This Trojjan attaced itself to my Windows\help. ive downloaded OTL and also FRST. i believe i got it watching a live stream site and my adblocker didnt block it or it was attached to it maybe? i have not checked my processes... here are the scan reports on my cpu. If any one can help me it would be much appreciated and id love to learn more so i may be able to help in the future
Ngunn421
Users shortcut scan result (x86) Version:13-12-2015
Ran by Nate (2015-12-13 19:22:13)
Running from C:\Users\Nate\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\WINDOWS\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk -> C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk -> C:\Program Files\Windows Calendar\WinCal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk -> C:\Program Files\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk -> C:\Program Files\Windows Mail\wab.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\Movie Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk -> C:\Program Files\Movie Maker\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk -> C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner\Wise Registry Cleaner.lnk -> C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (WiseCleaner.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Family Safety.lnk -> C:\WINDOWS\Installer\{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}\fssicon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files\Windows Live\Mesh\WLSync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Getting Started Guide.lnk -> C:\hp\documentation\gsmc.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety & Comfort Guide.lnk -> C:\hp\documentation\297660.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Upgrading and Servicing Guide.lnk -> C:\hp\documentation\usgmr.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP support information.lnk -> C:\hp\support\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\Recovery Disc Creation.lnk -> C:\WINDOWS\SMINST\CD Creator.exe (SoftThinks)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\Recovery Manager.lnk -> C:\WINDOWS\SMINST\Restore7.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Padus DiscJuggler\DiscJuggler.lnk -> C:\Program Files\Padus\DiscJuggler\Cdj.exe (Padus Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Padus DiscJuggler\Network Console.lnk -> C:\Program Files\Padus\DiscJuggler\pfcsrvc.exe (Padus Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Padus DiscJuggler\Documentation\DiscJuggler.lnk -> C:\Program Files\Padus\DiscJuggler\cdj1033.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Base.lnk -> C:\Program Files\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Calc.lnk -> C:\Program Files\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Draw.lnk -> C:\Program Files\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Impress.lnk -> C:\Program Files\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Math.lnk -> C:\Program Files\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Writer.lnk -> C:\Program Files\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice.lnk -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\EarthLink.lnk -> C:\Program Files\Online Services\EarthLink\InstallEarthLink.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\Juno Dial-up.lnk -> C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\MSN.lnk -> C:\Program Files\Online Services\MSN90\msnsusii.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\Netzero Dial-up.lnk -> C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\Netzero High-speed.lnk -> C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\United States\Try AOL Today.lnk -> C:\Program Files\Online Services\Aolus\InstallAol.exe (Hewlett Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\Canada\Netzero Dial-up.lnk -> C:\Program Files\Online Services\Netzero_du_ca\NetZeroHSSetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\Canada\Netzero High-speed.lnk -> C:\Program Files\Online Services\Netzero_Acc_ca\NetZeroHSSetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Getting Started.lnk -> C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\gtngstrtd.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Calendar.lnk -> C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Database.lnk -> C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Portfolio.lnk -> C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Spreadsheet.lnk -> C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Task Launcher.lnk -> C:\Program Files\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Word Processor.lnk -> C:\WINDOWS\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II\Age of Empires II Readme.lnk -> C:\Program Files\Microsoft Games\Age of Empires II\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II\Age of Empires II.lnk -> C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Age of Empires Expansion.lnk -> C:\Program Files\Microsoft Games\Age of Empires\EMPIRESX.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Age of Empires Readme.lnk -> C:\Program Files\Microsoft Games\Age of Empires\Readme.doc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Age of Empires.lnk -> C:\Program Files\Microsoft Games\Age of Empires\EMPIRES.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Rise of Rome Readme.lnk -> C:\Program Files\Microsoft Games\Age of Empires\Readmex.doc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Problem Reports and Solutions.lnk -> C:\WINDOWS\System32\wercon.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\WINDOWS\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -> C:\Program Files\Microsoft Games\Chess\Chess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk -> C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk -> C:\Program Files\Microsoft Games\Hearts\Hearts.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\InkBall.lnk -> C:\Program Files\Microsoft Games\inkball\inkball.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -> C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk -> C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\PurblePlace.lnk -> C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk -> C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk -> C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Uninstall.lnk -> C:\Program Files\InstallShield Installation Information\{10133CDD-50B9-4783-B336-8B48F3653715}\Setup.exe (InstallShield Software Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades\Windows Anytime Upgrade.lnk -> C:\WINDOWS\System32\WindowsAnytimeUpgrade.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Easy Photo Print.lnk -> C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Read Me\Easy Photo Print.lnk -> C:\Program Files\Epson Software\Easy Photo Print\DspReadMe.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\NX100 Series Information Center\NX100 Series Information Center.lnk -> C:\Program Files\epson\guide\nx100_e\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\NX100 Series Information Center\Uninstall NX100 Series Information Center.lnk -> C:\Program Files\epson\guide\nx100_e\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk -> C:\WINDOWS\twain_32\ESCNDV\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Diablo II - Lord of Destruction.lnk -> C:\Program Files\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Diablo II.lnk -> C:\Program Files\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Lord of Destruction Read Me.lnk -> C:\Program Files\Diablo II\xreadme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Read Me.lnk -> C:\Program Files\Diablo II\d2readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Support.lnk -> C:\Program Files\Diablo II\support\index.