 - 17882112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:09 - 2015-03-09 20:19 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:09 - 2015-03-09 20:19 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:09 - 2015-03-09 20:18 - 10931200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:09 - 2015-03-09 20:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:09 - 2015-03-09 20:14 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:09 - 2015-03-09 20:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:09 - 2015-03-09 20:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:09 - 2015-03-09 20:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 09:09 - 2015-03-09 20:12 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-15 09:09 - 2015-03-09 19:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 09:09 - 2015-03-09 19:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 09:09 - 2015-03-09 19:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 09:09 - 2015-03-09 19:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 09:09 - 2015-03-09 18:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 09:09 - 2015-03-09 18:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 09:09 - 2015-03-09 18:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 09:09 - 2015-03-09 18:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 09:09 - 2015-03-09 18:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-15 09:09 - 2015-03-09 18:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-07 09:29 - 2015-04-15 07:20 - 00000000 ____D () C:\Users\Tracy\Desktop\Bow's
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-04 18:13 - 2014-05-13 20:27 - 00000000 ____D () C:\FRST
2015-05-04 17:53 - 2014-09-15 19:01 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2015-05-04 17:46 - 2013-06-23 16:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-04 17:36 - 2011-09-13 09:16 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-05-04 17:34 - 2009-04-22 16:12 - 01646139 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 17:15 - 2010-12-04 04:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-04 16:47 - 2010-12-04 04:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-04 16:33 - 2014-09-15 19:02 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\ID Vault
2015-05-04 14:09 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-04 14:09 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-04 10:03 - 2009-04-06 20:20 - 00003578 _____ () C:\Windows\System32\Tasks\HP Health Check
2015-05-04 03:00 - 2010-01-28 02:18 - 00781970 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-04 01:27 - 2011-07-28 18:32 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000Core.job
2015-05-03 20:14 - 2014-09-15 19:03 - 00000000 ____D () C:\Users\Tracy\AppData\Local\ID Vault
2015-05-03 20:12 - 2015-03-30 11:18 - 00003338 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2015-05-03 20:12 - 2015-03-30 11:18 - 00003204 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2015-05-03 20:09 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-03 20:07 - 2006-11-02 11:42 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-03 20:05 - 2013-05-17 19:15 - 02012800 _____ () C:\Windows\PFRO.log
2015-05-03 20:00 - 2011-05-01 19:31 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\SoftGrid Client
2015-05-03 07:56 - 2013-11-20 20:23 - 00271360 _____ () C:\Users\Tracy\Documents\Outlook.pst
2015-05-01 21:00 - 2009-05-29 13:25 - 00012626 _____ () C:\Users\Tracy\AppData\Roaming\wklnhst.dat
2015-04-30 10:26 - 2009-05-28 13:01 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-28 14:36 - 2013-08-13 19:37 - 00000000 ____D () C:\Users\Tracy\AppData\Local\CrashDumps
2015-04-25 21:16 - 2014-12-08 11:14 - 00002070 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Connect.lnk
2015-04-25 21:16 - 2014-12-08 11:14 - 00002058 _____ () C:\Users\Public\Desktop\Fast Connect.lnk
2015-04-24 20:42 - 2014-05-16 08:27 - 00000000 ____D () C:\Users\Tracy\Desktop\Dave's Resume
2015-04-23 16:27 - 2013-07-18 15:05 - 00011264 _____ () C:\Users\Tracy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-22 16:40 - 2015-01-09 13:17 - 00028672 _____ () C:\Users\Tracy\Downloads\Cody_Resume.wps
2015-04-20 18:28 - 2009-05-26 12:09 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTracy
2015-04-20 18:28 - 2009-05-26 12:09 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForTracy.job
2015-04-19 14:05 - 2015-03-26 12:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 13:04 - 2014-05-11 18:56 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-16 03:58 - 2014-09-16 20:15 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-04-16 03:57 - 2014-09-16 20:15 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-04-16 03:57 - 2014-09-16 20:15 - 00002220 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2015-04-16 03:57 - 2014-09-16 20:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-04-16 03:55 - 2013-03-14 14:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-16 03:31 - 2009-07-14 03:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 03:26 - 2006-11-02 08:46 - 00757952 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 03:22 - 2013-07-14 14:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 03:07 - 2006-11-02 08:35 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-15 08:46 - 2013-06-23 16:51 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 08:46 - 2013-06-23 16:51 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 08:46 - 2013-06-23 16:51 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 07:17 - 2014-11-16 12:43 - 00000000 ____D () C:\Users\Tracy\Desktop\Biddle Bop Invitaions
2015-04-14 09:08 - 2009-05-26 13:17 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
 
==================== Files in the root of some directories =======
 
2013-06-14 11:35 - 2013-07-13 11:35 - 0000005 _____ () C:\Users\Tracy\AppData\Roaming\WBPU-TTL.DAT
2009-05-29 13:25 - 2015-05-01 21:00 - 0012626 _____ () C:\Users\Tracy\AppData\Roaming\wklnhst.dat
2014-06-07 10:28 - 2014-06-07 10:28 - 0893239 _____ () C:\Users\Tracy\AppData\Local\a.zip
2014-06-07 10:28 - 2014-06-07 10:28 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Tracy\AppData\Local\BcsKtYcHW.dll
2013-10-15 08:42 - 2014-07-17 12:11 - 0000680 _____ () C:\Users\Tracy\AppData\Local\d3d9caps.dat
2013-07-18 15:05 - 2015-04-23 16:27 - 0011264 _____ () C:\Users\Tracy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-04 12:32 - 2010-07-04 12:40 - 0002162 _____ () C:\Users\Tracy\AppData\Local\seed.log
2009-08-21 13:45 - 2009-08-21 14:44 - 0019550 _____ () C:\Users\Tracy\AppData\Local\slot1.mm1
2010-05-10 00:22 - 2010-05-10 00:23 - 0023533 _____ () C:\Users\Tracy\AppData\Local\tmp24127_1344211615746_1544934352_31140848_8112699_N.0
2010-05-10 00:22 - 2010-05-10 00:23 - 0024049 _____ () C:\Users\Tracy\AppData\Local\tmp24127_1344211615746_1544934352_31140848_8112699_N.JPG
2012-12-23 21:42 - 2012-12-23 21:42 - 0114730 _____ () C:\Users\Tracy\AppData\Local\tmpABBEY.JPG
2010-08-25 22:01 - 2010-08-25 22:01 - 0034964 _____ () C:\Users\Tracy\AppData\Local\tmpRANDI.0
2010-08-25 22:01 - 2010-08-25 22:01 - 0036970 _____ () C:\Users\Tracy\AppData\Local\tmpRANDI.JPG
2011-01-04 18:16 - 2011-01-06 19:28 - 0001940 _____ () C:\Users\Tracy\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2013-07-28 12:40 - 2013-07-28 12:40 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-10-24 23:55 - 2009-10-24 23:59 - 0000356 _____ () C:\ProgramData\aygdr_save.log
2009-08-19 16:02 - 2009-08-19 16:22 - 0000264 _____ () C:\ProgramData\ayg_saver.log
2010-04-16 11:14 - 2010-04-22 17:57 - 0003901 _____ () C:\ProgramData\dorcrane_save.log
2010-12-21 22:41 - 2010-12-21 22:41 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2009-09-03 16:53 - 2010-12-22 23:42 - 0002890 _____ () C:\ProgramData\hpzinstall.log
2013-06-23 13:25 - 2013-06-23 13:25 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Files to move or delete:
====================
C:\Users\Tracy\jagex_cl_runescape_LIVE.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-04 08:18
 
==================== End Of Log ============================

  • 0

#7
tdjones813
Posted 04 May 2015 - 04:17 PM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by Tracy at 2015-05-04 18:15:04
Running from C:\Users\Tracy\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1953429275-1861937841-2176962007-500 - Administrator - Disabled)
Guest (S-1-5-21-1953429275-1861937841-2176962007-501 - Limited - Disabled)
Tracy (S-1-5-21-1953429275-1861937841-2176962007-1000 - Administrator - Enabled) => C:\Users\Tracy
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.1.601 - Adobe Systems, Inc.)
All in one Cleaner ver.1.0 (HKLM-x32\...\All in one Cleaner_is1) (Version:  - YL Computing, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtistScope Plugin IE (HKLM-x32\...\ArtistScope Plugin IE4.2.0.3) (Version: 4.2.0.3 - ArtistScope)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
Comcast High-Speed Internet Install Wizard (HKLM-x32\...\ComcastHSI) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.5) (Version: 5.0.1.5 - Coupons.com Incorporated)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2326 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.1.2.2 - DivX, Inc. )
Enhanced Multimedia Keyboard Solution (HKLM-x32\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fast Connect (HKLM-x32\...\ID Vault) (Version: 1.15.414.3 - White Sky)
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
File Opener Packages (HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\File Opener Packages) (Version:  - ) <==== ATTENTION
GEAR driver installer for x86 and x64 (x32 Version: 4.008.5 - GEAR Software) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GSC 2.00 (HKLM-x32\...\GSC 2.00) (Version:  - ClanServers Hosting LLC.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.5048.14 - PC-Doctor, Inc.)
HP Active Support Library (HKLM-x32\...\{0295F89F-F698-4101-9A7D-49F407EC2D82}) (Version: 3.1.10.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{E1591139-8B44-411B-A81B-D35F83A0565A}) (Version: 5.7.0.2875 - Hewlett-Packard)
HP Demo (HKLM-x32\...\{97ABD26A-3249-46CB-B2E2-F66E64B2E480}) (Version: 1.00.0000 - Hewlett-Packard)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{BB94D541-A747-4A5D-B0ED-72FA5C158EA5}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Basic Device Software (HKLM\...\{7F20F2D1-C425-4432-96BA-EBD0C2181493}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{791D3241-C6A4-417F-82E6-00543B6E5012}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.1.2717 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2415 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}) (Version: 2.1.7 - Hewlett-Packard)
HP MediaSmart TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.2.1622 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9452 - HP Photo Creations Powered by RocketLife)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Support Information (HKLM-x32\...\{1CC069FA-1A86-402E-9787-3F04E652C67A}) (Version: 10.1.0001 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Jihosoft Android Photo Transfer version 1.5 (HKLM-x32\...\{EEA7D922-7F21-42A1-B548-236984D36423}_is1) (Version: 1.5 - Jihosoft Studio)
Juno Preloader (HKLM-x32\...\{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}) (Version: 1.0.0 - Juno, Inc.)
KhalInstallWrapper (Version: 4.00.121 - Logitech) Hidden
League of Legends (x32 Version: 1.0020 - Riot Games) Hidden
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Logitech SetPoint 6.0 (HKLM\...\SP6) (Version: 6.00.68 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{4FAB5122-775E-4418-B8D9-E2873BC93570}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Business 2010 - English (HKLM-x32\...\{90140011-0062-0409-0000-0000000FF1CE}) (Version: 14.0.5138.5002 - Microsoft Corporation)
Microsoft Office Home and Student 2007 Trial (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 Trial (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Word 2007 Get Started Tab (HKLM-x32\...\{68B52EFD-86CC-486E-A8D0-A3A1554CB5BC}) (Version: 12.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSRedist (x32 Version: 9.0.30729.4148 - Symantec Corporation) Hidden
MSRedx64 (x32 Version: 9.0.30729.4148 - Symantec Corporation) Hidden
MSVCSetup (x32 Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\MusicManager) (Version:  - Google, Inc.)
muvee Reveal (HKLM-x32\...\{D722CF4B-4B06-BF11-FDEA-BD1B319FEA57}) (Version: 7.0.35.7918 - muvee Technologies Pte Ltd)
MyFreeCodec (HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\MyFreeCodec) (Version:  - )
Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 5.1.0.26 - Symantec Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
P@H-Protocol (HKLM-x32\...\{14F936AB-5D31-410E-A4E2-70AE504712F2}) (Version: 3.0.8.6 - Valassis)
PDF Reader (HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\PDF Reader) (Version:  - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.11 - Hewlett-Packard Company)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2325 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.2325 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2417 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.2417 - CyberLink Corp.) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Puran Defrag 7.6 (HKLM\...\Puran Defrag_is1) (Version:  - Puran Software)
Python 2.6 pywin32-212 (HKLM-x32\...\pywin32-py2.6) (Version: 2.12 - Python Software Foundation)
Python 2.6.1 (HKLM-x32\...\{9CC89170-000B-457D-91F1-53691F85B223}) (Version: 2.6.1150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RCA Updater 1.0.4.0 (HKLM-x32\...\RCA Updater_is1) (Version:  - RCA)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{0B4AA204-AB61-47E3-B5B4-27DCF375EBAC}\localserver32 -> "CDStart.exe" No File
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{317BD2B9-B35D-BC42-A2EF-268F41623185}\localserver32 -> C:\Windows\SysWOW64\PresentationHost.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Tracy\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{6D41D82A-2D4C-4F54-39CB-A4CE9ABB84E1}\localserver32 -> C:\Windows\SysWOW64\PresentationHost.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{A75F81C5-9091-DB4C-977E-4CF4504DBBCB}\localserver32 -> C:\Windows\SysWOW64\PresentationHost.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{F3BCC7F5-6D1F-147C-3B3E-EA031BCAFEC1}\localserver32 -> C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
CustomCLSID: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Tracy\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
03-05-2015 21:08:16 Scheduled Checkpoint
04-05-2015 03:00:12 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 08:34 - 2014-10-16 07:39 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {06B142B3-ABC6-4471-94D3-549FE1CC66CE} - System32\Tasks\{523D524B-1622-4209-9314-7992BE9DFA3F} => pcalua.exe -a "C:\Users\Tracy\Pictures\2009-05-27 cody\tm-Installer_MM_SalemWitchTrialsPremium.exe" -d C:\Users\Tracy\Desktop
Task: {0BB83556-CDC1-4E96-A1E2-5B63B94A3F36} - System32\Tasks\HP AR Program Upload - 17c829ca54e2439986255d93409c802998decf0693a744978bde2369132d1672 => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {132F0FD6-EBA2-4595-B3DC-06D80A099170} - System32\Tasks\{752D24F9-E78A-402D-AD00-E29AA718483C} => pcalua.exe -a C:\Windows\unvise32qt.exe -c C:\Windows\system32\QuickTime\Uninstall.log
Task: {15ED7FBF-A05D-43D1-B52E-B4DC045613E5} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-01-06] (PC-Doctor, Inc.)
Task: {1DF139CA-8BD8-4407-B6D2-04637C320B57} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {285C8A2E-2B18-4831-A76F-46321EC45E34} - System32\Tasks\{F7412476-CC1B-49BB-B840-1136E76A511B} => pcalua.exe -a "C:\Program Files (x86)\Yahoo! Games\Mystery P.I. - The Vegas Heist\Uninstall.exe"
Task: {29A3F563-D9FC-4B23-A14E-F1B9300DC534} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard)
Task: {2F73870E-86EE-41DE-8C08-C30AF98BF8D2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {30571BED-FAF4-47E4-B2A7-A34C88795C59} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {321A96C3-85F0-4A8B-8B4F-5A7A63AF7A28} - System32\Tasks\HP AR Program Upload - 2e43bcbd5ec8430ca9f9c061e036ce37b04e684c192a44c08cdcf6c9410c92be => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {3AC5B66F-2A54-48BF-8F8D-481DC515C63B} - System32\Tasks\{7530911F-B119-480B-8507-FE4017483F0D} => pcalua.exe -a "C:\Users\Tracy\Documents\My Games\tm-Installer_ShutterIsland.exe" -d C:\Users\Tracy\Desktop
Task: {42B949D9-9AC5-4B92-BB9E-7E6D63B99942} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {46F74E81-01A7-42D3-BF43-D0C27E4A57B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {4E59C978-AE37-43C3-AC9A-5F1BB07F21EE} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-11-10] ()
Task: {601420C6-C3E7-49EA-8F42-8FD380BEA25F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000UA => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-30] (Google Inc.)
Task: {67B2E7BC-467A-40E2-818C-0ADC08FB68CB} - System32\Tasks\{8C8FDE6D-2555-42BC-8CE5-00F1166CAD24} => pcalua.exe -a "C:\Program Files (x86)\FinalMediaPlayer\FMPSetupFileAssociations.exe" -d "C:\Program Files (x86)\FinalMediaPlayer"
Task: {6809E1EF-2496-48E8-8A60-B57C8A8DE82C} - System32\Tasks\Vista Task Low => C:\Program Files (x86)\RealArcade\RealArcade.exe
Task: {6AFE3D4F-864E-4555-8F37-138D359639AB} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {73BFF7D7-A4A0-49CE-A912-FB152F003EFE} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\Registry Mechanic\update.exe
Task: {746E705C-2F4D-46FD-A017-AFD2C85060A0} - System32\Tasks\HP AR Program Upload - 90976af4a1c44419bc6e2c43d2a0d433970c93cbc4424fbf9a93411b5d24bf1f => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {8028B178-44BB-480E-8F30-90A47E4AD17D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1953429275-1861937841-2176962007-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {8339657F-8233-4169-8C52-E6010BFC0CF0} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {91399FDC-363A-4EFE-84DE-C7C0360640DB} - System32\Tasks\{63CD3EA6-4045-4804-B299-22BDAEB1FF80} => pcalua.exe -a "C:\Users\Tracy\Documents\My Games\MaroonedSetup.exe" -d C:\Users\Tracy\Desktop
Task: {95BCB833-3ECF-4AED-AB09-F98E934D52A5} - System32\Tasks\{4B7F023C-71A3-4BCD-9E8F-2DC0ECEA773D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {9CFB4F1A-0F1E-4B73-82CD-9872588A7753} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1953429275-1861937841-2176962007-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {A407E24D-72A3-43D1-BAB4-BAE752C3D427} - System32\Tasks\{7CE1324E-148F-4590-80B9-1C2EDAAA9073} => pcalua.exe -a c:\Users\Tracy\Downloads\esetsmartinstaller_enu(1).exe
Task: {A5B454F1-C4A6-416F-ABE3-E7CDB04B596C} - System32\Tasks\HP AR Program Upload - 6445367a43404e609976ac966800d5064f7c5866932e4addb6253e6ad8ec4b41 => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {AB835EE2-F20B-4643-80DA-43B2011BD61E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {AF18934A-ED38-43DB-87B2-BC1148B37988} - System32\Tasks\Divx online update program => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-16] ()
Task: {BB3DA257-D1B7-4ED6-956F-E733A1BDA1CC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {BCAD446F-7409-429E-83DA-BF587B68F9AE} - System32\Tasks\HP AR Program Upload - 16acdc90580b437a8197504a0375588f0595cc3488c74a23adee14c2f614403e => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {BEA63F01-7843-4BBF-81E7-4B72E81195B0} - System32\Tasks\{E91FC81C-6CC2-4214-A98C-934BD8C4BC12} => pcalua.exe -a E:\install.exe -d E:\
Task: {C7D4F18A-893F-4520-B59D-D3A3902EF973} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {C9592505-1129-4C55-BCAB-F56316E9AB95} - System32\Tasks\Hewlett-Packard online update program => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard)
Task: {CAF0E2AC-2B98-4EE2-8D2A-FEF03C30CFCB} - System32\Tasks\HPCeeScheduleForTracy => C:\Program Files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-12-16] (Hewlett-Packard)
Task: {D866B26B-F785-49FF-8E62-F36926B1EE97} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000Core => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-30] (Google Inc.)
Task: {D8AAC9CD-BFC9-4E68-B053-2C9EF9B4CA76} - System32\Tasks\HP AR Program Upload - 87a465854f89437381c860fb6ba8fe880c957c69ce6b4401b15630ec563d593a => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {DFDE2D9E-AE7E-4E3F-A05C-72334976F318} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {E55C705E-331C-432A-9FE2-9095BBAD62BD} - System32\Tasks\{1509CC38-E487-4980-BFC9-A7079D74DF28} => pcalua.exe -a "C:\Users\Tracy\Documents\My Games\ClockworkMan_Setup-dm.exe" -d C:\Users\Tracy\Desktop
Task: {E55F6E7D-BDC6-48D2-8423-76A459C30FE8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E93E0174-DAAC-4711-B92B-DC30EC8289F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {ED0C114F-76EE-4510-95F8-3305DBB4B0B7} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {F431CEB0-4F33-4C7D-A832-F192C8AC0090} - System32\Tasks\Google Updater and Installer => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe [2014-04-30] (Google Inc.)
Task: {F609E728-097E-49F7-98F0-0C1E4B36C837} - System32\Tasks\{8FC337D4-DE92-4E1C-95E5-E3BB169A430F} => pcalua.exe -a "C:\Program Files (x86)\RealArcade\Installer\bin\gameinstaller.exe" -c "C:\Program Files (x86)\RealArcade\Installer\installerMain.clf" "C:\Program Files (x86)\RealArcade\Installer\uninstall\d1e488b9c75a1c30ed76c0de447a4327.rguninst" "AddRemove"
Task: {FC8F224E-48CE-45D0-BFDF-B10E44AE0346} - System32\Tasks\{9766176F-9074-461B-8114-E98945738BCD} => pcalua.exe -a "C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0SMSMNCD\yahoo_supple_tm6-3[1].exe" -d C:\Users\Tracy\Desktop
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000Core.job => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000UA.job => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForTracy.job => C:\Program Files (x86)\Hewlett-Packard\SDP\Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml
 