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Video Test.lnk -> C:\Program Files\Diablo II\D2VidTst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo\Diablo Manual.lnk -> E:\MANUAL\DIABLO.PDF (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo\Diablo Readme.lnk -> C:\Program Files\Diablo\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo\Diablo.lnk -> C:\Program Files\Diablo\Diablo.exe (Blizzard Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk -> C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\WINDOWS\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\WINDOWS\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\WINDOWS\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\WINDOWS\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\WINDOWS\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\WINDOWS\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\WINDOWS\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\WINDOWS\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\WINDOWS\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\WINDOWS\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\WINDOWS\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\WINDOWS\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\WINDOWS\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Sticky Notes.lnk -> C:\WINDOWS\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Backup.lnk -> C:\WINDOWS\System32\sdclt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\WINDOWS\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\WINDOWS\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\WINDOWS\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\migwiz.lnk -> C:\WINDOWS\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\WINDOWS\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\WINDOWS\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{EF3B9A83-8561-4526-B581-06B3E72BDE48}\PlayTasks\2\Age of Empires III - The WarChiefs (no sound).lnk -> C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{EF3B9A83-8561-4526-B581-06B3E72BDE48}\PlayTasks\1\Age of Empires III - The WarChiefs (no video).lnk -> C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{EF3B9A83-8561-4526-B581-06B3E72BDE48}\PlayTasks\0\Play.lnk -> C:\Program Files\Microsoft Games\Age of Empires III\age3x.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E91579C0-4EA9-4a2a-A9B2-04BEF1D6DC29}\PlayTasks\0\Minesweeper.lnk -> C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D5FEA8C1-D4FD-48DF-A6A7-7EAF0DDB6D25}\PlayTasks\2\EA Help.lnk -> C:\Users\Nate\Desktop\Games\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D5FEA8C1-D4FD-48DF-A6A7-7EAF0DDB6D25}\PlayTasks\0\SPORE™.lnk -> C:\Users\Nate\Desktop\Games\Sporebin\SporeApp.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D1A7F7E0-D4E9-49e8-BF2C-CEAA01D2E670}\PlayTasks\0\Hearts.lnk -> C:\Program Files\Microsoft Games\Hearts\Hearts.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{AFA7FF39-1DDF-4f70-A2D5-23FCFFF02E5F}\PlayTasks\0\Spider Solitaire.lnk -> C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{AF698A5B-24D6-4f78-AE95-204B09EDC7B6}\PlayTasks\0\Mahjong.lnk -> C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{91CA4D38-EA2B-4f3c-94DE-36C1386182FC}\PlayTasks\0\Purble Place.lnk -> C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{6C815596-821F-40b3-8A84-643B73A8EB16}\PlayTasks\0\FreeCell.lnk -> C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{48DE2B25-A3A2-4121-808D-5DD991D9FEBB}\PlayTasks\0\InkBall.lnk -> C:\Program Files\Microsoft Games\inkball\inkball.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{2ACA2534-4054-4E34-B91B-0BCBC1CC84F1}\PlayTasks\2\EA Help.lnk -> C:\Program Files\Electronic Arts\SPORE\Support\EA Help\Electronic_Arts_Technical_Support.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{2ACA2534-4054-4E34-B91B-0BCBC1CC84F1}\PlayTasks\0\SPORE™.lnk -> C:\Program Files\Electronic Arts\SPORE\Sporebin\SporeApp.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{205286E5-F5F2-4306-BDB1-864245E33227}\PlayTasks\0\Chess.lnk -> C:\Program Files\Microsoft Games\Chess\Chess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{00D8862B-6453-4957-A821-3D98D74C76BE}\PlayTasks\0\Solitaire.lnk -> C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\wtwc\onplay.lnk -> C:\Program Files\HP Games\onplay\onplay.exe (No File)
Shortcut: C:\ProgramData\Hewlett-Packard\Netzero\launchnz.lnk -> C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe ()
Shortcut: C:\ProgramData\Hewlett-Packard\Juno\launchjuno.lnk -> C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe ()
Shortcut: C:\Users\Brina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\WINDOWS\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\Videos\Sample Videos.lnk -> C:\Users\Public\Videos\Sample Videos ()
Shortcut: C:\Users\Nate\Pictures\Sample Pictures.lnk -> C:\Users\Public\Pictures\Sample Pictures ()
Shortcut: C:\Users\Nate\Music\Sample Music.lnk -> C:\Users\Public\Music\Sample Music ()
Shortcut: C:\Users\Nate\Links\Documents.lnk -> C:\Users\Nate\Documents ()
Shortcut: C:\Users\Nate\Links\Music.lnk -> C:\Users\Nate\Music ()
Shortcut: C:\Users\Nate\Links\Pictures.lnk -> C:\Users\Nate\Pictures ()
Shortcut: C:\Users\Nate\Links\Public.lnk -> C:\Users\Public ()
Shortcut: C:\Users\Nate\Links\Recently Changed.lnk -> C:\Users\Nate\Searches\Recently Changed.search-ms ()
Shortcut: C:\Users\Nate\Links\Searches.lnk -> C:\Users\Nate\Searches ()
Shortcut: C:\Users\Nate\Downloads\folder fos\zip\nes roms.lnk -> C:\Users\Nate\Downloads\brudtopia\nes roms ()
Shortcut: C:\Users\Nate\Desktop\Diablo - Shortcut.lnk -> C:\Program Files\Diablo\Diablo.exe (Blizzard Entertainment)
Shortcut: C:\Users\Nate\Desktop\nestopia_anticheat_V2 - Shortcut.lnk -> C:\Users\Nate\Downloads\brudtopia\nestopia_anticheat_V2.exe ()
Shortcut: C:\Users\Nate\Desktop\Project64 1.6.lnk -> C:\Program Files\Project64 1.6\Project64.exe ()
Shortcut: C:\Users\Nate\Desktop\TSBToolSupreme - Shortcut.lnk -> C:\Users\Nate\Downloads\brudtopia\tools,editors\TSBToolSupreme_0.9.1_Beta\TSBToolSupreme.exe ( )
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6\Project64 1.6.lnk -> C:\Program Files\Project64 1.6\Project64.exe ()
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\WINDOWS\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Nate\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk -> C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc)
Shortcut: C:\Users\Nate\AppData\Local\Microsoft\Windows\GameExplorer\{ED0459BC-DA62-4AEE-8B53-863E27BBC0B7}\PlayTasks\0\Play.lnk -> C:\Program Files\Diablo\Diablo.exe (Blizzard Entertainment)
Shortcut: C:\Users\Nate\AppData\Local\Microsoft\Windows\GameExplorer\{6B5F72EE-D35C-4D93-85C5-F293198EF959}\PlayTasks\0\Play.lnk -> C:\Program Files\Microsoft Games\Age of Empires\EMPIRES.EXE (Microsoft Corporation)