==================== Loaded Modules (whitelisted) ==============
 
2009-07-25 10:07 - 2009-07-25 10:07 - 00266240 ____N () C:\Windows\SysWOW64\CSHelper.exe
2013-04-16 03:07 - 2013-04-16 03:07 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-04-22 22:53 - 2009-04-22 22:53 - 00296320 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
2009-04-22 22:53 - 2009-04-22 22:53 - 00116104 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
2009-04-22 22:52 - 2009-04-22 22:52 - 00074536 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus64.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00267656 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00038184 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 10683392 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 07741952 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 02248192 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 01681408 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00117248 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00231936 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00253440 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-03-31 18:33 - 2015-03-31 18:33 - 00344064 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-09-03 15:15 - 2014-09-03 15:15 - 00026624 _____ () C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2009-09-03 18:56 - 2009-09-08 17:20 - 00043520 _____ () C:\Windows\SysWow64\CmdLineExt03.dll
2015-04-14 18:13 - 2015-04-14 18:13 - 00548152 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.dll
2015-04-29 03:08 - 2015-04-27 22:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR311 => ""="Service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tracy\Desktop\dd48451ba89e624d8f05821f8d028c35.jpeg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{6974B65A-A961-411A-9250-58AEA79B446E}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\TV\QP.exe
FirewallRules: [{4BE629F0-2CE7-411F-98C9-D180DF40F454}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\TV\QPService.exe
FirewallRules: [{28FF4D64-F878-4127-B93D-D44969ED30CD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{4317138B-437F-49BD-8192-28813CD80D6E}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{CF04C498-25F7-4A19-B546-171C583091C9}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{351991C6-9C1B-465E-B4D8-0428FDDF5A8C}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{500E9717-D26C-4264-87DE-3CBC217C565A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{1AA0F2F2-94E2-4504-885E-D3869579E666}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{7EB78C91-089F-4FD2-A41A-FC1F38C8A075}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{2E8905DE-ABEA-470B-A959-3A8C1B226F2F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{3B589690-2BBF-48C7-848C-92DDB873E450}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{F1AEF8F4-51BB-4FBC-A126-0B21719AE75F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{A7EC8AC5-3F0A-4A61-B7B2-15E90C427E78}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{9C5ADA5A-8B26-40CD-B8FA-07ED6C8D8CF0}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{EB8C4488-8AC6-432A-84B3-8578D785BE7F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{BF588ABB-0221-4544-9974-D3881871A742}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{00A6718A-8E09-4CA1-B8B5-A4C0044A7758}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{A439F425-25C3-4E98-9300-579C2E95554D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{E0DF3D7B-6F0A-4FD8-B6B3-4917F26B388A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{A5C5E630-7261-4BF8-B147-EEEF3A825593}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{290A621F-B02E-4B9F-B49F-C0A4D520BB86}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{64FC7C2C-2796-443A-A29A-04D3D21CF502}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [TCP Query User{039F517F-0782-46AC-B000-DDB9E751F000}C:\users\tracy\program files (x86)\dna\btdna.exe] => (Block) C:\users\tracy\program files (x86)\dna\btdna.exe
FirewallRules: [UDP Query User{89BE46D5-9B35-4B57-BC15-967C0648A4E4}C:\users\tracy\program files (x86)\dna\btdna.exe] => (Block) C:\users\tracy\program files (x86)\dna\btdna.exe
FirewallRules: [TCP Query User{AD30FB7C-FDF2-471A-8E12-7D9F8465EAB7}C:\users\tracy\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\tracy\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [UDP Query User{91B0F4CF-9036-4230-BBFC-49B53C02F927}C:\users\tracy\appdata\roaming\mjusbsp\magicjack.exe] => (Allow) C:\users\tracy\appdata\roaming\mjusbsp\magicjack.exe
FirewallRules: [{38D50BD5-ED1F-4846-BDA4-483A328E5418}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\TV\QP.exe
FirewallRules: [{2A96866F-DDCA-45B1-AAB1-7B72761C51BB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\TV\QPService.exe
FirewallRules: [{4AFA1251-D81C-409D-A956-779E03089AEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{0C396357-9114-40FF-A5EA-011469BDF8F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{4A76DC7C-6426-413D-A0A8-E1F9F3C5ABD1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{224EDE13-9981-42D7-B5C7-87F5CEDF8D02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{8FB0FF44-55F9-4B14-BF82-4698C77F1A1D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{210912BD-A0F4-42EE-8C94-B692DD393077}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7600712B-E2AE-441B-A567-B9C609F959ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{9E5F19B9-B818-4412-A8EA-31B37B86AFC0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{301303F8-B419-41F5-AEB2-B13813DF3C6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{0E2293F3-6E05-4FD6-B62F-B8BE621A05F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{59E43124-7209-4202-A50D-7DA2F8934855}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{12258B35-15E9-470A-BBFC-A635CB5409EB}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CB4D2707-9791-4F0C-B05B-50FEAD7CD5E5}] => (Allow) C:\Program Files (x86)\LimeWire\LimeWire.exe
FirewallRules: [{46583094-2E15-4760-806C-F67B4631FD35}] => (Allow) C:\Program Files (x86)\LimeWire\LimeWire.exe
FirewallRules: [{F34EE361-3696-48D9-8F77-B0BF37004ECC}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
FirewallRules: [{2E951453-720A-4249-9586-05D7AA4727B7}] => (Allow) LPort=8370
FirewallRules: [{E7FF0742-5E15-43F4-AAEB-A666E946C452}] => (Allow) LPort=8370
FirewallRules: [{2B9065E4-B38A-4B2E-95FE-85B9D17C4F26}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{29C06FFF-141B-4984-A985-333831B5C6C3}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{921A0520-0EF5-4431-8C05-923A682FB78A}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{3AF51FA2-B88F-428F-9E02-E9CA3ECCEE85}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{022700E4-C3AA-47CE-9064-0DA284A1069D}] => (Allow) LPort=8371
FirewallRules: [{D9D0546E-2AE9-4DB6-B1A7-2C50811443EF}] => (Allow) LPort=8371
FirewallRules: [{F4B8ADE0-A2AF-4DF5-8774-CA4AA5DCE99D}] => (Allow) LPort=8372
FirewallRules: [{B6D58AD9-F690-405C-97A3-C7F44311ECBB}] => (Allow) LPort=8372
FirewallRules: [{2269EF80-7F0A-420E-9296-E1C90C21F06F}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{92B91EDE-1B5A-47EC-A9EA-34ABBA2D18CA}] => (Allow) C:\Program Files (x86)\FrostWire\FrostWire.exe
FirewallRules: [{77BE3E79-6E80-4212-8F05-80BBD9E2F270}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{C3E9B20A-B7E2-4aab-9835-3C548937E46F}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{B078B2B6-A878-44ff-9BCC-458257924F96}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{92459C5E-D350-4cba-AA74-C8F989C9336F}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{7ACC6E87-8C12-4adb-91B7-EFC3F2F4705A}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{B1A40E4F-58DB-490f-9D18-55B5194E8BD5}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{0512BC72-EB54-4FA7-97B3-C23E6FC60423}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{01FF8286-39C6-4FE0-947D-244AA268C7D3}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{D962BC8C-1854-4CE3-9D2B-6D998B9BE5DD}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{BDF03952-A3C8-4CEC-9FDA-54CEB244E348}] => (Allow) C:\Windows\explorer.exe
FirewallRules: [{3296C788-A0B8-4E65-B1F5-EC49A46E940D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{AD5FF138-1CB5-4A97-8D6B-12451183F058}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{167BAC5F-66F1-496E-83FE-FEC1BBECD937}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{546DFAA5-E74F-4E4B-AE14-D4AFF06AF8A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{024213FA-3AA4-4D2F-883D-8C6B41C5557C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{2F5AB145-62E8-499E-9A61-01F50FF90186}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{6918E4AE-D8FC-49E8-91AF-97584B62BE41}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{ADCA02ED-AE0E-4D6C-8533-B84090B1E19F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{ED2D3C4E-68D9-42FA-B8A1-5A02B0B6D4DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{EC2E83AF-3A3F-4761-8BFC-30EDADB7838E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{88FED118-615F-438B-B92D-3F3D0BE98FBF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{03B87268-8026-4964-AB74-9442A9527DD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{51045EF8-309A-46FB-8969-AD2B2F59526B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{130C89D7-9708-4AA3-B83A-A0685C1DE471}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{561FED2D-11D0-4C97-AC96-970D18D1F9AE}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{E2A8918E-0706-4D0D-897C-DE4BE52C029A}] => (Allow) C:\Program Files (x86)\iWin Games\iWinGames.exe
FirewallRules: [{45E03FD5-D6DB-4C3A-AC2D-8A62323D38C1}] => (Allow) C:\Program Files (x86)\iWin Games\iWinGames.exe
FirewallRules: [{77E6B2DC-097D-47A2-93F3-13502B8B59E1}] => (Allow) C:\Program Files (x86)\iWin Games\WebUpdater.exe
FirewallRules: [{01BC55B3-328C-4F2A-A108-ABBFE63C8F69}] => (Allow) C:\Program Files (x86)\iWin Games\WebUpdater.exe
FirewallRules: [{B4BC3A86-3241-42E2-9594-17FFFC1CF457}] => (Allow) LPort=8378
FirewallRules: [{02B07793-F2E3-4736-B70A-849C06750676}] => (Allow) LPort=8378
FirewallRules: [{05ABA71E-A39E-485C-AB25-3F163A727CA4}] => (Allow) LPort=8379
FirewallRules: [{EF3E6CE9-3C6D-46EA-B5CA-301D9F88699C}] => (Allow) LPort=8379
FirewallRules: [{DCE125B2-5753-4128-8EE8-7ACF983E1C7E}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{F2EE4088-C1B5-4937-B3A0-D865AF5EB620}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{7F3023F6-E0BE-481B-93E5-A1858C22A94A}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{10C51848-1D42-419E-B183-C2CBB90157CC}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{E0271837-E16C-4B23-9DEC-B4C0CA15EFC7}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{B65DBA5B-6B96-4AD2-9D91-B146DC30B1E4}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{E34DAC62-1507-41A6-A2A6-54AAA0FF2C11}] => (Allow) LPort=80
FirewallRules: [{0B150A33-D313-454A-9ED4-3B495EE09839}] => (Allow) LPort=80
FirewallRules: [{4453638B-8CE6-4FC4-8630-455021D2AC59}] => (Allow) LPort=80
FirewallRules: [TCP Query User{28F9E780-56A0-479B-8894-2E566D489E71}C:\users\tracy\program files (x86)\dna\btdna.exe] => (Block) C:\users\tracy\program files (x86)\dna\btdna.exe
FirewallRules: [UDP Query User{7C391D61-79DA-4269-BF1D-1E58FCF70FFE}C:\users\tracy\program files (x86)\dna\btdna.exe] => (Block) C:\users\tracy\program files (x86)\dna\btdna.exe
FirewallRules: [{3BEA67E9-4868-4976-B2A3-36AD9BCC73E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C50D73B4-EF90-4012-876B-3393A9073292}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{ED7E4D2E-86AF-4D38-A669-2686885AE235}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [UDP Query User{F40146ED-C932-4F28-83BD-373CDC7D090A}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [TCP Query User{C7B2F589-F065-4E50-8024-E9323CB53785}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{9BC50BF9-B1C6-4378-A712-08C0EBEB3525}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{4C21DCA0-69C1-4787-A868-6F2639EB1A86}C:\users\tracy\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tracy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F0D7A2EE-9E4B-4A2E-BA3A-B8409DE580F0}C:\users\tracy\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tracy\appdata\roaming\spotify\spotify.exe
FirewallRules: [{07728343-016F-4665-8526-24448A5DD282}] => (Allow) LPort=5353
FirewallRules: [{4C8A3050-1BCF-40CA-88F7-D661D8574826}] => (Allow) LPort=5353
FirewallRules: [{BB185B0F-AED3-4E5F-BD81-228FAFB2E219}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{4105241A-5238-49F2-B4C7-D7CBCFDC29E4}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe
FirewallRules: [{D1881663-3440-4B3A-BBDF-8A04EC062FC7}] => (Allow) LPort=9322
FirewallRules: [{D46994EA-3A54-47B7-AE59-DE7B013C8BDA}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{BE1AFBA7-8F6A-4EBF-B6D4-49236EE74A7C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{E9286A07-14A7-43D5-BDF0-BCE89E081C8A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{3B0C5432-6F40-4547-82F8-DC3789AD5A94}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{219B88B5-8CF7-44FC-BF8E-0F4B14B47A3F}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{64E2D6B5-49E9-4772-9F86-229FBD1166C3}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{F29005AF-F1B1-46E6-8810-03E7863B917A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{FD86B81B-18DA-4C73-8385-F2C6F109B509}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{AA019790-B637-4C83-B635-A4602D759294}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{57FCFD95-FA80-41B1-9D3D-F09B6C1CFE52}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{73703FB0-8C6A-4149-B0D9-6E68B5193BFC}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{0BC4327E-A702-4730-8DB0-F5FA0A346E3A}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{83F46227-0988-420F-BBF4-C8825C7DF139}] => (Allow) LPort=7935
FirewallRules: [{4E008D07-3A65-410E-B0D8-04BEF9711CAB}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{607FB60F-D124-4AEE-82D3-61A45EE1B434}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{0C70712C-9E60-4A87-B1D3-422371D07ACA}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{3367A87F-8FCC-4DD5-AB8E-2058A82F7DDD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{76126DD7-B6A0-452E-B4FD-348970EE4E25}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0ACF825D-90A1-45D8-8FEE-C74F7947B0CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86CCEB3C-AE8F-4B03-A3DD-205F2802D550}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7A9A5A19-B0F4-43AC-8714-28604822A893}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{304BE9BC-53E6-471E-96BB-2A07356833C8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{5BF6509F-551B-4FE7-B6D9-072B8A9899B1}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{548196EA-DFD8-4863-892A-980F829A5EB9}] => (Allow) C:\Program Files (x86)\dlsecuretb\dtUser.exe
FirewallRules: [{15CEC3D3-D2C1-414A-A502-6554622473A8}] => (Allow) C:\Program Files (x86)\dlsecuretb\dtUser.exe
FirewallRules: [{F5FC013F-F750-4595-9E58-C97C0B822293}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{FD117E0B-A219-4ADB-A04A-C3F49B558964}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{7DD816FD-E5C3-4BFC-8278-90BFE386D7A4}] => (Allow) C:\Program Files (x86)\xfin_portal\dtuser.exe
FirewallRules: [{12DF387F-4E58-4294-8F18-FDB9632B9C7C}] => (Allow) C:\Program Files (x86)\xfin_portal\dtuser.exe
FirewallRules: [{596C555E-7C8D-4C51-9384-5651BE7B572B}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{E1F4CCCD-207A-4751-BC8D-CD1913F50CF2}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{530AF432-3C1F-416E-AF8A-57E9DA503F4A}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{241FE8AD-9FAE-4D90-B884-3F63D943F5F2}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{6E3090D3-1D7D-4C9A-93C9-CF400B9C9B20}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{B1C3F4D8-32B1-471D-AA13-9026F7A8A5E1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FB3D2BA-C5D4-41F1-AB6A-D4F10F928285}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B8F2F25-9A54-4657-8791-4DC7D79ACA1E}] => (Allow) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
FirewallRules: [{4941D51D-47F1-4CC3-A059-CBE11A9694B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\BitTorrent\bittorrent.exe] => Enabled:BitTorrent
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/04/2015 06:05:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123
 
Error: (05/04/2015 06:05:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1123
 
Error: (05/04/2015 06:05:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/04/2015 03:00:42 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Product: Microsoft Office Click-to-Run 2010 - Update 'Update for Microsoft Office 2010 (KB2837578) 32-Bit Edition' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127
 
Error: (05/03/2015 08:12:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/03/2015 08:12:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/03/2015 08:10:11 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.
 
Error: (05/03/2015 08:10:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/03/2015 08:06:54 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support.
 
Error: (05/03/2015 08:06:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/04/2015 03:02:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Update for Microsoft Office 2010 (KB2837578) 32-Bit Edition{CC239840-7F4C-4804-B7D5-47BC7EEAC3EA}200
 
Error: (05/03/2015 09:08:16 PM) (Source: volsnap) (EventID: 20) (User: )
Description: The shadow copies of volume C: were aborted because of a failed free space computation.
 
Error: (05/03/2015 08:12:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (05/03/2015 08:10:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (05/03/2015 08:10:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
i8042prt
 
Error: (05/03/2015 08:07:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (05/03/2015 08:06:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Beep
i8042prt
 
Error: (05/03/2015 08:01:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Update for Microsoft Office 2010 (KB2837578) 32-Bit Edition{CC239840-7F4C-4804-B7D5-47BC7EEAC3EA}200
 
Error: (05/03/2015 03:02:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Update for Microsoft Office 2010 (KB2837578) 32-Bit Edition{CC239840-7F4C-4804-B7D5-47BC7EEAC3EA}200
 
Error: (05/02/2015 03:03:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Update for Microsoft Office 2010 (KB2837578) 32-Bit Edition{CC239840-7F4C-4804-B7D5-47BC7EEAC3EA}200
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-04 18:14:22.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:22.175
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:21.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:20.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT64x86.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:06.009
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:05.459
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:04.892
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:04.216
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:03.587
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-04 18:14:02.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 54%
Total physical RAM: 6133.33 MB
Available physical RAM: 2777.13 MB
Total Pagefile: 12459.67 MB
Available Pagefile: 8861.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:583.32 GB) (Free:400 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:12.85 GB) (Free:1.81 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=583.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#8
tdjones813
Posted 04 May 2015 - 06:28 PM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-05-04 18:17:54
-----------------------------
18:17:54.617    OS Version: Windows x64 6.0.6002 Service Pack 2
18:17:54.617    Number of processors: 2 586 0x1706
18:17:54.618    ComputerName: HOME-PC  UserName: Tracy
18:17:59.292    Initialize success
18:17:59.483    VM: initialized successfully
18:17:59.485    VM: Intel CPU virtualization not supported 
18:19:47.722    AVAST engine defs: 15050402
18:23:12.094    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:23:12.096    Disk 0 Vendor: SAMSUNG_ 1AA0 Size: 610480MB BusType: 8
18:23:12.245    Disk 0 MBR read successfully
18:23:12.247    Disk 0 MBR scan
18:23:12.252    Disk 0 unknown MBR code
18:23:12.711    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS       597323 MB offset 63
18:23:12.733    Disk 0 Partition 2 00     07      HPFS/NTFS NTFS        13154 MB offset 1223317620
18:23:12.797    Disk 0 scanning C:\Windows\system32\drivers
18:23:24.115    Service scanning
18:23:26.485    Service BHDrvx64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys **LOCKED** 5
18:23:30.096    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
18:23:30.465    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
18:23:32.994    Service IDSVia64 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSvia64.sys **LOCKED** 5
18:23:37.028    Service NAVENG C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.003\ENG64.SYS **LOCKED** 5
18:23:37.258    Service NAVEX15 C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.003\EX64.SYS **LOCKED** 5
18:23:50.850    Modules scanning
18:23:50.857    Disk 0 trace - called modules:
18:23:50.878    ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll 
18:23:50.884    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006247790]
18:23:50.889    3 CLASSPNP.SYS[fffffa60010b9c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006102050]
18:23:53.640    AVAST engine scan C:\Windows
18:24:00.756    AVAST engine scan C:\Windows\system32
18:28:21.077    AVAST engine scan C:\Windows\system32\drivers
18:28:53.012    AVAST engine scan C:\Users\Tracy
19:04:11.413    File: C:\Users\Tracy\Downloads\iLividSetupV1(2).exe  **INFECTED** Win32:Adware-gen [Adw]
19:21:00.026    AVAST engine scan C:\ProgramData
19:39:36.701    Disk 0 statistics 6215444/0/0 @ 0.81 MB/s
19:39:36.708    Scan finished successfully
20:27:47.670    Disk 0 MBR has been saved successfully to "C:\Users\Tracy\Desktop\MBR.dat"
20:27:47.680    The log file has been saved successfully to "C:\Users\Tracy\Desktop\aswMBR.txt"

  • 0

#9
Essexboy
Posted 05 May 2015 - 08:06 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
On completion of the following could you let me know how the computer is behaving

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
FF Extension: No Name - C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\Extensions\temp [2014-09-15]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\InfoAtoms.cfg [2015-03-26] <==== ATTENTION
2015-05-03 07:55 - 2015-05-03 07:55 - 02166416 _____ (Valassis) C:\Users\Tracy\Downloads\P@H_prod308-fmfzHXGO.exe
2015-05-03 07:56 - 2015-05-03 07:56 - 00000000 ____D () C:\Program Files (x86)\Valassis
2014-06-07 10:28 - 2014-06-07 10:28 - 0893239 _____ () C:\Users\Tracy\AppData\Local\a.zip
2014-06-07 10:28 - 2014-06-07 10:28 - 2162416 _____ (Catalina Marketing Corp) C:\Users\Tracy\AppData\Local\BcsKtYcHW.dll
Task: {67B2E7BC-467A-40E2-818C-0ADC08FB68CB} - System32\Tasks\{8C8FDE6D-2555-42BC-8CE5-00F1166CAD24} => pcalua.exe -a "C:\Program Files (x86)\FinalMediaPlayer\FMPSetupFileAssociations.exe" -d "C:\Program Files (x86)\FinalMediaPlayer"
C:\Program Files (x86)\FinalMediaPlayer
C:\Users\Tracy\Downloads\iLividSetupV1(2).exe
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#10
tdjones813
Posted 07 May 2015 - 07:12 AM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
# AdwCleaner v3.206 - Report created 04/05/2014 at 19:20:06
# Updated 04/05/2014 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Tracy - HOME-PC
# Running from : C:\Users\Tracy\Desktop\AdwCleaner (4).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\AI_RecycleBin
[!] Folder Deleted : C:\ProgramData\Tarma Installer
[!] Folder Deleted : C:\ProgramData\Trymedia
[!] Folder Deleted : C:\ProgramData\WeCareReminder
[!] Folder Deleted : C:\ProgramData\Alawar Stargaze
[!] Folder Deleted : C:\ProgramData\AlawarWrapper
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
[!] Folder Deleted : C:\Program Files (x86)\Ask.com
[!] Folder Deleted : C:\Program Files (x86)\Conduit
[!] Folder Deleted : C:\Program Files (x86)\DefaultTab
[!] Folder Deleted : C:\Program Files (x86)\Delta
[!] Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
[!] Folder Deleted : C:\Program Files (x86)\InfoAtoms
[!] Folder Deleted : C:\Program Files (x86)\MyPC Backup
[!] Folder Deleted : C:\Program Files (x86)\registry mechanic
[!] Folder Deleted : C:\Program Files (x86)\Windows iLivid Toolbar
[!] Folder Deleted : C:\Program Files (x86)\Yontoo
[!] Folder Deleted : C:\Program Files (x86)\Zynga
[!] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[!] Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
[!] Folder Deleted : C:\Program Files\Babylon
[!] Folder Deleted : C:\Users\Public\Documents\iWin
[!] Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
[!] Folder Deleted : C:\Users\Tracy\.android
[!] Folder Deleted : C:\Users\Tracy\AppData\LocalLow\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Users\Tracy\AppData\LocalLow\DataMngr
[!] Folder Deleted : C:\Users\Tracy\AppData\Roaming\FinalMediaPlayer
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\Tracy\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\g6a064b4.default\user.js
File Deleted : C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\user.js
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DSite
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16545
 
 
-\\ Mozilla Firefox v28.0 (en-US)
 
[ File : C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\prefs.js ]
 
Line Deleted : user_pref("extensions.buenosearch.admin", false);
Line Deleted : user_pref("extensions.buenosearch.aflt", "orgnl");
Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.buenosearch.id", "02e3f96400000000000000248c7e0144");
Line Deleted : user_pref("extensions.buenosearch.instlDay", "16188");
Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
Line Deleted : user_pref("extensions.buenosearch.newTab", false);
Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
Line Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_def&mntrId=02E300248C7E0144&affID=66528&tsp=5231");
Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
Line Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=TB_def&mntrId=02E300248C7E0144&affID=66528&tsp=5231");
Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.720:46:35");
Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
 
-\\ Google Chrome v34.0.1847.131
 
[ File : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=YWxdm001YYus&ptb=B2FBC38F-5F80-40DF-82E9-07A8C1F9BF07&ind=2011090719&ptnrS=YWxdm001YYus&si=maps4pc&n=77decf1f&psa=&st=sb&searchfor={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
Deleted [Search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&amp;o=15527&amp;prt=360&amp;chn=S1122&amp;geo=US&amp;ver=20&amp;locale=en_US&amp;tpr=111
Deleted [Search Provider] : hxxp://www.searchqu.com/web?src=crb&appid=119&systemid=406&sr=0&q={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [12185 octets] - [04/05/2014 19:16:16]
AdwCleaner[S0].txt - [11182 octets] - [04/05/2014 19:20:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11243 octets] ##########
# AdwCleaner v4.203 - Logfile created 07/05/2015 at 09:02:45
# Updated 30/04/2015 by Xplode
# Database : 2015-04-30.2 [Local]
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (x64)
# Username : Tracy - HOME-PC
# Running from : C:\Users\Tracy\Downloads\adwcleaner_4.203.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : CouponPrinterService
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\ProgramData\EmailNotifier
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[!] Folder Deleted : C:\Program Files (x86)\Coupons
[!] Folder Deleted : C:\Program Files (x86)\Coupons
[!] Folder Deleted : C:\Users\Tracy\AppData\Local\Mindspark_Interactive_Net
[!] Folder Deleted : C:\Users\Tracy\AppData\LocalLow\HPAppData
[!] Folder Deleted : C:\Users\Tracy\AppData\Roaming\HPAppData
[!] Folder Deleted : C:\Users\Tracy\AppData\Roaming\catalina – print savings
[!] Folder Deleted : C:\Users\Tracy\AppData\Roaming\StormFall
[!] Folder Deleted : C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\catalina – print savings
[!] Folder Deleted : C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
[!] Folder Deleted : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
[!] Folder Deleted : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogkcceegdcidimjaaembojgcnobnddk
File Deleted : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iogkcceegdcidimjaaembojgcnobnddk_0.localstorage
File Deleted : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iogkcceegdcidimjaaembojgcnobnddk_0.localstorage-journal
File Deleted : C:\Users\Tracy\Desktop\Facebook.lnk
File Deleted : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage
File Deleted : C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_eliteunzip.dl.tb.ask.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GetPose.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKCU\Software\Local AppWizard-Generated Applications
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Opener Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.5
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\File Opener Packages
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}
Key Deleted : [x64] HKLM\SOFTWARE\System Optimizer Pro
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16636
 
 
-\\ Mozilla Firefox v36.0.4 (x86 en-US)
 
 
-\\ Google Chrome v42.0.2311.135
 
[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mysearchresults.com/search?c=3253&t=15&q={searchTerms}
[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : iogkcceegdcidimjaaembojgcnobnddk
 
*************************
 
AdwCleaner[R0].txt - [17451 bytes] - [04/05/2014 19:16:16]
AdwCleaner[R1].txt - [5831 bytes] - [02/06/2014 07:47:27]
AdwCleaner[R2].txt - [1154 bytes] - [02/06/2014 09:45:45]
AdwCleaner[R3].txt - [10461 bytes] - [16/10/2014 07:59:29]
AdwCleaner[R4].txt - [1470 bytes] - [16/10/2014 12:37:56]
AdwCleaner[S0].txt - [16163 bytes] - [04/05/2014 19:20:06]
AdwCleaner[S1].txt - [5709 bytes] - [02/06/2014 07:49:33]
AdwCleaner[S2].txt - [1216 bytes] - [02/06/2014 09:46:51]
AdwCleaner[S3].txt - [9735 bytes] - [16/10/2014 08:02:51]
AdwCleaner[S4].txt - [1450 bytes] - [16/10/2014 12:40:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16459  bytes] ##########

  • 0

Advertisements

#11
tdjones813
Posted 07 May 2015 - 07:12 AM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

I'm still getting popups.  