Shortcut: C:\Users\Nate\AppData\Local\Microsoft\Windows\GameExplorer\{6AAF46B6-0A3F-46A1-A1EE-3787E9D83707}\PlayTasks\0\Play.lnk -> C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Adobe Reader X.lnk -> C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Age of Empires Expansion.lnk -> C:\Program Files\Microsoft Games\Age of Empires\EMPIRESX.EXE (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Age of Empires II.lnk -> C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Age of Empires.lnk -> C:\Program Files\Microsoft Games\Age of Empires\EMPIRES.EXE (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\AVG 2015.lnk -> C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\DiscJuggler.lnk -> C:\Program Files\Padus\DiscJuggler\Cdj.exe (Padus Incorporated)
Shortcut: C:\Users\Public\Desktop\Epson Easy Photo Print.lnk -> C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\Users\Public\Desktop\EPSON Scan.lnk -> C:\WINDOWS\twain_32\ESCNDV\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Earth.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\Users\Public\Desktop\NX100 Series Information Center.lnk -> C:\Program Files\epson\guide\nx100_e\index.html ()
Shortcut: C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\Vuze.lnk -> C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc)
Shortcut: C:\Users\Public\Desktop\Windows Media Center.lnk -> C:\WINDOWS\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Wise Registry Cleaner.lnk -> C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe (WiseCleaner.com)
Shortcut: C:\Users\will\Pictures\Sample Pictures.lnk -> C:\Users\Public\Pictures\Sample Pictures ()
Shortcut: C:\Users\will\Music\Sample Music.lnk -> C:\Users\Public\Music\Sample Music ()
Shortcut: C:\Users\will\Links\Documents.lnk -> C:\Users\Nate\Documents ()
Shortcut: C:\Users\will\Links\Music.lnk -> C:\Users\Nate\Music ()
Shortcut: C:\Users\will\Links\Pictures.lnk -> C:\Users\Nate\Pictures ()
Shortcut: C:\Users\will\Links\Public.lnk -> C:\Users\Public ()
Shortcut: C:\Users\will\Links\Recently Changed.lnk -> C:\Users\Nate\Searches\Recently Changed.search-ms ()
Shortcut: C:\Users\will\Links\Searches.lnk -> C:\Users\Nate\Searches ()
Shortcut: C:\Users\will\Desktop\Pharaoh.lnk -> C:\Impressions Games\Pharaoh\Pharaoh.exe (No File)
Shortcut: C:\Users\will\Desktop\Play Star Wars Galactic Battlegrounds - Saga.lnk -> C:\Users\Nate\Desktop\Games\Clone Campaigns\CloneCampaigns.exe (No File)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\WINDOWS\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Easy Burner.lnk -> C:\Program Files\Free Easy CD DVD Burner\FreeEasyBurner.exe (No File)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk -> C:\Program Files\InfraRecorder\infrarecorder.exe (No File)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Users\Nate\Downloads\firefox.exe (No File)
Shortcut: C:\Users\will\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Nate\Documents\uTorrent.exe (No File)
Shortcut: C:\Users\will\AppData\Local\Microsoft\Windows\GameExplorer\{BBC36073-34A7-485D-AF8A-CF551CCCF21E}\PlayTasks\0\Play.lnk -> C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Local\Microsoft\Windows\GameExplorer\{B8059E9D-09E0-46B3-8D03-83A750CEBEDA}\PlayTasks\0\Play.lnk -> C:\Program Files\Firaxis Games\Civilization III\Civilization3.exe ()
Shortcut: C:\Users\will\AppData\Local\Microsoft\Windows\GameExplorer\{B271520F-7FF4-42D4-A0F4-BC3CE0DF7218}\PlayTasks\0\Play.lnk -> C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe (No File)
Shortcut: C:\Users\will\AppData\Local\Microsoft\Windows\GameExplorer\{53079383-6AC9-4BAF-834B-D1911F66E731}\PlayTasks\0\Play.lnk -> C:\Program Files\Microsoft Games\Age of Empires\EMPIRES.EXE (Microsoft Corporation)
Shortcut: C:\Users\will\AppData\Local\Microsoft\Windows\GameExplorer\{5118D199-950D-45D7-BBE0-59DAA258D0A9}\PlayTasks\0\Play.lnk -> C:\Impressions Games\Pharaoh\Pharaoh.exe (No File)
Shortcut: C:\Users\will\AppData\Local\Microsoft\Windows\GameExplorer\{347CDDEB-F2DA-48D3-A291-29DB562889BF}\PlayTasks\0\Play.lnk -> C:\Program Files\Microsoft Games\Age of Empires III\age3.exe (No File)
Shortcut: C:\Users\William\Videos\Sample Videos.lnk -> C:\Users\Public\Videos\Sample Videos ()
Shortcut: C:\Users\William\Pictures\Sample Pictures.lnk -> C:\Users\Public\Pictures\Sample Pictures ()
Shortcut: C:\Users\William\Music\Sample Music.lnk -> C:\Users\Public\Music\Sample Music ()
Shortcut: C:\Users\William\Links\Documents.lnk -> C:\Users\William\Documents ()
Shortcut: C:\Users\William\Links\Music.lnk -> C:\Users\William\Music ()
Shortcut: C:\Users\William\Links\Pictures.lnk -> C:\Users\William\Pictures ()
Shortcut: C:\Users\William\Links\Public.lnk -> C:\Users\Public ()
Shortcut: C:\Users\William\Links\Recently Changed.lnk -> C:\Users\William\Searches\Recently Changed.search-ms ()
Shortcut: C:\Users\William\Links\Searches.lnk -> C:\Users\William\Searches ()
Shortcut: C:\Users\William\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\William\Desktop\Games\Civilization III.lnk -> C:\Program Files\Firaxis Games\Civilization III\Civilization3.exe ()
Shortcut: C:\Users\William\Desktop\Games\Diablo II - Lord of Destruction.lnk -> C:\Program Files\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\Users\William\Desktop\Games\Diablo II.lnk -> C:\Program Files\Diablo II\Diablo II.exe (Blizzard North)
Shortcut: C:\Users\William\Desktop\Games\Pharaoh\Pharaoh Read me.lnk -> C:\Impressions Games\Pharaoh\Readme.txt (No File)
Shortcut: C:\Users\William\Desktop\Games\Civilization III\Play Civilization III.lnk -> C:\Program Files\Firaxis Games\Civilization III\Civilization3.exe ()
Shortcut: C:\Users\William\Desktop\Games\Civilization III\Read Me.lnk -> C:\Program Files\Firaxis Games\Civilization III\README.txt ()
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\WINDOWS\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\WINDOWS\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\William\AppData\Local\Microsoft\Windows\GameExplorer\{CEF67777-EE75-4690-A338-A7DF1E24E0DB}\PlayTasks\0\Play.lnk -> C:\Program Files\Firaxis Games\Civilization III\Civilization3.exe ()
Shortcut: C:\Users\William\AppData\Local\Microsoft\Windows\GameExplorer\{1479E764-EBC4-4E76-B818-D82E6D3A4872}\PlayTasks\0\Play.lnk -> C:\Program Files\Diablo II\Diablo II.exe (Blizzard North)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk -> C:\Program Files\Online Services\eBay\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=desktop&locale=en_us&bd=all&c=81
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\WINDOWS\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\Internet & Digital Services.lnk -> C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe (Hewlett-Packard) -> /LaunchPage /eis
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires II\Uninstall Age of Empires II.lnk -> C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Age of Empires Gold\Uninstall Age of Empires Gold.lnk -> C:\Program Files\Microsoft Games\Age of Empires\Uninstal.Exe (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestoreCenter
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\WINDOWS\System32\msiexec.exe (Microsoft Corporation) -> /i {D31AA60E-A9E5-47CF-AE3C-C980C5A1FF51} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google) -> -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk -> C:\Program Files\Google\Google Earth\client\googleearth.exe (Google) -> -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth .lnk -> C:\WINDOWS\System32\msiexec.exe (Microsoft Corporation) -> /x {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON NX100 Series\Buy Ink.lnk -> C:\WINDOWS\System32\spool\drivers\w32x86\3\E_FARNEDA.EXE (SEIKO EPSON CORPORATION) -> /T "MENU" /D "EPSON NX100 Series" /M "Stylus NX100" /A
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON NX100 Series\Driver Update.lnk -> C:\WINDOWS\System32\spool\drivers\w32x86\3\E_DUPA30.EXE (SEIKO EPSON CORPORATION) -> /P "EPSON NX100 Series" /D C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FVIFEDA.VIF
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON NX100 Series\EPSON Printer Software Uninstall.lnk -> C:\WINDOWS\System32\spool\drivers\w32x86\3\E_FINSEDA.EXE (SEIKO EPSON CORPORATION) -> /R /APD /P:"EPSON NX100 Series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON NX100 Series\Online Support.lnk -> C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation) -> C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FGEPEDA.DLL,GE_OpenELINK "Stylus NX100"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Uninstall Diablo II.lnk -> C:\WINDOWS\DIIUnin.exe (Blizzard Entertainment) -> C:\Windows\DIIUnin.dat
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo\Uninstall Diablo.lnk -> C:\WINDOWS\DiabUnin.exe (Blizzard Entertainment) -> C:\Windows\DiabUnin.dat
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\WINDOWS\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\WINDOWS\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Reliability and Performance Monitor.lnk -> C:\WINDOWS\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\WINDOWS\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\WINDOWS\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.WelcomeCenter
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\WINDOWS\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\WINDOWS\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{D5FEA8C1-D4FD-48DF-A6A7-7EAF0DDB6D25}\PlayTasks\1\Read Me.lnk -> C:\WINDOWS\notepad.exe (Microsoft Corporation) -> C:\Users\will\Desktop\Games\SporeBin\readme.txt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{2ACA2534-4054-4E34-B91B-0BCBC1CC84F1}\PlayTasks\1\Read Me.lnk -> C:\WINDOWS\notepad.exe (Microsoft Corporation) -> C:\Program Files\Electronic Arts\SPORE\SporeBin\readme.txt
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\SDP\launchreg.lnk -> C:\Program Files\Hewlett-Packard\SDP\OOBEEzsetup.exe (Hewlett-Packard) -> /LaunchPage /reg
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\base\launch_base.lnk -> C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe (Hewlett-Packard) -> /LaunchPage /eisbase,welcenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6\Uninstall Project64 1.6.lnk -> C:\WINDOWS\System32\msiexec.exe (Microsoft Corporation) -> /x {9559F7CA-5E34-4237-A2D9-D856464AD727}
ShortcutWithArgument: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\will\Desktop\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\will\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\will\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\William\Desktop\Games\Pharaoh\Register Pharaoh.lnk -> C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation) -> ereg.dll,_StandAloneEreg@16 C:\Impressions Games\Pharaoh\sierra.inf
ShortcutWithArgument: C:\Users\William\Desktop\Games\Pharaoh\Uninstall Pharaoh.lnk -> C:\WINDOWS\IsUninst.exe (InstallShield Software Corporation) -> -f"C:\Impressions Games\Pharaoh\uninst.isu"
ShortcutWithArgument: C:\Users\William\Desktop\Games\Civilization III\Uninstall Civilization III.lnk -> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe () -> /M{2157961D-0507-44A8-BCF2-1EE2D439E8DF}
ShortcutWithArgument: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Internet Radio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=pandora&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II\Register Diablo II.url -> hxxp://www.blizzard.com/register/diablo2/
InternetURL: C:\Users\Default\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\HP Club.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\HP Music.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpmusic&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\My HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=desktop&locale=EN_US&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\Pandora Internet Radio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pandora&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Default\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Nate\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Nate\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Nate\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Nate\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Nate\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Nate\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Nate\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Nate\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Nate\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Nate\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Nate\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Nate\Favorites\Microsoft Websites\Marketplace.url -> hxxp://go.microsoft.com/fwlink/?linkid=69151
InternetURL: C:\Users\Nate\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Nate\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Nate\Favorites\Microsoft Websites\Welcome to IE7.url -> hxxp://go.microsoft.com/fwlink/?linkid=68919
InternetURL: C:\Users\Nate\Favorites\Links\Suggested Sites.url -> hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Nate\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Nate\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\HP Club.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\HP Music.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpmusic&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\My HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=desktop&locale=EN_US&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\Pandora Internet Radio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pandora&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\Nate\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\The Pharaoh web site.URL -> hxxp://www.Pharaoh1.com
InternetURL: C:\Users\will\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\will\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\will\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\will\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\will\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\will\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\will\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\will\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\will\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\will\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\will\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\will\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\will\Favorites\Microsoft Websites\Marketplace.url -> hxxp://go.microsoft.com/fwlink/?linkid=69151