  • 0

#12
Essexboy
Posted 07 May 2015 - 07:19 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are they in a specific browser or all of them

What are the popups related to ?

Could you run FRST again please but this time tick the shortcut txt box and post or attach the logs generated
  • 0

#13
tdjones813
Posted 07 May 2015 - 08:07 AM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Tracy (administrator) on HOME-PC on 07-05-2015 10:05:23
Running from c:\Users\Tracy\downloads
Loaded Profiles: Tracy (Available profiles: Tracy)
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\CSHelper.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\n360.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Google Inc.) C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Google Inc.) C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1612880 2010-01-27] (Logitech, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [225792 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [cdloader] => C:\Users\Tracy\AppData\Roaming\mjusbsp\cdloader2.exe [50520 2010-02-26] (magicJack L.P.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [Google Update] => C:\Users\Tracy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-30] (Google Inc.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-05-23] (Samsung)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-05-23] (Samsung)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [MusicManager] => C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk [2014-09-15]
ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fast Connect.lnk [2014-12-08]
ShortcutTarget: Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk [2015-05-05]
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Startup: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk [2013-07-28]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\buShell.dll [2015-03-06] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....bestbuy&pf=cndt
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.n...id=tbid09152014
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM -> {73FE0C01-C5C3-43B5-B15B-48A5DEFFC59A} URL = http://search.live.c...ms}&FORM=HPDTDF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {083368C3-5B72-4F1A-BE01-5F70570FD6E9} URL = http://www.bing.com/...ms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {1F9F832A-605A-41F5-86AE-6BB407025F1A} URL = http://www.bing.com/...ms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {22222C97-CFA5-4E02-8D8A-21F3E6B3DC46} URL = http://search.whites...m={SearchTerms}
SearchScopes: HKU\S-1-5-21-1953429275-1861937841-2176962007-1000 -> {73FE0C01-C5C3-43B5-B15B-48A5DEFFC59A} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-07] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-07] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-04-16] (RealDownloader)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Fast Connect -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.15.414.3\NativeBHO.dll [2015-04-14] (WhiteSky)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll [2008-08-28] (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default
FF DefaultSearchEngine: Connect Search
FF DefaultSearchEngine.US: Connect Search
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Connect Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-08-24] (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2013-08-17] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-04-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2013-08-17] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-04-16] (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-08-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1953429275-1861937841-2176962007-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tracy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-03] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1953429275-1861937841-2176962007-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Tracy\AppData\Roaming\CATALI~1\NPBCSK~1.DLL No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-08-17] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-11-20] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-08-17] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-02-26] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tracy\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\searchplugins\Connect Search.xml [2015-05-07]
FF Extension: White Sky Fast Connect - C:\Users\Tracy\AppData\Roaming\Mozilla\Firefox\Profiles\taimr24r.default\Extensions\idvaultaddon@whitesky [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-26]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-23]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-17]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-05-07]
FF HKU\S-1-5-21-1953429275-1861937841-2176962007-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR Profile: C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-21]
CHR Extension: (Bookmark Manager) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (RealDownloader) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-08-17]
CHR Extension: (Norton Identity Safe) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-17]
CHR Extension: (ArcadeYum) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmbmildjdmppofnohldicmnkojfhggmb [2015-04-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Google Wallet) - C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 CSHelper; C:\Windows\SysWOW64\CSHelper.exe [266240 2009-07-25] () [File not signed]
R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-12-04] (Hewlett-Packard) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-03-17] (Hewlett-Packard Company) [File not signed]
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\N360.exe [265000 2015-03-26] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2011-01-28] (PC Tools)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2013-01-17] (Puran Software) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-04-22] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-04-22] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20150506.003\IDSvia64.sys [671448 2015-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150506.009\ENG64.SYS [129752 2015-04-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20150506.009\EX64.SYS [2137304 2015-04-29] (Symantec Corporation)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMTDIV.SYS [510168 2014-08-25] (Symantec Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-07 08:58 - 2015-05-07 08:58 - 02204160 _____ () C:\Users\Tracy\Downloads\adwcleaner_4.203.exe
2015-05-06 07:45 - 2015-05-06 07:48 - 00000000 ____D () C:\Users\Tracy\Desktop\Frames
2015-05-05 10:15 - 2015-05-05 10:15 - 01990585 _____ () C:\Users\Tracy\Downloads\LABELS042.zip
2015-05-05 10:15 - 2015-05-05 10:15 - 00000000 ____D () C:\Users\Tracy\AppData\Local\WinZip
2015-05-05 10:10 - 2015-05-05 10:11 - 00000000 ____D () C:\ProgramData\WinZip
2015-05-05 10:10 - 2015-05-05 10:10 - 00001862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-05-05 10:10 - 2015-05-05 10:10 - 00001856 _____ () C:\Users\Public\Desktop\WinZip.lnk
2015-05-05 10:10 - 2015-05-05 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-05-05 10:10 - 2015-05-05 10:10 - 00000000 ____D () C:\Program Files\WinZip
2015-05-05 10:08 - 2015-05-05 10:09 - 120105328 _____ () C:\Users\Tracy\Downloads\winzip190.exe
2015-05-05 10:03 - 2015-05-05 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-05 10:03 - 2015-05-05 10:03 - 00000000 ____D () C:\Program Files\7-Zip
2015-05-05 10:02 - 2015-05-05 10:02 - 01376768 _____ () C:\Users\Tracy\Downloads\7z920-x64.msi
2015-05-05 09:54 - 2015-05-05 09:54 - 00000000 ____D () C:\Users\Tracy\AppData\Local\Apps\2.0
2015-05-05 09:34 - 2015-05-07 09:10 - 00003204 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2015-05-05 09:24 - 2015-05-05 09:21 - 01990585 _____ () C:\Users\Tracy\Documents\LABELS042.zip
2015-05-04 21:21 - 2015-05-04 21:21 - 00019340 _____ () C:\Users\Tracy\Desktop\teal-and-purple-chevron-pattern.html
2015-05-04 20:27 - 2015-05-04 20:27 - 00002964 _____ () C:\Users\Tracy\Desktop\aswMBR.txt
2015-05-04 20:27 - 2015-05-04 20:27 - 00000512 _____ () C:\Users\Tracy\Desktop\MBR.dat
2015-05-04 18:17 - 2015-05-04 18:17 - 05200384 _____ (AVAST Software) C:\Users\Tracy\Downloads\aswmbr.exe
2015-05-04 18:15 - 2015-05-04 18:15 - 00066216 _____ () C:\Users\Tracy\Downloads\Addition.txt
2015-05-04 18:13 - 2015-05-07 10:05 - 00026760 _____ () C:\Users\Tracy\Downloads\FRST.txt
2015-05-04 18:12 - 2015-05-06 21:18 - 02102272 _____ (Farbar) C:\Users\Tracy\Downloads\FRST64.exe
2015-05-02 13:52 - 2015-05-02 13:52 - 00001432 _____ () C:\Users\Tracy\Downloads\event-32645.ics
2015-04-29 21:15 - 2015-04-29 21:15 - 01081072 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (4).exe
2015-04-29 20:59 - 2015-04-29 20:59 - 01081072 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (3).exe
2015-04-27 20:43 - 2015-04-27 20:43 - 01088384 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (2).exe
2015-04-27 20:43 - 2015-04-27 20:43 - 01088384 _____ (Unity Technologies ApS) C:\Users\Tracy\Downloads\UnityWebPlayer (1).exe
2015-04-24 20:41 - 2015-04-24 20:41 - 00110592 _____ () C:\Users\Tracy\Documents\Untitled Document.wps
2015-04-24 20:40 - 2015-04-24 20:40 - 00018432 _____ () C:\Users\Tracy\Downloads\Adams Cover letter.wps
2015-04-23 16:28 - 2015-04-23 16:28 - 00000000 ____D () C:\Users\Tracy\Documents\OmniSV
2015-04-23 09:34 - 2015-04-23 09:34 - 02811464 _____ (Coupons.com Incorporated) C:\Users\Tracy\Downloads\CouponPrinterCPS.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-04-19 13:03 - 2015-04-19 13:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-19 12:59 - 2015-04-19 12:59 - 00918440 _____ (Oracle Corporation) C:\Users\Tracy\Downloads\chromeinstall-7u67.exe
2015-04-16 04:03 - 2015-04-16 04:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2015-04-16 03:32 - 2015-03-04 22:25 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-16 03:32 - 2015-03-04 21:58 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 03:31 - 2015-03-13 22:22 - 01585248 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 03:31 - 2015-03-13 22:22 - 01168080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-16 03:31 - 2015-03-12 21:44 - 04691384 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 03:31 - 2015-03-12 21:44 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-16 03:31 - 2015-03-12 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-16 03:31 - 2015-03-12 21:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-16 03:31 - 2015-03-12 20:08 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-16 03:31 - 2015-03-12 20:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-16 03:31 - 2015-03-12 20:08 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-16 03:04 - 2015-03-04 22:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-16 03:04 - 2015-03-04 22:14 - 00360384 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 03:04 - 2015-03-04 21:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 03:03 - 2015-03-08 21:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-16 03:03 - 2015-03-08 20:40 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:09 - 2015-03-09 20:31 - 17882112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:09 - 2015-03-09 20:19 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:09 - 2015-03-09 20:19 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:09 - 2015-03-09 20:18 - 10931200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:09 - 2015-03-09 20:14 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:09 - 2015-03-09 20:14 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:09 - 2015-03-09 20:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 09:09 - 2015-03-09 20:13 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:09 - 2015-03-09 20:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:09 - 2015-03-09 20:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 09:09 - 2015-03-09 20:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 09:09 - 2015-03-09 20:12 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-15 09:09 - 2015-03-09 19:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 09:09 - 2015-03-09 19:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 09:09 - 2015-03-09 19:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 09:09 - 2015-03-09 19:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 09:09 - 2015-03-09 18:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 09:09 - 2015-03-09 18:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 09:09 - 2015-03-09 18:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-04-15 09:09 - 2015-03-09 18:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 09:09 - 2015-03-09 18:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 09:09 - 2015-03-09 18:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-04-15 09:09 - 2015-03-09 18:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-04-15 09:09 - 2015-03-09 18:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-04-07 09:29 - 2015-04-15 07:20 - 00000000 ____D () C:\Users\Tracy\Desktop\Bow's
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-07 10:05 - 2014-05-13 20:27 - 00000000 ____D () C:\FRST
2015-05-07 09:46 - 2013-06-23 16:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 09:36 - 2011-09-13 09:16 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-05-07 09:15 - 2010-12-04 04:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-07 09:12 - 2014-09-15 19:02 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\ID Vault
2015-05-07 09:10 - 2015-03-30 11:18 - 00003338 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1953429275-1861937841-2176962007-1000
2015-05-07 09:10 - 2010-12-04 04:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-07 09:09 - 2009-04-22 16:12 - 01896811 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 09:04 - 2013-05-17 19:15 - 02015762 _____ () C:\Windows\PFRO.log
2015-05-07 09:04 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 09:04 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-07 09:04 - 2006-11-02 11:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-07 09:03 - 2006-11-02 11:42 - 00032576 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-07 09:02 - 2014-05-04 19:16 - 00000000 ____D () C:\AdwCleaner
2015-05-07 08:59 - 2014-11-16 12:43 - 00000000 ____D () C:\Users\Tracy\Desktop\Biddle Bop Invitaions
2015-05-07 03:00 - 2010-01-28 02:18 - 00781970 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-07 02:23 - 2014-09-15 19:01 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2015-05-07 01:26 - 2011-07-28 18:32 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1953429275-1861937841-2176962007-1000Core.job
2015-05-06 21:25 - 2014-06-02 07:43 - 00000000 ____D () C:\Users\Tracy\Downloads\FRST-OlderVersion
2015-05-06 21:19 - 2015-03-26 12:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-05 10:11 - 2009-05-26 11:57 - 00000000 ____D () C:\Users\Tracy
2015-05-05 09:02 - 2013-03-14 13:17 - 00000000 ____D () C:\Users\Tracy\Desktop\Bottlecap images
2015-05-04 10:03 - 2009-04-06 20:20 - 00003578 _____ () C:\Windows\System32\Tasks\HP Health Check
2015-05-03 20:14 - 2014-09-15 19:03 - 00000000 ____D () C:\Users\Tracy\AppData\Local\ID Vault
2015-05-03 20:00 - 2011-05-01 19:31 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\SoftGrid Client
2015-05-03 07:56 - 2013-11-20 20:23 - 00271360 _____ () C:\Users\Tracy\Documents\Outlook.pst
2015-05-01 21:00 - 2009-05-29 13:25 - 00012626 _____ () C:\Users\Tracy\AppData\Roaming\wklnhst.dat
2015-04-30 10:26 - 2009-05-28 13:01 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-28 14:36 - 2013-08-13 19:37 - 00000000 ____D () C:\Users\Tracy\AppData\Local\CrashDumps
2015-04-25 21:16 - 2014-12-08 11:14 - 00002070 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Connect.lnk
2015-04-25 21:16 - 2014-12-08 11:14 - 00002058 _____ () C:\Users\Public\Desktop\Fast Connect.lnk
2015-04-24 20:42 - 2014-05-16 08:27 - 00000000 ____D () C:\Users\Tracy\Desktop\Dave's Resume
2015-04-23 16:27 - 2013-07-18 15:05 - 00011264 _____ () C:\Users\Tracy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-22 16:40 - 2015-01-09 13:17 - 00028672 _____ () C:\Users\Tracy\Downloads\Cody_Resume.wps
2015-04-20 18:28 - 2009-05-26 12:09 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTracy
2015-04-20 18:28 - 2009-05-26 12:09 - 00000334 _____ () C:\Windows\Tasks\HPCeeScheduleForTracy.job
2015-04-19 13:04 - 2014-05-11 18:56 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-16 03:58 - 2014-09-16 20:15 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2015-04-16 03:57 - 2014-09-16 20:15 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2015-04-16 03:57 - 2014-09-16 20:15 - 00002220 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2015-04-16 03:57 - 2014-09-16 20:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-04-16 03:55 - 2013-03-14 14:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-16 03:31 - 2009-07-14 03:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 03:26 - 2006-11-02 08:46 - 00757952 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 03:22 - 2013-07-14 14:34 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 03:07 - 2006-11-02 08:35 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-15 08:46 - 2013-06-23 16:51 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 08:46 - 2013-06-23 16:51 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 08:46 - 2013-06-23 16:51 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 09:08 - 2009-05-26 13:17 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
 
==================== Files in the root of some directories =======
 
2013-06-14 11:35 - 2013-07-13 11:35 - 0000005 _____ () C:\Users\Tracy\AppData\Roaming\WBPU-TTL.DAT
2009-05-29 13:25 - 2015-05-01 21:00 - 0012626 _____ () C:\Users\Tracy\AppData\Roaming\wklnhst.dat
2013-10-15 08:42 - 2014-07-17 12:11 - 0000680 _____ () C:\Users\Tracy\AppData\Local\d3d9caps.dat
2013-07-18 15:05 - 2015-04-23 16:27 - 0011264 _____ () C:\Users\Tracy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-04 12:32 - 2010-07-04 12:40 - 0002162 _____ () C:\Users\Tracy\AppData\Local\seed.log
2009-08-21 13:45 - 2009-08-21 14:44 - 0019550 _____ () C:\Users\Tracy\AppData\Local\slot1.mm1
2010-05-10 00:22 - 2010-05-10 00:23 - 0023533 _____ () C:\Users\Tracy\AppData\Local\tmp24127_1344211615746_1544934352_31140848_8112699_N.0
2010-05-10 00:22 - 2010-05-10 00:23 - 0024049 _____ () C:\Users\Tracy\AppData\Local\tmp24127_1344211615746_1544934352_31140848_8112699_N.JPG
2012-12-23 21:42 - 2012-12-23 21:42 - 0114730 _____ () C:\Users\Tracy\AppData\Local\tmpABBEY.JPG
2010-08-25 22:01 - 2010-08-25 22:01 - 0034964 _____ () C:\Users\Tracy\AppData\Local\tmpRANDI.0
2010-08-25 22:01 - 2010-08-25 22:01 - 0036970 _____ () C:\Users\Tracy\AppData\Local\tmpRANDI.JPG
2011-01-04 18:16 - 2011-01-06 19:28 - 0001940 _____ () C:\Users\Tracy\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2013-07-28 12:40 - 2013-07-28 12:40 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-10-24 23:55 - 2009-10-24 23:59 - 0000356 _____ () C:\ProgramData\aygdr_save.log
2009-08-19 16:02 - 2009-08-19 16:22 - 0000264 _____ () C:\ProgramData\ayg_saver.log
2010-04-16 11:14 - 2010-04-22 17:57 - 0003901 _____ () C:\ProgramData\dorcrane_save.log
2010-12-21 22:41 - 2010-12-21 22:41 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2009-09-03 16:53 - 2010-12-22 23:42 - 0002890 _____ () C:\ProgramData\hpzinstall.log
2013-06-23 13:25 - 2013-06-23 13:25 - 0000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some content of TEMP:
====================
C:\Users\Tracy\AppData\Local\Temp\Quarantine.exe
C:\Users\Tracy\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-07 09:15
 
==================== End Of Log ============================

  • 0

#14
tdjones813
Posted 07 May 2015 - 08:08 AM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Users shortcut scan result (x64) Version: 06-05-2015 01
Ran by Tracy at 2015-05-07 10:06:28
Running from c:\Users\Tracy\downloads
Boot Mode: Normal
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
 
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Juno Offer!.lnk -> C:\Windows\Installer\{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}\_18be6784.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat_com.lnk -> C:\Program Files (x86)\Adobe\Acrobat_com\Acrobat_com.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk -> C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk -> C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk -> C:\Program Files (x86)\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk -> C:\Program Files\Windows Calendar\WinCal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk -> C:\Program Files\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk -> C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\Movie Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk -> C:\Program Files\Movie Maker\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk -> C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Games\Mirror Mysteries\Mirror Mysteries.lnk -> C:\Program Files (x86)\Yahoo! Games\Mirror Mysteries\mm.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Games\Mirror Mysteries\Uninstall Mirror Mysteries.lnk -> C:\Program Files (x86)\Yahoo! Games\Mirror Mysteries\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 19.0.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety & Comfort Guide.lnk -> C:\hp\documentation\SCG_en-US.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Upgrading and Servicing Guide.lnk -> C:\hp\documentation\USGVN_en-US.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandlot\Super Granny 4\Help.lnk -> C:\Program Files (x86)\Sandlot\Super Granny 4\help\help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandlot\Super Granny 4\Super Granny 4.lnk -> C:\Program Files (x86)\Sandlot\Super Granny 4\SuperGranny4.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandlot\Super Granny 4\Uninstall Super Granny 4.lnk -> C:\Program Files (x86)\Sandlot\Super Granny 4\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Story Album Viewer\Samsung Story Album Viewer.lnk -> C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealDownloader.lnk -> C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{B67BAFBA-4C9F-48FA-9496-933E3B255044}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag\Help.lnk -> C:\Program Files\Puran Defrag\PuranDefrag.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag\Puran Defrag on the Web.lnk -> C:\Program Files\Puran Defrag\Puran Defrag.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran Defrag\Puran Defrag.lnk -> C:\Program Files\Puran Defrag\PuranDefragGUI.exe (Puran Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects\PrintProjects.lnk -> C:\Program Files (x86)\PrintProjects\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintProjects\Uninstall PrintProjects.lnk -> C:\Program Files (x86)\PrintProjects\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\Hardware Diagnostic Tools.lnk -> C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe (PC-Doctor, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP support information.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\Recovery Disc Creation.lnk -> C:\Program Files (x86)\SMINST\CD Creator.exe (SoftThinks)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\Recovery Manager.lnk -> C:\Program Files (x86)\SMINST\Restore7.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Base.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\sbase.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Calc.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\scalc.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Draw.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\sdraw.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Impress.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\simpress.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Math.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\smath.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Writer.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\Juno Dial-up.lnk -> C:\Program Files (x86)\JunoPreloader\Juno Offer!.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\MSN.lnk -> C:\Program Files (x86)\Online Services\MSN90\msnsusii.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite\Norton Security Suite.lnk -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\uistub.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard\Norton Bootable Recovery Tool Wizard.LNK -> C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard\Engine\5.1.0.26\NBRTWizard.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk -> C:\Program Files (x86)\MyFree Codec\1.0b beta\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee\Create instant home movies.lnk -> C:\Program Files (x86)\muvee Technologies\muvee Reveal - SE\muveereveal.exe (muvee Technologies Pte Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee\Quick Tour.lnk -> C:\Program Files (x86)\muvee Technologies\muvee Reveal - SE\reveal_quicktour\deploy_ready\launchquicktour.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Getting Started.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\gtngstrtd.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Calendar.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Database.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Portfolio.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Spreadsheet.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Task Launcher.lnk -> C:\Program Files (x86)\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Word Processor.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Activation Assistant for Microsoft Office.lnk -> C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites\ota.hta ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Unifying\Logitech Unifying Software.lnk -> C:\Program Files\Common Files\LogiShrd\Unifying\DJCUHost.exe (Logitech, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Quick Demo.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\Quick Demo.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft Android Photo Transfer\Jihosoft Android Photo Transfer.lnk -> C:\Program Files (x86)\Jihosoft Android Photo Transfer\Android Photo Transfer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jihosoft Android Photo Transfer\Uninstall Jihosoft Android Photo Transfer.lnk -> C:\Program Files (x86)\Jihosoft Android Photo Transfer\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager\Intel® Matrix Storage Console.lnk -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Shell.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder\InfraExpress.lnk -> C:\Program Files (x86)\InfraRecorder\irExpress.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder\InfraRecorder Help.lnk -> C:\Program Files (x86)\InfraRecorder\InfraRecorder.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder\InfraRecorder.lnk -> C:\Program Files (x86)\InfraRecorder\InfraRecorder.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder\Uninstall.lnk -> C:\Program Files (x86)\InfraRecorder\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Games\House of 1000 Doors The Palm of Zoroaster.lnk -> C:\Program Files (x86)\WildTangent Games\Games\Houseof1000DoorsThePalmofZoroaster\HouseOf1000Doors_ThePalmOfZoroaster-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Games\SpongeBob Clash of Triton.lnk -> C:\Program Files (x86)\WildGames\SpongeBob Clash of Triton\Triton-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Games\WildTangent Games App - hp.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Smart Web Printing\HP Smart Web Printing Help.lnk -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\Help\hpsmartprint.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\Uninstall HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart DVD.lnk -> C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Help.lnk -> c:\Windows\Installer\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}\_D663F8278BB5E996131881.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart TV.lnk -> C:\Program Files (x86)\Hewlett-Packard\Media\TV\HPTV.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\Help.lnk -> C:\Program Files (x86)\HP\HP Deskjet 3510 series\bin\HelpViewer\hpqlpvwr.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\HP Scan.lnk -> C:\Program Files (x86)\HP\HP Deskjet 3510 series\bin\HPScan.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\Printer Setup & Software.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetupLauncher.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\Product Support Website.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\ProductSupportShortcut.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\Shop for Supplies.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\hpqDTSS.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\Wireless Printing Online Help.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\WirelessEasyShortcut.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\Connect a New Printer.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetupLauncher.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\Help.lnk -> C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\bin\HelpViewer\hpqlpvwr.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HP Deskjet 1050 J410 series.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\HP Scan.lnk -> C:\Program Files (x86)\HP\HP Deskjet 1050 J410 series\bin\HPScan.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\Product Support Website.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\ProductSupportShortcut.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\Shop for Supplies.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\hpqDTSS.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\AdvisorVideo.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\AdvisorVideo\Doc.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -> C:\Program Files\Microsoft Games\Chess\Chess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk -> C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk -> C:\Program Files\Microsoft Games\Hearts\Hearts.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\InkBall.lnk -> C:\Program Files\Microsoft Games\inkball\inkball.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -> C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk -> C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\PurblePlace.lnk -> C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk -> C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk -> C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Converter.lnk -> C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe (DivX, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Player.lnk -> C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comcast.net Games\20,000 Leagues Under The Sea - Captain Nemo.lnk -> C:\Games\20,000 Leagues Under The Sea - Captain Nemo\Nemo.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk -> C:\Program Files\CCleaner\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitTorrent\BitTorrent.lnk -> C:\Program Files (x86)\BitTorrent\bittorrent.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitTorrent\Uninstall.lnk -> C:\Program Files (x86)\BitTorrent\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL Games\Super Granny 4\Help.lnk -> C:\Program Files (x86)\AOL Games\Super Granny 4\help\help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL Games\Super Granny 4\Super Granny 4.lnk -> C:\Program Files (x86)\AOL Games\Super Granny 4\SuperGranny4_AOL.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOL Games\Super Granny 4\Uninstall Super Granny 4.lnk -> C:\Program Files (x86)\AOL Games\Super Granny 4\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\All in one Cleaner\All in one Cleaner.lnk -> C:\Program Files (x86)\All in one Cleaner\SysCleaners4in1.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\All in one Cleaner\Buy Now.lnk -> C:\Program Files (x86)\All in one Cleaner\Buy.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\All in one Cleaner\Support Form.lnk -> C:\Program Files (x86)\All in one Cleaner\Support.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\All in one Cleaner\Uninstall All in one Cleaner.lnk -> C:\Program Files (x86)\All in one Cleaner\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\All in one Cleaner\Website.lnk -> C:\Program Files (x86)\All in one Cleaner\Home.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\SysWOW64\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\migwiz.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\ProgramData\Hewlett-Packard\msn\launchmsn.lnk -> C:\Program Files (x86)\Online Services\MSN90\msnsusii.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Juno\launchjuno.lnk -> C:\Program Files (x86)\JunoPreloader\Juno Offer!.exe ()
Shortcut: C:\ProgramData\Hewlett-Packard\HP Advisor\Advisorwc.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\CyberLink\Hewlett-Packard\Media\TV\Extension\Extension.1.0.lnk -> C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Highlight\Extension.1.0\Extension.1.0.xml ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk -> C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PowerStarter.exe (CyberLink)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk -> c:\Windows\Installer\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}\_34C89C03D8C334FFDDA6CE.exe ()
Shortcut: C:\Users\Public\Desktop\Acrobat_com.lnk -> C:\Program Files (x86)\Adobe\Acrobat_com\Acrobat_com.exe ()
Shortcut: C:\Users\Public\Desktop\Adobe Download Assistant.lnk -> C:\Program Files (x86)\Adobe Download Assistant\Adobe Download Assistant.exe ()
Shortcut: C:\Users\Public\Desktop\Adobe Reader X.lnk -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\DivX Plus Converter.lnk -> C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe (DivX, Inc.)
Shortcut: C:\Users\Public\Desktop\HP MediaSmart.lnk -> c:\Windows\Installer\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}\_F76B58C3A6B9DBEFB5EF05.exe ()
Shortcut: C:\Users\Public\Desktop\InfraRecorder.lnk -> C:\Program Files (x86)\InfraRecorder\InfraRecorder.exe ()
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Jihosoft Android Photo Transfer.lnk -> C:\Program Files (x86)\Jihosoft Android Photo Transfer\Android Photo Transfer.exe ()
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Norton Security Suite.lnk -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\uistub.exe (Symantec Corporation)
Shortcut: C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\Users\Public\Desktop\Registry Mechanic.lnk -> C:\Program Files (x86)\Registry Mechanic\RegMech.exe (No File)
Shortcut: C:\Users\Public\Desktop\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 3510 series.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\hpqDTSS.exe (Hewlett-Packard Co.)
Shortcut: C:\Users\Public\Desktop\WinZip.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (WinZip Computing, S.L.)
Shortcut: C:\Users\Tracy\Videos\Sample Videos.lnk -> C:\Users\Public\Videos\Sample Videos ()
Shortcut: C:\Users\Tracy\Searches\Recently Changed.lnk -> C:\Users\Tracy\Searches\Recently Changed.search-ms ()
Shortcut: C:\Users\Tracy\Pictures\album 7-13-2009\DSCI0334 - Shortcut.lnk -> C:\Users\Tracy\Pictures\album 7-13-2009\DSCI0334.JPG ()
Shortcut: C:\Users\Tracy\Pictures\album 7-13-2009\DSCI0423 - Shortcut.lnk -> C:\Users\Tracy\Pictures\album 7-13-2009\DSCI0423.JPG ()
Shortcut: C:\Users\Tracy\Pictures\2011-11-20 Thanksgiving day parade\Thanksgiving day parade 403 - Shortcut - Copy.lnk -> C:\Users\Tracy\Pictures\2011-11-20 Thanksgiving day parade\Thanksgiving day parade 403.JPG ()
Shortcut: C:\Users\Tracy\Pictures\2011-11-20 Thanksgiving day parade\Thanksgiving day parade 403 - Shortcut.lnk -> C:\Users\Tracy\Pictures\2011-11-20 Thanksgiving day parade\Thanksgiving day parade 403.JPG ()
Shortcut: C:\Users\Tracy\Music\Documents.lnk -> C:\Users\Tracy\Documents ()
Shortcut: C:\Users\Tracy\Links\2010-12-11 cody.lnk -> C:\Users\Tracy\Pictures\2010-12-11 cody ()
Shortcut: C:\Users\Tracy\Links\Music.lnk -> C:\Users\Tracy\Music ()
Shortcut: C:\Users\Tracy\Links\Pictures.lnk -> C:\Users\Tracy\Pictures ()
Shortcut: C:\Users\Tracy\Links\Public.lnk -> C:\Users\Public ()
Shortcut: C:\Users\Tracy\Links\Searches.lnk -> C:\Users\Tracy\Searches ()
Shortcut: C:\Users\Tracy\Downloads\backups\backup-20130320-065957-241-Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Shortcut: C:\Users\Tracy\Downloads\backups\backup-20130320-065957-560-wkcalrem.LNK -> C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
Shortcut: C:\Users\Tracy\Downloads\backups\backup-20130320-065957-787-OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Shortcut: C:\Users\Tracy\Desktop\All in one Cleaner.lnk -> C:\Program Files (x86)\All in one Cleaner\SysCleaners4in1.exe ()
Shortcut: C:\Users\Tracy\Desktop\delfix_10.8 - Shortcut.lnk -> C:\Users\Tracy\Downloads\delfix_10.8.exe (No File)
Shortcut: C:\Users\Tracy\Desktop\disney.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tracy\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Tracy\Desktop\Norton Installation Files.lnk -> C:\Users\Public\Downloads\Norton\{N360_SOS_21.1.0.18} ()
Shortcut: C:\Users\Tracy\Desktop\Puran Defrag.lnk -> C:\Program Files\Puran Defrag\PuranDefragGUI.exe (Puran Software)
Shortcut: C:\Users\Tracy\Desktop\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Tracy\Desktop\Pictures\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\Users\Tracy\Desktop\Pictures\sarah's iphone pictures - Shortcut.lnk -> C:\Users\Tracy\Pictures\sarah's iphone pictures ()
Shortcut: C:\Users\Tracy\Desktop\Biddle Bop Invitaions\fence2 - Shortcut.lnk -> C:\Users\Tracy\Desktop\Invitations\fence2.png (No File)
Shortcut: C:\Users\Tracy\Desktop\Biddle Bop Invitaions\Invitations\Baby-Elephant-Clipart_7 - Shortcut.lnk -> C:\Users\Tracy\Downloads\Baby-Elephant-Clipart_7.png ()
Shortcut: C:\Users\Tracy\Desktop\Biddle Bop Invitaions\Invitations\Baby-Elephant-Clipart_8 - Shortcut.lnk -> C:\Users\Tracy\Downloads\Baby-Elephant-Clipart_8.png ()
Shortcut: C:\Users\Tracy\Desktop\Biddle Bop Invitaions\Invitations\Baby-Elephant-Clipart_9 - Shortcut.lnk -> C:\Users\Tracy\Downloads\Baby-Elephant-Clipart_9.png ()
Shortcut: C:\Users\Tracy\Desktop\Biddle Bop Invitaions\Invitations\imageedit_2_3988885898 - Shortcut.lnk -> C:\Users\Tracy\Downloads\imageedit_2_3988885898.jpg ()
Shortcut: C:\Users\Tracy\Desktop\Adobe Reader 9 Installer\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\PDF Reader PDF Reader.lnk -> C:\Program Files (x86)\PDFReader\SumatraPDF.exe (No File)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\PDF Reader Uninstall PDF Reader.lnk -> C:\Program Files (x86)\PDFReader\Uninstall\Uninstall.exe (No File)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk -> C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PowerStarter.exe (CyberLink)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url ()
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton\Norton Installation Files.lnk -> C:\Users\Public\Downloads\Norton\{N360_SOS_21.1.0.18} ()
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager\Music Manager.lnk -> C:\Users\Tracy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP Games\Warrior Epic\Launch Warrior Epic.lnk -> C:\Warrior Epic\WEShell_TGI.exe (Possibility Space, Inc.)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP Games\Warrior Epic\Uninstall.lnk -> C:\Warrior Epic\Uninstall.exe (Warrior Epic Interactive)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GSC 2.00\GSC.lnk -> C:\Program Files (x86)\GSC 2.00\GSClient.exe (ClanServers Hosting LLC)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GSC 2.00\View Release Notes.lnk -> C:\Program Files (x86)\GSC 2.00\README.txt ()
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GetPose.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk -> c:\Windows\Installer\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}\_34C89C03D8C334FFDDA6CE.exe ()
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk -> C:\Program Files (x86)\InfraRecorder\InfraRecorder.exe ()
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe ()
Shortcut: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Story Album Viewer.lnk -> C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe ()
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials for QuickBooks, Quicken and TurboTax.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=quickenfc&pf=cndt&locale=en_us&bd=pavilion&c=92
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Real\RealPlayer\History\Comcast Customer Central.lnk -> C:\Program Files (x86)\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) ->  hxxp://lockedcustomer.comcast.net/
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Real\RealPlayer\History\RealPlayer Daily Videos.lnk -> C:\Program Files (x86)\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) ->  hxxp://videos.real.com/rp/web_videos?cd=home&CB=client&PT=FREE&OS=WinNT%206.0.6002&LP=en%2DUS&OC=R81X01&PV=16.0.2.32&PBR=10485800&LI=en&PN=RealPlayer&DC=R81X01&DT=170813&u=c7275a435a29452eb0624d7bb25ab2b8#channel/BestOfWeb
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.) -> /startdesktopidv /desktop
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.) -> /startdesktopidv /startup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.) -> /startdesktopidv /startup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Samsung Story Album Viewer\Uninstall Samsung Story Album Viewer.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{698BBAD8-B116-495D-B879-0F07A533E57F}\setup.exe (Samsung Electronics Co., Ltd.                                ) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe (Samsung Electronics Co., Ltd.                                ) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk -> C:\Program Files (x86)\Real\RealPlayer\realconverter.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk -> C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk -> C:\Program Files (x86)\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {B67BAFBA-4C9F-48FA-9496-933E3B255044} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\Get Online.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP TCS\hptcs.exe (Hewlett-Packard Company) -> MODE=GETONLINE
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite\LiveUpdate.lnk -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.7.0.11\uistub.exe (Symantec Corporation) -> /lu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite\Support.lnk -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\symerr.exe (Symantec Corporation) -> /support
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite\Uninstall Norton Security Suite.lnk -> C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\70512b0b\21.7.0.11\inststub.exe (Symantec Corporation) -> /X /shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard\Uninstall Norton Bootable Recovery Tool Wizard.LNK -> C:\Program Files (x86)\NortonInstaller\{16DD5937-8A6A-4e65-A874-E19C3B0708A5}\NBRTWizard\LicenseType\5.1.0.26\InstStub.exe (Symantec Corporation) -> /X
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My HP Games\-  My HP Game Console  -.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\My HP Game Console\GameConsole-wt.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Excel 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Excel 2010 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft OneNote 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft OneNote 2010 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Outlook 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Outlook 2010 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft PowerPoint 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft PowerPoint 2010 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Word 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Word 2010 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Office 2010 Tools\Digital Certificate for VBA Projects.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Digital Certificate for VBA Projects 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Clip Organizer 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Office 2010 Tools\Microsoft Office 2010 Language Preferences.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office 2010 Language Preferences 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office 2010 Upload Center 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Home and Business (English)\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Picture Manager 9014006204090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestoreCenter
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Mouse and Keyboard\Mouse and Keyboard Settings.lnk -> C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Getting Started.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe (Hewlett-Packard Company) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Music.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe (CyberLink Corp.) -> /MS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Photo.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe (CyberLink Corp.) -> /MS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Video.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe (CyberLink Corp.) -> /MS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\HP Deskjet 3510 series.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HP Deskjet 3510 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\HP Product Improvement Study.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe (Hewlett-Packard Co.) -> /changesettings /UA 10.5 /DDV 0x0b05
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\HP Setup Guide.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HWSetup.exe (Hewlett-Packard Co.) -> /flow standalone
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /qb /x {7F20F2D1-C425-4432-96BA-EBD0C2181493}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 3510 series\Update IP Address.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe (Hewlett-Packard Co.) -> /changeip ""
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\HP Product Improvement Study.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe (Hewlett-Packard Co.) -> /changesettings /UA 9.0 /DDV 0x0800
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Deskjet 1050 J410 series\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /qb /x {BB94D541-A747-4A5D-B0ED-72FA5C158EA5}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HPAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCAlerts.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_ACTION_CENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDashboard.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_HEALTH_SECURITY TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDiscovery.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=ECENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDock.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\-  My HP Game Console  -.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\My HP Game Console\GameConsole-wt.exe" /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Check for Updates.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Codec Settings.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=decoder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Register.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=registration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Reliability and Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.WelcomeCenter
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\wtwc\onplay.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\My HP Game Console\GameConsole.exe" /src welcomecenteroem
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\sdp\launchreg.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP TCS\hptcs.exe (Hewlett-Packard Company) -> MODE=REGISTRATION
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\base\launch_base.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP TCS\hptcs.exe (Hewlett-Packard Company) -> MODE=GETONLINE
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Public\Desktop\Fast Connect.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (White Sky, Inc.) -> /startdesktopidv /desktop
ShortcutWithArgument: C:\Users\Public\Desktop\HP Deskjet 3510 series.lnk -> C:\Program Files\HP\HP Deskjet 3510 series\Bin\HP Deskjet 3510 series.exe (Hewlett-Packard Co.) -> -Start UDCDevicePage
ShortcutWithArgument: C:\Users\Public\Desktop\My HP Games.lnk -> C:\Program Files (x86)\HP Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\HP Games\My HP Game Console\GameConsole-wt.exe" /src desktopoem
ShortcutWithArgument: C:\Users\Public\Desktop\RealPlayer.lnk -> C:\Program Files (x86)\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /launch:desktop
ShortcutWithArgument: C:\Users\Public\Desktop\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\Users\Tracy\Downloads\backups\backup-20130320-065957-416-PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company) -> -det
ShortcutWithArgument: C:\Users\Tracy\Desktop\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Real\RealPlayer\History\Certificate Error- Navigation Blocked.lnk -> C:\Program Files (x86)\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) ->  res://ieframe.dll/invalidcert.htm?SSLError=#https://customer.com...om/walledgarden
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN35T1JJ7705Y7;CONNECTION=NW;MONITOR=1;
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) ->  /recycle
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk -> C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe () -> /lite
ShortcutWithArgument: C:\Users\Tracy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
 