InternetURL: C:\Users\will\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\will\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\will\Favorites\Microsoft Websites\Welcome to IE7.url -> hxxp://go.microsoft.com/fwlink/?linkid=68919
InternetURL: C:\Users\will\Favorites\Links\Customize Links.url -> hxxp://go.microsoft.com/fwlink/?LinkId=53540
InternetURL: C:\Users\will\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\HP Club.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\HP Music.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpmusic&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\My HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=desktop&locale=EN_US&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\Pandora Internet Radio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pandora&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\will\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\William\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\William\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\William\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\William\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\William\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\William\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\William\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\William\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\William\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\William\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\William\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\William\Favorites\Microsoft Websites\Marketplace.url -> hxxp://go.microsoft.com/fwlink/?linkid=69151
InternetURL: C:\Users\William\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\William\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\William\Favorites\Microsoft Websites\Welcome to IE7.url -> hxxp://go.microsoft.com/fwlink/?linkid=68919
InternetURL: C:\Users\William\Favorites\Links\Customize Links.url -> hxxp://go.microsoft.com/fwlink/?LinkId=53540
InternetURL: C:\Users\William\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\William\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\HP Club.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\HP Music.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpmusic&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\My HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=desktop&locale=EN_US&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\Pandora Internet Radio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pandora&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=desktop&locale=en_us&bd=all&c=81
InternetURL: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EA Games\Battlefield Heroes\Battlefield Heroes.url -> hxxp://www.battlefieldheroes.com/
==================== End of Shortcut.txt =============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-12-2015
Ran by Nate (2015-12-13 19:18:51)
Running from C:\Users\Nate\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2010-11-26 23:39:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2849096342-3297611014-1419977089-500 - Administrator - Disabled)
Guest (S-1-5-21-2849096342-3297611014-1419977089-501 - Limited - Enabled)
Nate (S-1-5-21-2849096342-3297611014-1419977089-1004 - Administrator - Enabled) => C:\Users\Nate
William (S-1-5-21-2849096342-3297611014-1419977089-1003 - Administrator - Enabled) => C:\Users\William
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6176 - AVG Technologies)
AVG 2015 (Version: 15.0.4483 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6176 - AVG Technologies) Hidden
Civilization III (HKLM\...\InstallShield_{2157961D-0507-44A8-BCF2-1EE2D439E8DF}) (Version: 1.00.0000 - 2K Games)
Civilization III (Version: 1.00.0000 - 2K Games) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo (HKLM\...\Diablo) (Version: - )
Diablo (HKU\S-1-5-21-2849096342-3297611014-1419977089-1004\...\Diablo) (Version: - )
Diablo II (HKLM\...\Diablo II) (Version: - )
DiscJuggler (HKLM\...\DiscJuggler) (Version: 6.0.0.1400 - Padus Incorporated)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON NX100 Series Printer Uninstall (HKLM\...\EPSON NX100 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires Gold (HKLM\...\Age of Empires Gold 1.0) (Version: - )
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Star Wars Galactic Battlegrounds: Saga (HKLM\...\{10133CDD-50B9-4783-B336-8B48F3653715}) (Version: - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.2.0 - Azureus Software, Inc.)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Registry Cleaner 8.72 (HKLM\...\Wise Registry Cleaner_is1) (Version: 8.72 - WiseCleaner.com, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
17-10-2015 20:23:22 Scheduled Checkpoint
19-10-2015 21:48:27 Scheduled Checkpoint
20-10-2015 21:15:10 Scheduled Checkpoint
20-10-2015 22:21:04 Windows Update
06-12-2015 19:52:29 Windows Update
06-12-2015 19:59:56 Windows Update
07-12-2015 10:25:09 Scheduled Checkpoint
08-12-2015 00:00:05 Scheduled Checkpoint
08-12-2015 17:56:19 Windows Update
09-12-2015 16:54:25 Scheduled Checkpoint
10-12-2015 18:17:21 Scheduled Checkpoint
12-12-2015 19:23:25 Windows Update
13-12-2015 11:57:31 Device Driver Package Install: Google, Inc
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 04:23 - 2006-09-18 15:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05721044-9A1F-4EA1-B7EF-F4D5FAD82054} - System32\Tasks\1215avUpdateInfo => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe [2015-11-22] ()
Task: {0A97D266-5E46-4223-8DDD-73EA49715C2B} - System32\Tasks\JavaUpdatewill => C:\Windows\system32\jusched.exe
Task: {0E6B9FB5-FEDB-4BEF-A640-C7F8327AA1C6} - System32\Tasks\{F73029ED-8183-4307-9F89-0B18A752AFAB} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {123A20CA-F0D4-4040-BCD5-9CEA4D31AF44} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-09-22] (WiseCleaner.com)
Task: {13588CED-B5DD-452B-898A-64495420266B} - System32\Tasks\{58031F39-E170-4079-91DB-EB253971BE00} => pcalua.exe -a C:\Users\will\AppData\Local\Temp\GLF441~1.EXE -d C:\Users\will\AppData\Local\Temp -c /s -path="C:\Program Files\uTorrentBar" -dllname="tbuTor.dll" -helpername="uTorrentBarToolbarHelper.exe" -hostid="{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"
Task: {1460D165-4073-44EC-B3D0-37D030A471A8} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {17AB9D0D-DE96-4272-A31E-757E077B439E} - System32\Tasks\0715avUpdateInfo => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe [2015-07-07] ()
Task: {1BFAD246-7B9A-48A0-9541-3C9463996271} - System32\Tasks\{3B72C4E9-4D9C-4E6C-B390-3592CBD83C80} => pcalua.exe -a C:\Users\will\Desktop\Games\Support\SPORE™_uninst.exe -d C:\Users\will\Desktop\Games\Support
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {21ABF096-42D8-4A40-85CA-BDB96B912E15} - System32\Tasks\{EEE943DD-ECBB-484A-95F0-F7005E37AFB8} => pcalua.exe -a E:\S2\SETUP.EXE -d E:\S2
Task: {26EF0951-6C07-485C-B13F-A630A01AC1D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23] (Google Inc.)
Task: {325599C6-4358-4AB5-ADF4-AD2C30D22B05} - \TraffiCondition -> No File <==== ATTENTION
Task: {3930D0F6-33BE-4B73-809C-1994DC554E9F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0c0f2508c5c0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23] (Google Inc.)
Task: {3AF07B6C-CDF8-47DF-8D5F-7E707BEA27F0} - System32\Tasks\{A67D4B1C-4510-4D51-BEE9-403B6003671F} => pcalua.exe -a E:\EPSETUP.EXE -d E:\
Task: {4472CAEC-75B8-4B08-9B84-9A292E916A28} - System32\Tasks\0415avUpdateInfo => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe [2015-04-21] ()
Task: {47F5506F-4AAE-4AD2-941B-B55983EA260E} - System32\Tasks\Java™ Platform SE 6 U1 => C:\Windows\system32\jureg.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {4A477B42-2AC1-4C85-8FE1-C3C93DEF50AF} - System32\Tasks\JavaUpdateWilliam => C:\Windows\system32\jusched.exe
Task: {75E0DEA2-D537-4E31-B848-425FA0116551} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {9D2AC31B-37CB-4D5D-A6AE-DFEE94F76D9C} - System32\Tasks\JavaUpdateNate => C:\Windows\system32\jusched.exe
Task: {A15A30C8-313B-4D17-99F6-5BACEFD68AF3} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe
Task: {AB20E66D-4F87-4A00-A5A0-4B795BD3C455} - System32\Tasks\0615avUpdateInfo => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe [2015-05-07] ()
Task: {B147BDD2-669E-4443-B66F-BBA894426B94} - System32\Tasks\JavaUpdateBrina => C:\Windows\system32\jusched.exe
Task: {BF903892-D778-40B1-9AFD-97E983038448} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-30] (Adobe Systems Incorporated)
Task: {C11DAA42-AB2F-4595-9205-3E11578E3BD1} - System32\Tasks\0915avUpdateInfo => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe [2015-07-26] ()
Task: {C8B11EC3-B430-4329-842B-01CB69C7BC63} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\system32\jusched.exe
Task: {CB099472-A47D-4D43-93EF-0DBD9C03ADE0} - System32\Tasks\PC-Doctor\Scheduled Maintanence => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe
Task: {D51DF45F-4713-40AE-83CB-42E7E419A0A5} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-09-22] (WiseCleaner.com)
Task: {DBFE27E5-16F5-461B-85FC-00650DE62957} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {E97C2137-5969-430F-80D7-23B40B8C9585} - System32\Tasks\{01F0B85E-C534-4B46-9CF5-91C0A8CA6C49} => pcalua.exe -a "C:\Program Files\Electronic Arts\SPORE\Support\SPORE™_uninst.exe" -d "C:\Program Files\Electronic Arts\SPORE\Support"
Task: {F7A69E87-168A-47BE-8E4A-1E490B4E989C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0c0f2508c5c0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk -> C:\Program Files\Online Services\eBay\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=ebay&pf=desktop&locale=en_us&bd=all&c=81 <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2012-09-29 20:51 - 2012-09-29 20:51 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2011-10-25 08:59 - 2011-10-25 08:59 - 00244960 _____ () C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
2015-08-23 16:19 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Nate\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-08-23 16:19 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Nate\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2849096342-3297611014-1419977089-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Nate\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.42.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [TCP Query User{006CF813-3DDD-4465-808F-93EFE827CD28}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{B70A57E5-0BAC-49A2-9E63-C4073AF97FC1}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [{ED2B7496-5F00-4C32-8841-68ED9D519B45}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{8EF0AD07-4C38-4DE9-A178-6E3BAC115D23}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{48B2EF3C-060E-4D03-8468-CFCBAA6193E8}] => (Allow) LPort=67
FirewallRules: [{30B06C1C-CB12-46EF-A288-16326E845E84}] => (Allow) LPort=67
FirewallRules: [{F71F4AEE-2A7A-41C0-884B-E1C9E590C77A}] => (Allow) C:\WINDOWS\System32\PnkBstrA.exe
FirewallRules: [{4F139905-8A55-4475-95F7-4DB5060DBA73}] => (Allow) C:\WINDOWS\System32\PnkBstrA.exe
FirewallRules: [{758BEB4C-1526-4751-8319-B88A8F659261}] => (Allow) C:\WINDOWS\System32\PnkBstrB.exe
FirewallRules: [{63344FB4-E73E-4520-A459-E62218707A61}] => (Allow) C:\WINDOWS\System32\PnkBstrB.exe
FirewallRules: [{135413FB-F427-40E8-B794-0DB6F2CA957D}] => (Allow) LPort=80
FirewallRules: [{5DF2DF84-EBF8-4AE9-AF3C-9F59A77B2BFB}] => (Allow) LPort=80
FirewallRules: [{20FBBDA1-54BE-4C74-A784-1C40CC395E53}] => (Allow) LPort=80
FirewallRules: [{21AD9221-E33E-4B07-9E47-E7C27BB19D5C}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{BAC6BAF3-A84A-44BC-936B-070158F71FB7}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{B43B3ABE-1CB6-426C-9B84-8F33D25F691D}C:\users\nate\downloads\brudtopia\nestopia_anticheat_v2.exe] => (Allow) C:\users\nate\downloads\brudtopia\nestopia_anticheat_v2.exe
FirewallRules: [UDP Query User{9895F382-B0D3-401F-94C9-F27128DD945C}C:\users\nate\downloads\brudtopia\nestopia_anticheat_v2.exe] => (Allow) C:\users\nate\downloads\brudtopia\nestopia_anticheat_v2.exe
FirewallRules: [TCP Query User{40FBAE07-31B3-444D-BE35-836510BDF0C3}C:\program files\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files\microsoft games\age of empires ii\empires2.icd
FirewallRules: [UDP Query User{6C6B7D34-81FF-4F99-B3DC-D87B1CFA88FA}C:\program files\microsoft games\age of empires ii\empires2.icd] => (Allow) C:\program files\microsoft games\age of empires ii\empires2.icd
FirewallRules: [TCP Query User{AB53F76F-88B6-4D6D-AEBF-0830BBF7B255}C:\program files\microsoft games\age of empires\empires.exe] => (Block) C:\program files\microsoft games\age of empires\empires.exe
FirewallRules: [UDP Query User{826C1EAC-8677-4422-855D-E330CD1295F9}C:\program files\microsoft games\age of empires\empires.exe] => (Block) C:\program files\microsoft games\age of empires\empires.exe
FirewallRules: [{A8CA2311-2545-4486-948F-2C51A4F09248}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{649159DA-EE6A-4633-98A4-AF04EBCE74AA}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{66003DC5-230F-45E5-B9F8-90880B991A54}] => (Allow) LPort=2869
FirewallRules: [{5668FE3D-1DB6-41D2-8F49-FA938FE529FD}] => (Allow) LPort=1900
FirewallRules: [{EB2996D2-A1A1-4540-B61C-9BDF55A38233}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{C93E03C1-FEC3-4738-B9B2-44D19EC2F54F}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{231EAE8F-FA8C-4746-B431-5C86F160EC55}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{416013C2-E6F0-4E00-B53A-FECFC1E63B15}C:\program files\microsoft games\age of empires\empiresx.exe] => (Block) C:\program files\microsoft games\age of empires\empiresx.exe
FirewallRules: [UDP Query User{E0F9FFA3-2B8C-4EAC-AF1A-E9301D00B6CE}C:\program files\microsoft games\age of empires\empiresx.exe] => (Block) C:\program files\microsoft games\age of empires\empiresx.exe
FirewallRules: [TCP Query User{F4D0F022-4538-4272-A756-5217F27E290F}C:\program files\microsoft games\age of empires\empires.exe] => (Block) C:\program files\microsoft games\age of empires\empires.exe
FirewallRules: [UDP Query User{F09117F5-D634-48BD-BC32-A5BEC49EEBB2}C:\program files\microsoft games\age of empires\empires.exe] => (Block) C:\program files\microsoft games\age of empires\empires.exe
FirewallRules: [{F99CE0CE-AD79-47BE-8F60-45547B1EB05A}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{833C007D-F560-4C9C-8735-C153E1AB4DF9}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{B31D1CDF-63C7-4344-AB48-ED2FE08F6B7A}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{1C23C1A7-A8D7-468D-9819-C3BDFD04F03B}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{7CAF2575-28C1-4064-A420-CAB4DE9689AC}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F7502DA7-6E64-4D47-A6A5-2DE9C653FB74}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{845CE466-44B4-4B32-B49A-63C287F3DD73}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{C1D4BF03-452F-4D47-9A85-AC2A899E56BA}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{7FDE802B-39D6-4FA0-9340-44DAF4274C93}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{A83D4850-6057-470C-962C-2A4DA78D80DC}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{1B802B6D-AC50-4F99-A0FD-5F4120193F73}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{C3CBC8C0-DA0A-4CF7-B686-083463891BB0}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B1643398-4406-43C5-9591-615D2EBA308A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{63487F2A-6367-43D0-9B64-C8AB4FED5E14}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{D1693F0C-3F3C-4C57-8DDC-B26B65EA26E6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/13/2015 03:29:38 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
Error: (12/08/2015 06:08:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (12/08/2015 06:08:22 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (12/08/2015 12:56:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application nestopia_anticheat_V2.exe, version 0.1.39.0, time stamp 0x501d85f4, faulting module kailleraclient.dll_unloaded, version 0.0.0.0, time stamp 0x48954d8f, exception code 0xc0000005, fault offset 0x68019b1a,
process id 0x1320, application start time 0xnestopia_anticheat_V2.exe0.
Error: (12/06/2015 08:39:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
Error: (12/06/2015 08:39:19 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (10/22/2015 11:39:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.0.6002.18005 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 818
Start Time: 01d10cef9fe64244
Termination Time: 47
Error: (10/17/2015 07:03:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application nestopia_anticheat_V2.exe, version 0.1.39.0, time stamp 0x501d85f4, faulting module kailleraclient.dll_unloaded, version 0.0.0.0, time stamp 0x48954d8f, exception code 0xc0000005, fault offset 0x719d9b1a,
process id 0xcc0, application start time 0xnestopia_anticheat_V2.exe0.
Error: (10/17/2015 06:28:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application nestopia_anticheat_V2.exe, version 0.1.39.0, time stamp 0x501d85f4, faulting module kailleraclient.dll_unloaded, version 0.0.0.0, time stamp 0x48954d8f, exception code 0xc0000005, fault offset 0x71cb9b1a,
process id 0x810, application start time 0xnestopia_anticheat_V2.exe0.
Error: (10/17/2015 06:19:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application nestopia_anticheat_V2.exe, version 0.1.39.0, time stamp 0x501d85f4, faulting module kailleraclient.dll_unloaded, version 0.0.0.0, time stamp 0x48954d8f, exception code 0xc0000005, fault offset 0x71699b1a,
process id 0xf68, application start time 0xnestopia_anticheat_V2.exe0.
System errors:
=============
Error: (12/13/2015 05:08:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (12/13/2015 05:03:20 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: 2147549183
Error: (12/13/2015 03:33:29 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}
Error: (12/13/2015 03:33:29 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wcncsvc{375FF000-DD27-11D9-8F9C-0002B3988E81}
Error: (12/13/2015 03:29:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
Avglogx
i8042prt
MpFilter
spldr
sptd
Wanarpv6
Error: (12/13/2015 03:29:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: AVGIDSAgentAVGIDSDriver%%31
Error: (12/13/2015 03:29:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068
Error: (12/13/2015 03:29:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (12/13/2015 03:29:42 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (12/13/2015 03:29:40 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}
CodeIntegrity:
===================================
Date: 2015-12-13 19:18:37.316
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:18:36.754
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:18:36.191
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:18:35.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:16:34.908
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:16:33.997
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:16:33.170
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:16:32.339
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgmfx86.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:16:29.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-12-13 19:16:28.987
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Pentium® Dual CPU E2140 @ 1.60GHz
Percentage of memory in use: 82%
Total physical RAM: 2038.64 MB
Available physical RAM: 347.8 MB
Total Virtual: 4330.55 MB
Available Virtual: 2591.49 MB
==================== Drives ================================
Drive c: (COMPAQ) (Fixed) (Total:223.52 GB) (Free:61.77 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.36 GB) (Free:1.26 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=223.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
And here is the OTL scan results:
OTL logfile created on: 12/13/2015 6:33:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nate\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 0.36 Gb Available Physical Memory | 18.00% Memory free
4.23 Gb Paging File | 2.70 Gb Available in Paging File | 63.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.52 Gb Total Space | 61.89 Gb Free Space | 27.69% Space Free | Partition Type: NTFS
Drive D: | 9.36 Gb Total Space | 1.26 Gb Free Space | 13.48% Space Free | Partition Type: NTFS
Computer Name: NATE | User Name: Nate | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/12/13 18:32:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nate\Downloads\OTL.exe
PRC - [2015/12/06 19:39:48 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe
PRC - [2015/12/04 15:32:56 | 000,741,704 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2015/11/12 11:51:06 | 005,565,448 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2015/11/12 11:51:02 | 001,893,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2015/11/12 11:47:52 | 000,411,920 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2015/10/30 12:25:26 | 003,642,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgidsagent.exe
PRC - [2015/10/30 12:21:50 | 003,780,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgui.exe
PRC - [2015/10/30 12:19:08 | 000,827,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgcsrvx.exe
PRC - [2015/10/30 12:19:06 | 000,990,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2015\avgrsx.exe
PRC - [2015/10/30 12:18:54 | 001,356,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgnsx.exe
PRC - [2015/10/30 12:11:46 | 000,747,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgemcx.exe
PRC - [2015/10/30 12:10:26 | 000,335,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe
PRC - [2015/09/14 08:25:38 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015/04/30 00:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2015/04/29 23:18:28 | 000,981,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/10/25 08:59:16 | 000,244,960 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/25 07:52:08 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/04/18 09:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - [2015/11/12 11:51:02 | 001,893,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2015/11/12 11:47:52 | 000,411,920 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2015/10/30 12:25:26 | 003,642,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2015/10/30 12:10:26 | 000,335,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2015/09/14 08:25:38 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/07/30 01:28:16 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/04/30 00:04:12 | 000,284,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2015/04/30 00:04:12 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/10/25 08:59:16 | 000,244,960 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2008/01/19 01:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2015/10/19 12:38:58 | 000,252,336 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2015/10/12 13:44:55 | 000,329,384 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sptd.sys -- (sptd)
DRV - [2015/08/23 16:49:05 | 000,013,368 | ---- | M] (SlimWare Utilities, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2015/08/19 10:52:38 | 000,222,640 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2015/08/04 10:33:00 | 000,230,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2015/08/04 10:32:46 | 000,189,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2015/07/23 15:44:26 | 000,031,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2015/06/16 14:54:52 | 000,207,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2015/05/07 12:52:08 | 000,290,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2015/03/20 11:18:22 | 000,035,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2015/03/11 11:13:46 | 000,132,576 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2015/03/04 18:34:52 | 000,095,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/10/18 06:24:14 | 000,032,408 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\androidusb.sys -- (androidusb)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/08/29 02:04:04 | 000,116,264 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\SI3112r.sys -- (SI3112r)
DRV - [2007/08/29 02:04:04 | 000,019,240 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\SiWinAcc.sys -- (SiFilter)
DRV - [2007/08/03 04:44:00 | 000,091,648 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/02 01:36:43 | 001,523,200 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ati2mtag.sys -- (ati2mtag)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com...ilc=8&fr=mkg029
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {A5652B3C-9F10-4679-BB19-AC5326CFFAB8}
IE - HKLM\..\SearchScopes\{2F26FF16-5BB7-40C8-BAD4-14C07A01200B}: "URL" = http://www.ask.com/w...}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{A5652B3C-9F10-4679-BB19-AC5326CFFAB8}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSSE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ario&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
IE - HKCU\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}
IE - HKCU\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://www.bing.com/...=MSSEDF&pc=MSSE
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.40.2: C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2: C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2015/03/22 20:30:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nate\AppData\Roaming\Mozilla\Extensions
[2015/07/30 01:35:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\9w3efu86.default\extensions
[2015/07/30 01:35:53 | 000,000,000 | ---D | M] (CCuitThePrriace) -- C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\9w3efu86.default\extensions\[email protected]
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.4_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\47.0.2526.28_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfnnjkppogeoedffjkkkfeoifdkdijia\12.14.7.40967_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop\1.0.0.4_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_1\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjnmacgahapmnnifmneapinilajfol\1.2_0\
O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON NX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDA.EXE (SEIKO EPSON CORPORATION)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab(Java Plug-in 11.40.2)
O16 - DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab(Java Plug-in 1.8.0_40)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab(Java Plug-in 11.40.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3989A947-E37B-416C-BEA5-AD17B66E7E2F}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{781C0054-09D9-4617-923F-E1580E5D921C}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB6C4325-FF58-4E64-A694-7BCAE40F162A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nate\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nate\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/11/23 13:08:29 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2015/12/12 18:37:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Avg_Update_1215av
[2015/12/10 11:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2015/12/10 11:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2015/12/08 18:13:46 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2015/12/08 18:13:45 | 000,682,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2015/12/08 18:13:45 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2015/12/08 18:13:45 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2015/12/08 18:13:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2015/12/08 18:13:44 | 002,068,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2015/12/08 18:13:44 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2015/12/08 18:13:44 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2015/12/08 18:13:43 | 001,073,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2015/12/08 18:11:39 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\els.dll
[2015/12/08 18:08:59 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2015/12/08 17:41:29 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2015/12/08 17:41:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2015/12/08 17:41:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2015/12/08 17:41:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2015/12/08 17:41:28 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2015/12/08 17:41:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2015/12/08 17:41:26 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2015/12/08 17:41:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2015/12/08 17:41:25 | 001,814,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2015/12/08 17:41:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2015/12/08 17:41:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2015/12/08 17:41:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2015/12/08 17:41:21 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2015/12/06 20:13:22 | 003,606,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/12/06 20:13:20 | 003,554,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/12/06 20:01:01 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/12/06 20:00:43 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2015/12/13 17:14:58 | 000,641,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2015/12/13 17:14:58 | 000,119,172 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2015/12/13 17:03:48 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0c0f2508c5c0.job
[2015/12/13 17:03:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/12/13 17:03:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/12/13 17:03:23 | 000,311,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2015/12/13 17:03:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/12/13 17:02:57 | 2138,431,488 | -HS- | M] () -- C:\hiberfil.sys
[2015/12/13 15:34:33 | 000,000,680 | ---- | M] () -- C:\Users\Nate\AppData\Local\d3d9caps.dat
[2015/12/13 14:13:52 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\Wise Registry Cleaner Schedule Task.job
[2015/12/13 11:58:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_androidusb_01005.Wdf
[2015/12/12 18:37:47 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\1215avUpdateInfo.job
[2015/12/09 16:06:53 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/12/08 21:39:28 | 000,247,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2015/12/06 21:20:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/12/06 20:29:16 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[3 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2015/12/13 17:02:57 | 2138,431,488 | -HS- | C] () -- C:\hiberfil.sys
[2015/12/13 15:30:44 | 000,000,680 | ---- | C] () -- C:\Users\Nate\AppData\Local\d3d9caps.dat
[2015/12/13 14:13:51 | 000,000,440 | ---- | C] () -- C:\Windows\tasks\Wise Registry Cleaner Schedule Task.job
[2015/12/13 11:58:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_androidusb_01005.Wdf
[2015/12/12 18:37:47 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\1215avUpdateInfo.job
[2015/09/28 19:17:01 | 000,135,767 | ---- | C] () -- C:\Users\Nate\pro letterhead.odt
[2015/07/12 17:26:47 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2015/07/12 17:26:46 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2015/07/12 17:26:46 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2015/07/12 17:26:46 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2015/07/12 17:26:46 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2015/07/12 17:26:46 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2015/07/12 17:26:46 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2015/07/12 17:26:46 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2015/07/12 17:26:46 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2015/07/12 17:26:46 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2015/07/12 17:26:46 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2015/07/12 17:26:46 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2015/07/12 17:26:46 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2015/07/12 17:26:46 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2015/07/12 17:26:46 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2015/07/12 17:26:46 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2015/07/12 17:12:15 | 000,000,044 | ---- | C] () -- C:\Windows\EPNX100.ini
[2015/04/04 13:52:53 | 000,000,108 | ---- | C] () -- C:\Users\Nate\AppData\Roaming\wklnhst.dat
[2015/04/04 03:03:49 | 000,000,043 | ---- | C] () -- C:\Users\Nate\jagex_cl_oldschool_LIVE.dat
[2015/04/04 03:03:49 | 000,000,001 | ---- | C] () -- C:\Users\Nate\random.dat
[2015/03/10 02:35:57 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2015/03/09 19:17:49 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2015/03/09 19:17:48 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2015/03/09 15:28:59 | 000,000,522 | ---- | C] () -- C:\Windows\eReg.dat
[2015/03/09 15:09:29 | 000,006,607 | ---- | C] () -- C:\Windows\DiabUnin.dat
[2015/03/04 14:51:57 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2015/03/04 14:51:57 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2015/03/04 14:51:57 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2015/03/04 04:47:15 | 000,035,096 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2015/03/01 00:53:39 | 000,966,278 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2012/07/30 16:18:02 | 008,673,792 | ---- | C] () -- C:\ProgramData\atscie.msi
========== ZeroAccess Check ==========
[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/07/28 18:46:08 | 011,588,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Sign In
Create Account