 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comcast.net Games\Visit Comcast.net Games.url -> hxxp://www.comcast.net/games
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Default\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\My HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=EN_US&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\Pandora Internet Radio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pandora&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Default\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\$10 for $20 Worth of Tween Beauty Products at Ottilie & Lulu™ - Mamapedia Sweet Deals.url -> hxxp://deals.mamapedia.com/detroit
InternetURL: C:\Users\Tracy\Favorites\200 Black Haired Sitemodels (girls) - Polyvore.url -> hxxp://www.polyvore.com/200_black_haired_sitemodels_girls/collection?id=573326
InternetURL: C:\Users\Tracy\Favorites\3 Simple Holiday Cookies Kids Can Make  The Stir.url -> hxxp://thestir.cafemom.com/big_kid/113212/3_simple_holiday_cookies_kids?utm_medium=sm&utm_source=facebook&utm_content=fanpage
InternetURL: C:\Users\Tracy\Favorites\30 Day Letter Challenge « … nobody interesting, really….url -> hxxp://maranwetelrunya.wordpress.com/2010/07/20/30-day-letter-challenge/
InternetURL: C:\Users\Tracy\Favorites\A Hearty Meal for a Low Price.url -> hxxp://networkedblogs.com/g1rH3
InternetURL: C:\Users\Tracy\Favorites\A Jewish Food Cheat Sheet - InterfaithFamily.com.url -> hxxp://www.interfaithfamily.com/holidays/shabbat_and_other_holidays/A_Jewish_Food_Cheat_Sheet.shtml
InternetURL: C:\Users\Tracy\Favorites\a little fur in my soup lunchtime!.url -> hxxp://alittlefurinmysoup.blogspot.com/2010/03/lunchtime.html
InternetURL: C:\Users\Tracy\Favorites\AceLike  Top 1000 FB Likes.url -> hxxp://acelike.com/
InternetURL: C:\Users\Tracy\Favorites\Advantages and Disadvantages of Curfew Hours  Parenting Tips Blog.url -> hxxp://www.myjobchart.com/parenting-tips-blog/2010/04/advantages-and-disadvantages-of-curfew-hours/
InternetURL: C:\Users\Tracy\Favorites\All You Magazine and Others As Low As $7 or $12 from Eversave  Coupon Teacher.url -> hxxp://www.mycouponteacher.com/2010/10/all-you-magazine-and-others-as-low-as-7-or-12-from-eversave/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+CouponTeacher+%28Coupon+Teacher%29&utm_content=FaceBook
InternetURL: C:\Users\Tracy\Favorites\And I Am Telling You I'm Not Going Lyrics.url -> hxxp://allmusicals.com/lyrics/dreamgirls/andiamtellingyouimnotgoing.htm
InternetURL: C:\Users\Tracy\Favorites\Annie Allison - Gold - Free Shipping & Return Shipping - Shoebuy.com.url -> hxxp://www.shoebuy.com/annie-allison/271708/583376?cm_mmc=dealtime-_-none-_-none-_-none
InternetURL: C:\Users\Tracy\Favorites\Annie Vice - Free Shipping & Return Shipping - Shoebuy.com.url -> hxxp://www.shoebuy.com/annie-vice/213021
InternetURL: C:\Users\Tracy\Favorites\Announcing My First Coupon Class!.url -> hxxp://couponingtobedebtfree.com/2011/01/01/announcing-my-first-coupon-class/
InternetURL: C:\Users\Tracy\Favorites\Apple Pie Muffins  The Motherload.url -> hxxp://momadvice.com/blog/2010/09/apple-pie-muffins-2
InternetURL: C:\Users\Tracy\Favorites\AverageWizard.url -> hxxp://averagewizard.com/
InternetURL: C:\Users\Tracy\Favorites\Background Check & People Search free with BeenVerified.com.url -> hxxp://www.beenverified.com/
InternetURL: C:\Users\Tracy\Favorites\Beautiful Sarah Storms - Polyvore.url -> hxxp://www.polyvore.com/beautiful_sarah_storms/collection?id=533797
InternetURL: C:\Users\Tracy\Favorites\Black Magic Cake (Best Chocolate Cake Ever!)  Chocolate Recipes  Just A Pinch Recipe Club.url -> hxxp://www.justapinch.com/recipe/lisa-glass/black-magic-cake-best-chocolate-cake-ever/cake?source=fork_FB_black_magic_cake
InternetURL: C:\Users\Tracy\Favorites\Can u make this text a lime green or hot pink(if works get 10 pts) - Yahoo! Answers.url -> hxxp://answers.yahoo.com/question/index?qid=20080802140416AAoijOp
InternetURL: C:\Users\Tracy\Favorites\Cheeseburger Casserole Recipe.url -> hxxp://networkedblogs.com/984I1
InternetURL: C:\Users\Tracy\Favorites\Chicken with Cornmeal Dumplings.url -> hxxp://www.facebook.com/notes/all-it-takes-is-a-can-opener-crockpot/chicken-with-cornmeal-dumplings/10150160861214989
InternetURL: C:\Users\Tracy\Favorites\Chloe. - Polyvore.url -> hxxp://www.polyvore.com/chloe/set?id=18947326
InternetURL: C:\Users\Tracy\Favorites\Ciara. - Polyvore.url -> hxxp://www.polyvore.com/ciara/collection?id=595097
InternetURL: C:\Users\Tracy\Favorites\Cinderella Games.url -> hxxp://www.girlsgogames.com/games/cinderella_games/cinderella_games.html
InternetURL: C:\Users\Tracy\Favorites\cinnamon bread dough recipe.url -> hxxp://moneysavingmom.com/2011/02/cinnamon-swirl-bread-recipe.html
InternetURL: C:\Users\Tracy\Favorites\Cinnamon Sugar Pull-Apart Bread — Joy the Baker.url -> hxxp://www.joythebaker.com/blog/2011/03/cinnamon-sugar-pull-apart-bread/
InternetURL: C:\Users\Tracy\Favorites\Comcast.net Games.url -> hxxp://www.comcast.net/games
InternetURL: C:\Users\Tracy\Favorites\Community Library of Allegheny Valley.url -> hxxp://www.alleghenyvalleylibrary.org/ein/alvalley/index.html
InternetURL: C:\Users\Tracy\Favorites\Coupon Flea Market.url -> hxxp://couponfleamarket.com/
InternetURL: C:\Users\Tracy\Favorites\Coupons, Free Coupons, Grocery Coupons, Online Coupons  Shortcuts.com.url -> hxxp://shortcuts.com/printablecoupons
InternetURL: C:\Users\Tracy\Favorites\Custom T Shirt, Create your own T-Shirt  Spreadshirt.url -> hxxp://www.spreadshirt.com/create-your-own-t-shirt-C59
InternetURL: C:\Users\Tracy\Favorites\customerCentral.url -> https://customer.com...LCPROCOMAL45672
InternetURL: C:\Users\Tracy\Favorites\CVS Deals - Sale 5-2  Frugal Living and Having Fun.url -> hxxp://www.frugallivingandhavingfun.com/2010/05/cvs-deals-sale-52.html
InternetURL: C:\Users\Tracy\Favorites\Daily Deals, 1 Sale A Day.url -> hxxp://1saleaday.com/
InternetURL: C:\Users\Tracy\Favorites\DD picture by drink_toxic_mikey - Photobucket.url -> hxxp://s876.photobucket.com/albums/ab321/drink_toxic_mikey/?action=view&current=jennacartttart.jpg
InternetURL: C:\Users\Tracy\Favorites\Deal Seeking Mom  Real Deals for Real Moms.url -> hxxp://dealseekingmom.com/
InternetURL: C:\Users\Tracy\Favorites\Diagonal Friendship Bracelet.url -> hxxp://www.makingfriends.com/jewelry/bracelet_klutz.htm
InternetURL: C:\Users\Tracy\Favorites\Domino Sugar  Recipes.url -> hxxp://www.dominosugar.com/Recipe.aspx?id=208&utm_source=facebook&utm_medium=socialmedia&utm_content=Ohio_buckeyes&utm_campaign=dominosugar_May_2011
InternetURL: C:\Users\Tracy\Favorites\drawn The Painted Tower Walkthrough  Gamezebo.url -> hxxp://www.gamezebo.com/download-games/drawn-painted-tower/walkthrough
InternetURL: C:\Users\Tracy\Favorites\Drop-Dead-Sammie-Photos's blog - Sammie's Photos Yeahh - Skyrock.com.url -> hxxp://drop-dead-sammie-photos.skyrock.com/
InternetURL: C:\Users\Tracy\Favorites\Earthbound Farm Organic Salads, Fruits and Vegetables.url -> hxxp://www.earthboundfarm.com/
InternetURL: C:\Users\Tracy\Favorites\Eat Love Pray $2.00 at Kmart  The Krazy Coupon Lady.url -> hxxp://thekrazycouponlady.com/2011/02/10/eat-love-pray-2-00-at-kmart/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+blogspot%2Fodhu+%28The+Krazy+Coupon+Lady+%29&utm_content=FaceBook
InternetURL: C:\Users\Tracy\Favorites\Eharmony Promo Codes.url -> hxxp://eharmony-blog.com/470
InternetURL: C:\Users\Tracy\Favorites\Email.url -> hxxp://www.comcast.net/qry/goto?app=mail&cid=xfactiv_email
InternetURL: C:\Users\Tracy\Favorites\Eversave – Earn $5 Instantly and save up to 90% on Group Deals.url -> hxxp://frugallivingandhavingfun.com/2010/09/eversave-earn-5-instantly-and-save-up-to-90-on-group-deals/
InternetURL: C:\Users\Tracy\Favorites\Exploiting The Recession A Mom's Trick to Whiter Teeth - Consumer 27 News.url -> hxxp://dailynewsnow.net/teeth/
InternetURL: C:\Users\Tracy\Favorites\Extreme Personal Measures Butter Me Up, Baby.url -> hxxp://www.extremepersonalmeasures.com/2011/02/butter-me-up-baby.html?spref=fb
InternetURL: C:\Users\Tracy\Favorites\Facebook  All it Takes is a Can Opener & Crockpot Discovering Rice Pudding.url -> hxxp://www.facebook.com/notes/all-it-takes-is-a-can-opener-crockpot/discovering-rice-pudding/404408964988
InternetURL: C:\Users\Tracy\Favorites\Facebook  All it Takes is a Can Opener & Crockpot Lazy Cooks Crock Pot Pizza.url -> hxxp://www.facebook.com/notes/all-it-takes-is-a-can-opener-crockpot/lazy-cooks-crock-pot-pizza/446659554988
InternetURL: C:\Users\Tracy\Favorites\framed Lasagna Cupcakes.url -> hxxp://framed-mylifeonepictureatatime.blogspot.com/2010/08/lasagna-cupcakes.html
InternetURL: C:\Users\Tracy\Favorites\FREE Large Classic Custom book from Picaboo.url -> hxxp://www.realfreestuffforall.com/t61950-free-large-classic-custom-book-from-picaboo
InternetURL: C:\Users\Tracy\Favorites\FREE Remote Jackets for Wii Remotes from Nintendo!  Coupon Queen.url -> hxxp://coupqueen.com/content/free-remote-jackets-wii-remotes-nintendo
InternetURL: C:\Users\Tracy\Favorites\Freebies 4 Mom 50 Free Photo Cards, Shipped Free Too.url -> hxxp://freebies4mom.blogspot.com/2009/11/50-free-photocards-shipped-free-too.html
InternetURL: C:\Users\Tracy\Favorites\Frugal Easter Eggs - No Kit Needed  Small Homestead.url -> hxxp://www.mysmallhomestead.com/2009/04/frugal-easter-eggs-no-kit-needed/
InternetURL: C:\Users\Tracy\Favorites\Gallery - Category Take a Look At a Few of Our Cars.url -> hxxp://www.freecharitycars.org/component/option,com_joomgallery/Itemid,48/catid,1/func,viewcategory/
InternetURL: C:\Users\Tracy\Favorites\Get Excellent Credit in 15 Days... Guaranteed!!™.url -> hxxp://www.getexcellentcredit.com/b/
InternetURL: C:\Users\Tracy\Favorites\GoneGothic • Picture Comments.url -> hxxp://gonegothic.com/picture_comments.php?action=view_comments&picture=891877
InternetURL: C:\Users\Tracy\Favorites\halee shrum & friends. - Polyvore.url -> hxxp://www.polyvore.com/halee_shrum_friends/thing?id=16068700
InternetURL: C:\Users\Tracy\Favorites\halee shrum. - Polyvore.url -> hxxp://www.polyvore.com/halee_shrum/thing?id=22094723
InternetURL: C:\Users\Tracy\Favorites\Harvest Moon Tree of Tranquility Storyline Walkthrough.url -> hxxp://www.squidoo.com/Tranquility-Walkthrough
InternetURL: C:\Users\Tracy\Favorites\Healthy Meal Makeover Pumpkin Rice Pudding  Recipes and Cooking  Food Network.url -> hxxp://www.foodnetwork.com/healthy-meal-makeover-pumpkin-rice-pudding/package/index.html
InternetURL: C:\Users\Tracy\Favorites\Help & Support.url -> hxxp://customer.comcast.com/Pages/Help.aspx?CMP=ILCPROCOMAL45673
InternetURL: C:\Users\Tracy\Favorites\hi. Cinderella walked on broken glass. Sleeping Beauty... on DailyBooth.url -> hxxp://dailybooth.com/sarahmascara/2025503
InternetURL: C:\Users\Tracy\Favorites\Honestly woman, and you call yourself our mother. - Polyvore.url -> hxxp://www.polyvore.com/honestly_woman_you_call_yourself/thing?id=19616289
InternetURL: C:\Users\Tracy\Favorites\Hot Groupon Deal $10 for $20 to Spend at Build-A-Bear Workshop — Coupon Cravings.url -> hxxp://couponcravings.com/2010/11/hot-groupon-deal-10-20-spend-buildabear-workshop.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+CouponCravings+%28Your+Daily+Coupon+Cravings%29&utm_content=FaceBook
InternetURL: C:\Users\Tracy\Favorites\How To Help Your Kids Beat Bad Moods  Parents Connect.url -> hxxp://www.parentsconnect.com/connect/boards/bootcamp/raising-happy-kids-bootcamp/chat_it_up_thread.jhtml?tID=101801
InternetURL: C:\Users\Tracy\Favorites\How to Make a Cucumber Facial Mask  eHow.com.url -> hxxp://www.ehow.com/how_2057749_make-cucumber-facial-mask.html
InternetURL: C:\Users\Tracy\Favorites\How to make a skull cap with large silk flower  Skip To My Lou.url -> hxxp://www.skiptomylou.org/2011/02/16/silk-flower-hairclip/
InternetURL: C:\Users\Tracy\Favorites\How To Make Olive Penguins and Cheese Ball Igloo.url -> hxxp://www.smockityfrocks.com/2010/12/how-to-make-olive-penguins-and-cheese-ball-igloo.html
InternetURL: C:\Users\Tracy\Favorites\How to Use Up 12 Cans of Biscuit Dough in a Day (and Catch Your Oven on Fire, too!)  Money Saving Mom.url -> hxxp://moneysavingmom.com/2010/04/how-to-use-up-12-cans-of-biscuit-dough-in-a-day-and-catch-your-oven-on-fire-too.html
InternetURL: C:\Users\Tracy\Favorites\http--168680h1a.aime5.eu-en-426224.htmlno=4.url -> hxxp://168680h1a.aime5.eu/en/426224.html?no=4
InternetURL: C:\Users\Tracy\Favorites\http--couponcarryout.com-index.phpmain_page=advanced_search_result&search_in_description=1&zenid=be49704f3b06e8e530b40c0eaa58589c&keyword=viva.url -> hxxp://couponcarryout.com/index.php?main_page=advanced_search_result&search_in_description=1&zenid=be49704f3b06e8e530b40c0eaa58589c&keyword=viva
InternetURL: C:\Users\Tracy\Favorites\http--www.fisher-price.com-fp.aspxst=2601&e=gamesByAge&mcat=game_toddler&site=us.url -> hxxp://www.fisher-price.com/fp.aspx?st=2601&e=gamesByAge&mcat=game_toddler&site=us
InternetURL: C:\Users\Tracy\Favorites\http--www.foodnetwork.com-5-weeknight-meals-spring-package-index.html.url -> hxxp://ow.ly/1u4Vy
InternetURL: C:\Users\Tracy\Favorites\http--www.kraftrecipes.com-recipes-search-SearchResults.aspxcm_re=1-_-1-_-NewSearch&searchtext=chicken&u2=chicken&scope=all.url -> hxxp://www.kraftrecipes.com/recipes/search/SearchResults.aspx?cm_re=1-_-1-_-NewSearch&searchtext=chicken&u2=chicken&scope=all
InternetURL: C:\Users\Tracy\Favorites\i feel sorry for you. - Polyvore.url -> hxxp://www.polyvore.com/feel_sorry_for_you/thing?id=17397336
InternetURL: C:\Users\Tracy\Favorites\i love you more then sonny with a chance versian - Polyvore.url -> hxxp://www.polyvore.com/love_you_more_then_sonny/thing?id=15269579
InternetURL: C:\Users\Tracy\Favorites\i loved you forever - Polyvore.url -> hxxp://www.polyvore.com/loved_you_forever/thing?id=16415853
InternetURL: C:\Users\Tracy\Favorites\i need a reason to stay here ;  quotemespeechlessx on Xanga.url -> hxxp://quotemespeechlessx.xanga.com/732701671/i-need-a-reason-to-stay-here-/?cuttag=true
InternetURL: C:\Users\Tracy\Favorites\I wish I was a Princess 3 by n i c o l e please credit - Polyvore.url -> hxxp://www.polyvore.com/wish_was_princess_please_credit/thing?id=12743141
InternetURL: C:\Users\Tracy\Favorites\ibecourtneyy♥ - Polyvore.url -> hxxp://www.polyvore.com/ibecourtneyy_hearts/collection?id=598119
InternetURL: C:\Users\Tracy\Favorites\Image hosting, free photo sharing & video sharing at Photobucket.url -> hxxp://s222.photobucket.com/home/jtbford4
InternetURL: C:\Users\Tracy\Favorites\imgfave - amazing and inspiring images - Polyvore.url -> hxxp://www.polyvore.com/imgfave_amazing_inspiring_images/thing?id=21101205
InternetURL: C:\Users\Tracy\Favorites\It all started when two people fell in love....url -> hxxp://kandjstaats.blogspot.com/
InternetURL: C:\Users\Tracy\Favorites\Jeydon Wale ) - Polyvore.url -> hxxp://www.polyvore.com/jeydon_wale/collection?id=532831
InternetURL: C:\Users\Tracy\Favorites\Kissing Couples - Polyvore.url -> hxxp://www.polyvore.com/kissing_couples/collection?id=481458
InternetURL: C:\Users\Tracy\Favorites\Kool-Aid Win Back Family Night on Facebook.url -> hxxp://apps.facebook.com/koolaidnight/checkemail.do?installed=1&session=%7B%22session_key%22%3A%222.N_OSrUA4drLV2hOtZqKUsg__.3600.1299099600-1248366259%22%2C%22uid%22%3A1248366259%2C%22expires%22%3A1299099600%2C%22secret%22%3A%22eUfWrL72_Kfj_WMdTmKcLA__%22%2C%22base_domain%22%3A%22promotions.com%22%2C%22sig%22%3A%2270712dfa43fe2d6cdc2edd65cd9060dd%22%7D
InternetURL: C:\Users\Tracy\Favorites\kristen rae . . . ♥ - Polyvore.url -> hxxp://www.polyvore.com/kristen_rae_hearts/collection?id=623555
InternetURL: C:\Users\Tracy\Favorites\Kuntry Klippers.url -> hxxp://kuntryklippers.com/
InternetURL: C:\Users\Tracy\Favorites\Lauren - - Emily. - Polyvore.url -> hxxp://www.polyvore.com/lauren_emily/collection?id=615591
InternetURL: C:\Users\Tracy\Favorites\Learning How to Fight the Collector - Yahoo! Finance.url -> hxxp://finance.yahoo.com/news/Learning-How-to-Fight-the-nytimes-3387084735.html?x=0&.v=1
InternetURL: C:\Users\Tracy\Favorites\Lifetime Moms.url -> hxxp://www.lifetimemoms.com/
InternetURL: C:\Users\Tracy\Favorites\Lisa. - Polyvore.url -> hxxp://www.polyvore.com/lisa/set?id=18483638
InternetURL: C:\Users\Tracy\Favorites\LMAO. - Polyvore.url -> hxxp://www.polyvore.com/lmao/thing?id=20886015
InternetURL: C:\Users\Tracy\Favorites\Logan. - Polyvore.url -> hxxp://www.polyvore.com/logan/set?id=21451248
InternetURL: C:\Users\Tracy\Favorites\Low Sodium Recipe Archive.url -> hxxp://www.lowsodiumcooking.com/free/Archive.htm
InternetURL: C:\Users\Tracy\Favorites\mee pictures by DrumBum911 - Photobucket.url -> hxxp://s152.photobucket.com/albums/s178/DrumBum911/mee/?start=20
InternetURL: C:\Users\Tracy\Favorites\Meniere's Disease Information Center -- Symptoms of Meniere's Disease.url -> hxxp://www.menieresinfo.com/symptoms.html
InternetURL: C:\Users\Tracy\Favorites\Meniere's Resources, Inc.  Profiles-Brooke browse.url -> hxxp://www.menieresresources.org/Profiles/Brooke
InternetURL: C:\Users\Tracy\Favorites\Mini Mac and 'Shrooms Recipe  Food Network Kitchens  Food Network.url -> hxxp://www.foodnetwork.com/recipes/food-network-kitchens/mini-mac-and-shrooms-recipe/index.html
InternetURL: C:\Users\Tracy\Favorites\Mitch Maki.url -> hxxp://trashstyle.ltalk.ru/1802-205-mitch-maki.zhtml
InternetURL: C:\Users\Tracy\Favorites\Mommysavers.com.url -> hxxp://mommysavers.com/
InternetURL: C:\Users\Tracy\Favorites\More Games at GameHouse.com.url -> hxxp://www.gamehouse.com
InternetURL: C:\Users\Tracy\Favorites\Musselman's - Recipes.url -> hxxp://www.musselmans.com/Recipes/DisplayRecipe.aspx?RecipeID=210&SearchTerm=Applesauce+Cake
InternetURL: C:\Users\Tracy\Favorites\MyLifeIsAverage - Life is pretty normal today.url -> hxxp://mylifeisaverage.com/7
InternetURL: C:\Users\Tracy\Favorites\Mystery Case Files® Dire Grove™ Collector's Edition Walkthrough  Big Fish Games Blog.url -> hxxp://www.bigfishgames.com/blog/mystery-case-files-dire-grove-walkthrough/
InternetURL: C:\Users\Tracy\Favorites\New E-Book – Organizing Life As Mom.url -> hxxp://www.5dollardinners.com/2010/11/ebook-organizing-life-mom.html
InternetURL: C:\Users\Tracy\Favorites\New Glade Coupon  Mommy Snacks.net™.url -> hxxp://mommysnacks.net/2010/01/glade-coupon/
InternetURL: C:\Users\Tracy\Favorites\Official Crayola Site - Free coloring pages, crafts, lesson plans, games and more.url -> hxxp://www.crayola.com/
InternetURL: C:\Users\Tracy\Favorites\On Demand.url -> hxxp://ondemand.xfinity.com/?cid=xfactiv_ondemand
InternetURL: C:\Users\Tracy\Favorites\Oprah’s Favorite Things Giveaway 2010 12 Lucky Winners Will Win BIG!.url -> hxxp://networkedblogs.com/b6Cdu
InternetURL: C:\Users\Tracy\Favorites\picture by Hypnotik_princess - Photobucket - Polyvore.url -> hxxp://www.polyvore.com/picture_hypnotik_princess_photobucket/thing?id=907335
InternetURL: C:\Users\Tracy\Favorites\Pittsburgh MomsLikeMe.com -- Where local Pittsburgh moms go to get advice, share photos, ideas and more!.url -> hxxp://pittsburgh.momslikeme.com/members/exploregroups.aspx?p=103
InternetURL: C:\Users\Tracy\Favorites\Plus Size Clearance at OneStopPlus.com.url -> hxxp://www.onestopplus.com/department.aspx?DeptId=12579
InternetURL: C:\Users\Tracy\Favorites\Plus Size Tops & Shirts  SONSI.url -> hxxp://www.sonsi.com/plus-size-apparel/plus-size-tops-shirts/15332c15341/index.cat?currentIndex=65&Mpos=65&Mpper=16&Mreft=2&Mrnam=Price&Mrval=%5b80000000%7cC147D70A%5d+0+%26lt%3b%3d++%26lt%3b%3d+12.49&pageSize=16&Mrsaa=*&Mrsavf=Brand&Mrsavf=Size&Mrsavf=Color&Mpg=SEARCH%2BNAV
InternetURL: C:\Users\Tracy\Favorites\Popular  OhMyLike.url -> hxxp://ohmyl.com/popular/5
InternetURL: C:\Users\Tracy\Favorites\Poverty Meal Recipe - Food.com - 27520.url -> hxxp://www.food.com/recipe/poverty-meal-27520
InternetURL: C:\Users\Tracy\Favorites\Prophet Login.url -> hxxp://shopper.mysteryshopperprogram.com/
InternetURL: C:\Users\Tracy\Favorites\Quotes written, edited and clipped by maddy ♥ please se -- C... - Polyvore.url -> hxxp://www.polyvore.com/quotes_written_edited_clipped_maddy/thing?id=10761241
InternetURL: C:\Users\Tracy\Favorites\Real Arcade.url -> hxxp://www.realarcade.com/?tps=ambientv2_
InternetURL: C:\Users\Tracy\Favorites\Recipe for Taco Quesadillas.url -> hxxp://www.5dollardinners.com/2011/08/taco-quesadillas.html
InternetURL: C:\Users\Tracy\Favorites\Recipes, Cooking Tips, Food Advice and Menus - KitchenDaily.url -> hxxp://www.kitchendaily.com/?ncid=bannadusfood00000006
InternetURL: C:\Users\Tracy\Favorites\Relationship Experts, Dating Experts eHarmony Advice.url -> hxxp://advice.eharmony.com/ask-a-dating-expert.html
InternetURL: C:\Users\Tracy\Favorites\Rite Aid Deals  Money Saving Mom®.url -> hxxp://moneysavingmom.com/tag/rite-aid-deals
InternetURL: C:\Users\Tracy\Favorites\rite aid deals.url -> hxxp://dealseekingmom.com/tag/rite-aid-deals/
InternetURL: C:\Users\Tracy\Favorites\Ron & Hermione aww 3 - Polyvore.url -> hxxp://www.polyvore.com/ron_hermione_aww/thing?id=9577697
InternetURL: C:\Users\Tracy\Favorites\Sarah. - Polyvore.url -> hxxp://www.polyvore.com/sarah/collection?id=741615
InternetURL: C:\Users\Tracy\Favorites\SavingsAngel.com - cut your Grocery Bill in HALF through Enlightened Shopping!.url -> hxxp://www.savingsangel.com/
InternetURL: C:\Users\Tracy\Favorites\SC Johnson Family Economics Blog.url -> hxxp://scjohnson.com/en/family/family-economics/food-for-thought/11-06-21/The-Perfect-Summer-Refreshment.aspx
InternetURL: C:\Users\Tracy\Favorites\Security.url -> hxxp://security.comcast.net/?cid=xfactiv_security
InternetURL: C:\Users\Tracy\Favorites\Send a Message  Portable North Pole.url -> hxxp://www.portablenorthpole.tv/prepare-a-message/child/4
InternetURL: C:\Users\Tracy\Favorites\Similar artists to The Friday Night Boys – Free listening, videos, concerts, stats, & pictures at Last.fm.url -> hxxp://www.last.fm/music/The+Friday+Night+Boys/+similar?page=6
InternetURL: C:\Users\Tracy\Favorites\Site model Ben - Polyvore.url -> hxxp://www.polyvore.com/site_model_ben/collection?id=660870
InternetURL: C:\Users\Tracy\Favorites\Slow Cooker Entrees Recipes  RecipeLion.com.url -> hxxp://www.recipelion.com/Crock-Pot-Entrees
InternetURL: C:\Users\Tracy\Favorites\slow-cooker recipes.url -> hxxp://www.kraftrecipes.com/recipes/dinner/planning/slow-cooker.aspx?cm_mmc=social-_-facebook-_-Wall-_-theme
InternetURL: C:\Users\Tracy\Favorites\Smile, Happy looks good on you. - Polyvore.url -> hxxp://www.polyvore.com/smile_happy_looks_good_on/thing?id=20638510
InternetURL: C:\Users\Tracy\Favorites\smitten kitchen.url -> hxxp://smittenkitchen.com/
InternetURL: C:\Users\Tracy\Favorites\Snow Cream.url -> hxxp://www.facebook.com/notes/all-it-takes-is-a-can-opener-crockpot/snow-cream/10150147488284989
InternetURL: C:\Users\Tracy\Favorites\Star 100.7 Online Radio - Pop Internet Radio Station - iheard.url -> hxxp://www.iheard.com/stations/pop/adult/1007/
InternetURL: C:\Users\Tracy\Favorites\The Crafty Penguin Pumpkin Spice Sugar Cookies with Glace Icing.url -> hxxp://www.the-crafty-penguin.com/2010/09/pumpkin-spice-sugar-cookies-with-glace.html
InternetURL: C:\Users\Tracy\Favorites\This Chick Cooks Funnel Cake {Easy & Homemade}.url -> hxxp://thischickcooks.blogspot.com/2011/02/funnel-cake-easy-homemade.html?spref=fb
InternetURL: C:\Users\Tracy\Favorites\those kinda girls quote by Abby. use it and love it. - Polyvore.url -> hxxp://www.polyvore.com/those_kinda_girls_quote_abby/thing?id=11432823
InternetURL: C:\Users\Tracy\Favorites\those were the days, man. - Polyvore.url -> hxxp://www.polyvore.com/those_were_days_man/thing?id=17960737
InternetURL: C:\Users\Tracy\Favorites\Tips From A Mom of 3.url -> hxxp://tipsfromamomof3.blogspot.com/
InternetURL: C:\Users\Tracy\Favorites\Toilet Decals Wall Decals Stickers Graphics.url -> hxxp://dalidecals.com/Toilet-Decals-Wall-Decals-Stickers-Graphics/
InternetURL: C:\Users\Tracy\Favorites\Ultimate VELVEETA Nachos recipe.url -> hxxp://www.kraftrecipes.com/recipes/ultimate-velveeta-nachos-92308.aspx
InternetURL: C:\Users\Tracy\Favorites\Unclogging a Toilet.url -> hxxp://www.thriftyfun.com/tf322674.tip.html
InternetURL: C:\Users\Tracy\Favorites\Unknown. - Polyvore.url -> hxxp://www.polyvore.com/unknown/set?id=26246208
InternetURL: C:\Users\Tracy\Favorites\UNTOUCHED. [ STORY ! ;D ] [[12 or 13+]] - Stardoll.url -> hxxp://www.stardoll.com/en/clubs/forum.php?id=1&topicId=20091879&page=55
InternetURL: C:\Users\Tracy\Favorites\VampireFreaks.com - XavierTodd's pictures.url -> hxxp://vampirefreaks.com/picview.php?user=XavierTodd&uid=3806473&c=11&x=19&d=0&g=0&s=1&fid=0&tagged=
InternetURL: C:\Users\Tracy\Favorites\Vestibular Migraine.url -> hxxp://www.hopkinsmedicine.org/neurology_neurosurgery/specialty_areas/vestibular/conditions/vestibular_migraine.html
InternetURL: C:\Users\Tracy\Favorites\Visa Signature Holiday Collection.url -> https://usa.visa.com...holiday&h=5c097
InternetURL: C:\Users\Tracy\Favorites\walgreens Scotch Scissors $0.33 each & More!.url -> hxxp://www.passionforsavings.com/2010/12/walgreens-scotch-scissors-0-33-each-more/
InternetURL: C:\Users\Tracy\Favorites\Walmart - 103 items under $1 (21 are free!)  Couponing to Disney.url -> hxxp://couponingtodisney.blogspot.com/2009/10/walmart-50-items-under-1-17-are-free.html
InternetURL: C:\Users\Tracy\Favorites\Walt Disney World.url -> hxxp://www.facebook.com/WaltDisneyWorld?sk=app_138603502870009
InternetURL: C:\Users\Tracy\Favorites\watch Batman Under the Red Hood (2010) megavideo movie online  megavideo movies.url -> hxxp://www.megavideomovies.net/2010/07/watch-batman-under-red-hood-2010.html
InternetURL: C:\Users\Tracy\Favorites\Wedding Invitations Select A Scenario « « Mygatsby.com.url -> hxxp://www.mygatsby.com/blog/word-wizard/wedding-invitations
InternetURL: C:\Users\Tracy\Favorites\What's me without you quote -мαddιє. - Polyvore.url -> hxxp://www.polyvore.com/whats_me_without_you_quote/thing?id=13705740
InternetURL: C:\Users\Tracy\Favorites\When I'm bored I sit on facebook and Like stuff.....url -> hxxp://acellke.com/
InternetURL: C:\Users\Tracy\Favorites\Whut  - Polyvore.url -> hxxp://www.polyvore.com/whut/thing?id=21900712
InternetURL: C:\Users\Tracy\Favorites\WikiAnswers - How do you beat Astro Knights Island.url -> hxxp://wiki.answers.com/Q/How_do_you_beat_Astro_Knights_Island
InternetURL: C:\Users\Tracy\Favorites\WildEarth.TV ... it's in your nature. - wildearth.tv.url -> hxxp://www.wildearth.tv/static/wildearth/channels/we_bear_den.html
InternetURL: C:\Users\Tracy\Favorites\Woman Throws Baby at Husband 5 Things She Should Have Thrown Instead  The Stir.url -> hxxp://thestir.cafemom.com/baby/108777/woman_throws_baby_at_husband?utm_medium=sm&utm_source=facebook&utm_content=fanpage
InternetURL: C:\Users\Tracy\Favorites\World’s Easiest Christmas Candy Recipe  Money Saving Mom®.url -> hxxp://moneysavingmom.com/2010/12/worlds-easiest-christmas-candy-recipe.html
InternetURL: C:\Users\Tracy\Favorites\WWHPD - Polyvore.url -> hxxp://www.polyvore.com/wwhpd/collection?id=521024
InternetURL: C:\Users\Tracy\Favorites\XFINITY Search.url -> hxxp://search.xfinity.com/?cid=xfactiv_search
InternetURL: C:\Users\Tracy\Favorites\XFINITY TV.url -> hxxp://xfinitytv.comcast.net/?cid=xfactiv_tv
InternetURL: C:\Users\Tracy\Favorites\XFINITY.com.url -> hxxp://www.xfinity.com/?cid=xfactiv_main
InternetURL: C:\Users\Tracy\Favorites\Yummy Easter Recipe- Pineapple Soufflé.url -> hxxp://networkedblogs.com/gTfZC
InternetURL: C:\Users\Tracy\Favorites\“Snack”urday Banana Pudding Cupcakes.url -> hxxp://afewshortcuts.com/2010/09/snackurday-banana-pudding-cupcakes/
InternetURL: C:\Users\Tracy\Favorites\“Snack”urday Summer Fruit Cobbler.url -> hxxp://afewshortcuts.com/2011/06/snackurday-summer-fruit-cobbler/
InternetURL: C:\Users\Tracy\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Tracy\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Tracy\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Tracy\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Tracy\Favorites\Store Deals\Facebook.url -> hxxp://www.facebook.com/
InternetURL: C:\Users\Tracy\Favorites\Store Deals\Kuntry Klippers.url -> hxxp://kuntryklippers.com/
InternetURL: C:\Users\Tracy\Favorites\Store Deals\Midwest Money Saving Tips Another BOGO Statfree.url -> hxxp://www.midwestmoneysavingtips.com/2011/01/another-bogo-statfree.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+midwestmoneysavingtips%2FJRIz+%28Midwest+Money+Saving+Tips%29&utm_content=FaceBook
InternetURL: C:\Users\Tracy\Favorites\Store Deals\No More Rack - Daily Deals.url -> hxxp://www.nomorerack.com/
InternetURL: C:\Users\Tracy\Favorites\Store Deals\Plus Size Pants at Avenue.com and JessicaLondon.com.url -> hxxp://www.avenue.com/Plus-Size-Pants.aspx?DeptId=19940
InternetURL: C:\Users\Tracy\Favorites\Store Deals\Rite Aid Deals 1-9 -1-15-11  Coupons, Deals and More  Coupons, Deals and More.url -> hxxp://couponsdealsandmore.com/rite-aid-deals/rite-aid-deals-1-9-11/
InternetURL: C:\Users\Tracy\Favorites\Store Deals\walgreens Chloraseptic Sprays, $0.49 each.url -> hxxp://www.passionforsavings.com/2011/01/walgreens-chloraseptic-sprays-0-49-each/
InternetURL: C:\Users\Tracy\Favorites\Store Deals\Walgreens Deals For 1-2 to 1-8, 2011 – Hunt4Freebies – Coupons.url -> hxxp://hunt4freebies.com/coupons/walgreens-deals-for-12-to-18-2011/
InternetURL: C:\Users\Tracy\Favorites\Store Deals\WeUseCoupons.com - Powered by vBulletin.url -> hxxp://www.weusecoupons.com/upload/
InternetURL: C:\Users\Tracy\Favorites\Store Deals\Your Living Room.url -> hxxp://www.menieres.org/forum/index.php/board,2.0.html
InternetURL: C:\Users\Tracy\Favorites\P Files\sarah=my favorite sitemodel ever♥ - Polyvore.url -> hxxp://www.polyvore.com/sarah_my_favorite_sitemodel_ever/collection?id=719643
InternetURL: C:\Users\Tracy\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Tracy\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Tracy\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Tracy\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Tracy\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Tracy\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Tracy\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Tracy\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Tracy\Favorites\Microsoft Websites\Marketplace.url -> hxxp://go.microsoft.com/fwlink/?linkid=69151
InternetURL: C:\Users\Tracy\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Tracy\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Tracy\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Tracy\Favorites\Microsoft Websites\Welcome to IE7.url -> hxxp://go.microsoft.com/fwlink/?linkid=68919
InternetURL: C:\Users\Tracy\Favorites\Links\$1.00-1 Oreo Double Stuf Cookies.url -> hxxp://networkedblogs.com/8aIC4
InternetURL: C:\Users\Tracy\Favorites\Links\(529 unread) Yahoo! Mail, movingmomof3.url -> hxxp://us.mg1.mail.yahoo.com/dc/launch?.gx=1&.rand=5kek8on2hj1t3
InternetURL: C:\Users\Tracy\Favorites\Links\Books  Kay Cassidy.url -> hxxp://www.kaycassidy.com/books/
InternetURL: C:\Users\Tracy\Favorites\Links\comcast.net News, Sports, Video, TV listings, Email and more!.url -> hxxp://www.comcast.net/
InternetURL: C:\Users\Tracy\Favorites\Links\Cyanide & Happiness #876 - Explosm.url -> hxxp://www.explosm.net/comics/876/
InternetURL: C:\Users\Tracy\Favorites\Links\Facebook  Home.url -> hxxp://www.facebook.com/home.php
InternetURL: C:\Users\Tracy\Favorites\Links\Facebook.url -> hxxp://www.facebook.com/?ref=logo
InternetURL: C:\Users\Tracy\Favorites\Links\http--lgn3.coolsavings.com-LGN-ExitPopup.url -> hxxp://lgn3.coolsavings.com/LGN/ExitPopup.aspx?SessionID=76f86e4c-de06-4116-865a-2c0af7a9d9d2-1488&lpn=1
InternetURL: C:\Users\Tracy\Favorites\Links\Image hosting, free photo sharing & video sharing at Photobucket.url -> hxxp://s220.photobucket.com/home/JACKiiExo28/recentuploads?page=3
InternetURL: C:\Users\Tracy\Favorites\Links\MyLifeIsAverage - Life is pretty normal today (2).url -> hxxp://mylifeisaverage.com/3
InternetURL: C:\Users\Tracy\Favorites\Links\New message!.url -> hxxp://www.facebook.com/
InternetURL: C:\Users\Tracy\Favorites\Links\Online Guitar Tuner.url -> hxxp://www.gieson.com/Library/projects/utilities/tuner/
InternetURL: C:\Users\Tracy\Favorites\Links\Pennsylvania Child Support Website - Payee.url -> https://www.humanser...x&SelectionId=0
InternetURL: C:\Users\Tracy\Favorites\Links\Phineas and Ferb Across The 2nd Dimension  Disney Channel.url -> hxxp://tv.disney.go.com/disneychannel/originalmovies/phineasandferb/games/doom/index.html
InternetURL: C:\Users\Tracy\Favorites\Links\pittsburgh men seeking women classifieds - craigslist.url -> hxxp://pittsburgh.craigslist.org/m4w/
InternetURL: C:\Users\Tracy\Favorites\Links\pittsburgh pets classifieds - craigslist.url -> hxxp://pittsburgh.craigslist.org/pet/
InternetURL: C:\Users\Tracy\Favorites\Links\Sign In.url -> hxxp://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1252366419&rver=5.5.4177.0&wp=MBI&wreply=hxxp:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-US
InternetURL: C:\Users\Tracy\Favorites\Links\soundtrackcollector Soundtrack details We're Back! A Dinosaur's Story.url -> hxxp://www.soundtrackcollector.com/catalog/soundtrackdetail.php?movieid=32888
InternetURL: C:\Users\Tracy\Favorites\Links\Suggested Sites.url -> https://ieonline.mic...ft.com/#ieslice
InternetURL: C:\Users\Tracy\Favorites\Links\toy story, Toys Hobbies, Collectibles. Great deals on eBay!.url -> hxxp://shop.ebay.com/i.html?_trkparms=65%253A12%257C66%253A4%257C39%253A1%257C72%253A2688&_nkw=toy+story&_sticky=1&_trksid=p3286.c0.m14&_sop=15&_sc=1
InternetURL: C:\Users\Tracy\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Tracy\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\My HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=EN_US&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\Pandora Internet Radio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pandora&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=91
InternetURL: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP Games\Warrior Epic\Visit Warrior Epic Forums.url -> hxxp://forums.warriorepic.com/
InternetURL: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP Games\Warrior Epic\Visit Warrior Epic Web Site.url -> hxxp://www.warriorepic.com/
InternetURL: C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP Games\Warrior Epic\Warrior Epic Customer Support.url -> hxxp://support.warriorepic.com/
 
==================== End of log =============================

  • 0

#15
tdjones813
Posted 07 May 2015 - 08:09 AM

tdjones813

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts

They just seem like ads.  I get one about my computer possibly being infected then the other one pops up down at the bottom right hand screen and is a video like a commercial.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP