Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 30/12/2015 4:01:43 PM
Note: All dates below are in the format dd/mm/yyyy
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 30/12/2015 5:53:58 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:53:58.236]: [00001112]: Initialize TwdsMain Class failed!
Log: 'Application' Date/Time: 30/12/2015 5:53:58 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:53:58.224]: [00001112]: ##### Fatal ERROR!! Create STI-device failed! #####
Log: 'Application' Date/Time: 30/12/2015 5:53:58 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:53:58.223]: [00001112]: BrStiIf: GetDeviceList Failed! pStiInfo = 0x0..
Log: 'Application' Date/Time: 30/12/2015 7:23:19 AM
Type: Error Category: 0
Event: 12298 Source: VSS
Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\. The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully. ], Flush[0x00000000, The operation completed successfully. ], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced. ], OnRun[0x00000000, The operation completed successfully. ].
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
Log: 'Application' Date/Time: 30/12/2015 7:23:18 AM
Type: Error Category: 0
Event: 12310 Source: VSS
Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out. Error context: DeviceIoControl(\\?\Volume{a3ee7c83-2453-11e0-adba-806e6f6e6963} - 000000000000013C,0x0053c010,0000000000355380,0,0000000000354370,4096,[0]).
Operation:
Committing shadow copies
Context:
Execution Context: System Provider
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 30/12/2015 8:20:22 PM
Type: Warning Category: 0
Event: 2400 Source: HP Active Health
Error getting process: The given key was not present in the dictionary.
Log: 'Application' Date/Time: 30/12/2015 8:20:06 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl GET EmbeddedController.AuditLog.JSON command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
Log: 'Application' Date/Time: 30/12/2015 8:20:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl GET Diags.PostCodeError command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
Log: 'Application' Date/Time: 30/12/2015 6:10:56 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:56.560]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492
Log: 'Application' Date/Time: 30/12/2015 6:10:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:51.635]: [00001112]: Save Header failed
Log: 'Application' Date/Time: 30/12/2015 6:10:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:51.635]: [00001112]: Save BMP Header saved. save size = 62
Log: 'Application' Date/Time: 30/12/2015 6:10:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:51.626]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492
Log: 'Application' Date/Time: 30/12/2015 6:10:42 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:42.979]: [00001112]: Skip JpegDecInitialize
Log: 'Application' Date/Time: 30/12/2015 6:10:00 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:00.063]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492
Log: 'Application' Date/Time: 30/12/2015 6:09:55 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:55.221]: [00001112]: Save Header failed
Log: 'Application' Date/Time: 30/12/2015 6:09:55 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:55.221]: [00001112]: Save BMP Header saved. save size = 62
Log: 'Application' Date/Time: 30/12/2015 6:09:55 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:55.216]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492
Log: 'Application' Date/Time: 30/12/2015 6:09:46 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:46.206]: [00001112]: Skip JpegDecInitialize
Log: 'Application' Date/Time: 30/12/2015 5:55:37 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:37.933]: [00001112]: Save Header failed
Log: 'Application' Date/Time: 30/12/2015 5:55:37 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:37.933]: [00001112]: Save BMP Header saved. save size = 54
Log: 'Application' Date/Time: 30/12/2015 5:55:37 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:37.929]: [00001112]: Result status = 2
Log: 'Application' Date/Time: 30/12/2015 5:55:22 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:22.575]: [00001112]: ScanDecPageStart() or JpegDecOpen() succeed. IsBandDecMode = 0
Log: 'Application' Date/Time: 30/12/2015 5:54:35 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:54:35.918]: [00001112]: Save Header failed
Log: 'Application' Date/Time: 30/12/2015 5:54:35 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:54:35.918]: [00001112]: Save BMP Header saved. save size = 54
Log: 'Application' Date/Time: 30/12/2015 5:54:35 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:54:35.914]: [00001112]: Result status = 2
Infection Win32:Evo-gen [Susp] & "offers4u" pop-up ads
#16
Posted 30 December 2015 - 03:02 PM
#17
Posted 30 December 2015 - 03:37 PM
Do you have a subscription to Carbonite? If not uninstall the program.
You have two programs that are causing a delay in boot and may not be working at all.
PowerChute Personal Edition 3.0.2
IHA_MessageCenter by Verizon
I would uninstall them both and if you use then then download and install the latest version.
#18
Posted 30 December 2015 - 07:56 PM
Do you have a subscription to Carbonite?....Yes. I can't find a way to update to latest software.
You have two programs that are causing a delay in boot and may not be working at all.
PowerChute Personal Edition 3.0.2 ...I'm using this. I have the latest version.
IHA_MessageCenter by Verizon....I uninstalled it.
#19
Posted 30 December 2015 - 09:52 PM
You can update to the latest version of Carbonite from within the Carbonite InfoCenter.
Or so says Carbonite.
Looking back over your FRST logs I see you have remnants from Lavasoft but do not see it in the install list. Let's remove them as they may be causing problems.
#20
Posted 31 December 2015 - 10:10 AM
Fix result of Farbar Recovery Scan Tool (x64) Version:28-12-2015
Ran by WAYNE (2015-12-31 10:42:40) Run:2
Running from C:\Users\WAYNE\Desktop
Loaded Profiles: WAYNE (Available Profiles: WAYNE & HP_Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
CMD: netsh winsock reset catalog
EmptyTemp:
*****************
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 => key not found.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015 => key not found.
========= netsh winsock reset catalog =========
Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
EmptyTemp: => 428.2 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 10:51:26 ====
#21
Posted 31 December 2015 - 10:23 AM
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-12-2015
Ran by WAYNE (2015-12-31 11:13:44)
Running from C:\Users\WAYNE\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-01-20 02:19:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3431438650-1370896122-3677072999-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3431438650-1370896122-3677072999-1007 - Limited - Enabled)
Guest (S-1-5-21-3431438650-1370896122-3677072999-501 - Limited - Disabled)
HP_Administrator (S-1-5-21-3431438650-1370896122-3677072999-1001 - Limited - Enabled) => C:\Users\HP_Administrator
WAYNE (S-1-5-21-3431438650-1370896122-3677072999-1000 - Administrator - Enabled) => C:\Users\WAYNE
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version: - )
Amazon Cloud Player (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Any Video Converter Ultimate 5.8.4 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Problem Report Wizard (Version: 3.0.821.0 - ATI Technologies) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Autorun Eater v2.6 (HKLM-x32\...\Autorun Eater_is1) (Version: 2.6 - Old McDonald's Farm)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.2.10.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 0.9.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.2.10.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.15.10.0 - Canon Inc.)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.9 build 5385 (Sep-01-2015) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CD Wave Editor version 1.72 (HKLM-x32\...\CD Wave_is1) (Version: 1.72 - )
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.0.8.5 (19/03/2011) (HKLM-x32\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.2.2.7 (06/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.1.3.6 (20/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.1.6.3 (18/08/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech)
honestech VHS to DVD 5.0 Deluxe (x32 Version: 5.0 - honestech) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
LP Recorder (HKLM-x32\...\{375DBB30-93A7-11DF-6DF1-00CE5F8B1649}) (Version: 10.1.1.0 - CFB Software)
LP Ripper (HKLM-x32\...\LP Ripper) (Version: - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 43.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 - NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Scansoft PDF Professional (x32 Version: - ) Hidden
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Secunia PSI (3.0.0.9015) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia)
Sonic Activation Module (x32 Version: 1.0 - Sonic Solutions) Hidden
Spectro (HKLM-x32\...\{1F8D186D-8C5C-4589-BC28-1A8964CA74A6}) (Version: 1.0.93 - )
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
TreeSize Free V3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2 - JAM Software)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
USB2.0 VIDBOX NW03 (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 3.0.2 - honestech)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - )
VDownloader 4.2.1721 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05C2AFAB-1669-4270-B908-5AEDD12DCF61} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {16C2F780-8534-4282-B1EE-33BCCCF95A84} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {1B4261BA-A30F-4406-9D87-7169711543CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {1ED38ACE-7320-463D-B7D4-BA97BC94FBD2} - System32\Tasks\{3DB4B822-8F0A-4B6B-897B-25EEC36E6544} => pcalua.exe -a C:\Users\WAYNE\Downloads\vkaraoke.exe -d C:\Users\WAYNE\Downloads
Task: {27960216-22B7-4BAC-856B-52003E27175B} - System32\Tasks\{9E5E5D76-BEA8-4241-A71B-A2DC4B79C73D} => pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller.exe -d C:\Users\WAYNE\Downloads
Task: {2A3931BA-E0C3-4885-89B0-CF2DB953B0CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {37B96978-7AAA-4A05-92FB-12AF041C1DA7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-01] (Dropbox, Inc.)
Task: {3C7172BA-E154-4210-81CB-80B0F1CEABBE} - System32\Tasks\{12388B71-6B6D-4F1F-AB05-2E3B3F581A78} => pcalua.exe -a C:\Users\WAYNE\Downloads\jxpiinstall.exe -d C:\Users\WAYNE\Downloads
Task: {45938A5E-07A4-40EB-99B4-EDDB8E4C498C} - System32\Tasks\HPCeeScheduleForWAYNE => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {4F2FA1CA-FB1A-428A-8EF5-761FE1413DB5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-25] (AVAST Software)
Task: {550479C4-DFA9-41A2-94AB-EA4905FB0BA5} - System32\Tasks\{FC5269F4-123B-49B8-9E24-CA0B9F4B4AF0} => pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(2).exe -d C:\Users\WAYNE\Downloads
Task: {5BB13A09-50D5-4B37-AB94-3DBB5BB4D7DD} - System32\Tasks\{E9A83544-B7AA-4216-87AA-1AA7A5F2C905} => pcalua.exe -a C:\Users\WAYNE\Desktop\Flash_Disinfector.exe -d C:\Users\WAYNE\Desktop
Task: {603B1BC1-40AE-4B6F-9F51-2B14962F1D87} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {6724A5B4-790C-4CA0-B06A-65E303E20F9F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-01] (Dropbox, Inc.)
Task: {675314EA-5203-4440-AC82-3BEFFBA103BA} - System32\Tasks\{8C5E6A49-B6CB-41EE-8711-9EB2A2B82850} => pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(1).exe -d C:\Users\WAYNE\Downloads
Task: {6E4CD1FA-6DC5-4D8A-8716-F7CC7967466A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {72BF3A2D-806A-406C-B41D-5255FC320731} - System32\Tasks\{B3BFC816-702E-46B2-B817-F37852601A84} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {737D388B-8F48-4B1B-87DB-2CC1255EA968} - System32\Tasks\{B75BA780-F5C2-489E-96D9-B441EA0F8F48} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2015-09-01] (Carbonite, Inc.)
Task: {742C998D-9267-4B64-BB56-9C85614E5EC7} - System32\Tasks\{3B88E11C-6EEE-4B9C-A1F4-ABB279A8096C} => C:\Program Files (x86)\SpywareGuard\sgmain.exe
Task: {81821ACE-5831-4B79-8C1C-F8757FC95A30} - System32\Tasks\{7E68DA7F-2A76-4A84-BFB3-3B6DAA99BDF6} => C:\Users\WAYNE\Downloads\AdobeFlashPlayer_11.5.502.110_ax_SPS.exe
Task: {853CBFC1-6356-4CA1-BA08-4313C37F6F63} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {8709F0BF-D924-4F2F-A3D1-2E2B270BD379} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {8B16E2C5-FF87-41D9-9310-00FC75F06ABA} - System32\Tasks\{5FBB4B39-272E-4C4F-878B-627233C1A795} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {90024603-975D-469C-9ED7-EB984DF25BE7} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {92900472-CCE7-4634-A6DF-2313F23006A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {96C51570-8E87-4313-AD2F-98C8E36472AA} - System32\Tasks\{08CE54A7-1A03-44FB-8194-D45D469175DF} => pcalua.exe -a C:\Users\WAYNE\Desktop\vkaraoke.exe -d C:\Users\WAYNE\Desktop
Task: {9995EF72-A48A-4938-A1FE-F1A0E656C81A} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {9A617CA1-D496-49CF-8C59-6C4746907AC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {9E67EE41-AB70-4A98-92E3-731CE177AB97} - System32\Tasks\{94E71E9B-7B6C-401D-89CE-5E5DDAF5EAAE} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {AE3980D1-1FE5-44BE-A011-6C1A3265EC0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {BB7E4936-8FFC-4A58-8994-E027535C3860} - System32\Tasks\{DFF6108C-8171-4724-9F72-B13C97BB0FE3} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2015-09-01] (Carbonite, Inc.)
Task: {BC8C5626-4357-4D2B-A51E-879F72E6550C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {C2F3AA2F-D1DD-4ED5-8558-26C8DF0EE90C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {C307104F-E043-49FD-8FB4-01AEA8ADA1FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForWAYNE.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-03 07:08 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-31 07:46 - 2015-12-31 07:46 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\15123100\algo.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2011-02-24 17:39 - 2011-02-24 17:39 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-02-24 17:39 - 2011-02-24 17:39 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-12 12:51 - 2015-10-30 19:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 12:51 - 2015-10-30 19:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 12:51 - 2015-12-08 16:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-12 12:51 - 2015-12-08 16:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 12:51 - 2015-10-30 20:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-07-03 07:08 - 2014-11-21 03:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:BF3D62E7
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100sexlinks.com -> 100sexlinks.com
There are 5317 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2014-09-09 19:26 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NCPluginUpdater => "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: VDownloader => C:\Program Files\VDownloader\VDownloader.exe /silent
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CB294ACD-D0CF-4C64-9517-EAA1E8C82191}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{E4C10304-B167-49A7-B8F9-EF0AEB8348AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{B01C7204-5A4C-4C9C-8465-682631F1000F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{98440DB8-2495-4977-B40D-EE5E4B6FAD9C}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{6BB97294-8CC8-48E7-84D6-A6E930E9B231}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{9D74DCAC-7F67-4BB9-ACC1-DE04A6329CE3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{336FE86C-EB9A-4D72-83BF-246E3FF370AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{160F4AE6-6B5A-4D91-97C4-3BD5C9E270D0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{C2602CD6-DF88-40F2-8F6E-8B3E909DF17D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{F4E7C279-EA5A-4BCD-A4BF-E3005F905BBB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{77830A32-BAC9-4339-8335-778B2BEC9AB1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{67F7F85E-CC62-4C95-8D74-1D1AA6C9051E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
FirewallRules: [{7FCB2DEC-6E0D-4B3D-A3DD-9B42D3518917}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{F400B9B3-2F3E-4462-B5EC-FB44A14053BA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{72BD1BDC-DA9E-4157-BD2D-8608190FD0C6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7F10951C-ED22-4BAE-BFF3-25A1C2831814}] => (Allow) svchost.exe
FirewallRules: [{7C4F56A3-4AA8-475F-BD46-E05B2FD0CAE2}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{15AD9551-76A1-40F2-BEF4-80F1A5398027}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{000B10B1-9481-4704-B8FA-846D51A186D2}] => (Allow) LPort=2869
FirewallRules: [{203F77E6-7637-43E0-BE3A-7C7C067F64B5}] => (Allow) LPort=1900
FirewallRules: [{6D360B3C-04FA-47D0-A750-59718E04C8D7}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{D1574A07-9E09-4944-8DE0-DB54A01545CF}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{68B43291-7D97-4EBF-B4F9-A762C00D37F8}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{C22006C3-D83C-4CE2-AAFD-02449499C8F0}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{73308006-0A55-4313-B1A9-39094A5DC029}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{77DC15B9-AB02-4A94-9549-95F54946859A}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{70C0580B-EBA2-4B35-8DC8-0D5DA8DD9B70}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{0869C632-DF9D-4C8B-BDED-D88AF67B8378}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{BBDC9B63-4BA7-44C9-9BF4-2883A39BD742}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdater.exe
FirewallRules: [{3A00BBDD-B091-47C3-9B3D-452D7780CA41}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{15CB24E3-01C5-45AE-A0B5-86108859B8ED}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{97363095-2633-423D-8947-AA1CF612207E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{075AFA60-1457-42BD-9E5D-DAB184E573C6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{0386B9E5-7085-4EEA-B4BC-DB3BA49C6D15}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [TCP Query User{B34A4DF5-D5A0-43E5-8B96-19DCFEF80EB4}F:\techwizard.exe] => (Allow) F:\techwizard.exe
FirewallRules: [UDP Query User{5FFCB1B7-05EA-4140-8D76-CBE5B4AAD1BF}F:\techwizard.exe] => (Allow) F:\techwizard.exe
FirewallRules: [{B154E613-8AC0-42AF-9480-1A961B18FA84}] => (Allow) LPort=50000
FirewallRules: [{D63FE239-F915-4AA9-B2F2-0F8DD3039D76}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{BF8B1AD8-AE80-44AC-BD16-C2A136A43A17}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{962B06F3-87C3-4787-9061-674ED3A0EB4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B16158EA-CFCF-463A-ACEC-4A7E082995B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{458BA114-ADA5-4EDD-808C-EE935F6381A3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{FCBF5BD8-FA13-471A-96DB-C3231AF87209}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{804DDBBB-CA8B-4922-BF68-483E7F26F6EE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{AFD73BC9-AD58-498A-9EEF-1760D490B48D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5CB780DC-732E-49A7-BE71-181CC8B4196A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{0B9623EB-1111-4A92-8CA0-4A71C66BBE8C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{9C5DB092-EEF9-41E2-AB2A-C4199759F6C9}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{3AAC0BF2-6C0B-4A92-8E1A-878B7CD25410}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{C26D7715-D0F9-41F4-9CEC-4A874E5256E5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{CF019F7A-9295-453C-8469-3D6B2E411257}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{560C430D-0D9B-4BAB-9F44-AE808FAE6A6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D576B179-3A1C-43CE-93C5-00B41B8E9843}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{121FEF0C-34F0-4631-8670-BE99915DD229}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0D8510A3-D231-44D7-B123-AF7F7D4D1433}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7529187B-B1A2-4564-989D-22E67C7813CC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{453D4BC5-EDD6-4EA2-8A67-1DAFA2AD43D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{896E11AB-D6C5-4476-9C26-0FCADA9E4357}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{513CDA7D-4471-47B2-91C9-EBB159306A85}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{0B3C8FE2-6BC6-4559-B4C9-6C48AC889B34}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{88ECE08A-C9D8-40A4-8848-526DCA75A919}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0BB612AE-C6EA-43D2-9972-A8075D7882F7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9AF168E8-1C33-4B63-8982-7727C37CA6D5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{55542234-B119-45CE-AD13-BC246B72B688}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
26-12-2015 02:00:23 Windows Backup
27-12-2015 02:00:14 Windows Backup
28-12-2015 02:00:14 Windows Backup
29-12-2015 02:00:13 Windows Backup
29-12-2015 04:15:26 Windows Update
30-12-2015 02:00:23 Windows Backup
30-12-2015 19:44:42 Removed IHA_MessageCenter
31-12-2015 02:00:17 Windows Backup
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/31/2015 10:59:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.
.
Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]
Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070013, The media is write protected.
.
Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]
Error: (12/31/2015 10:52:43 AM) (Source: APC UPS Service) (EventID: 28688) (User: NT AUTHORITY)
Description: PowerChute not communicating with the battery backup.
Error: (12/30/2015 12:53:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/30 12:53:58.236]: [00001112]: Initialize TwdsMain Class failed!
Error: (12/30/2015 12:53:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/30 12:53:58.224]: [00001112]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (12/30/2015 12:53:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/30 12:53:58.223]: [00001112]: BrStiIf: GetDeviceList Failed! pStiInfo = 0x0..
Error: (12/30/2015 02:23:19 AM) (Source: VSS) (EventID: 12298) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x00000000, The operation completed successfully.
], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
], OnRun[0x00000000, The operation completed successfully.
].
Operation:
Executing Asynchronous Operation
Context:
Current State: DoSnapshotSet
System errors:
=============
Error: (12/31/2015 10:59:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053
Error: (12/31/2015 10:59:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
Error: (12/30/2015 02:23:28 AM) (Source: volsnap) (EventID: 8) (User: )
Description: The flush and hold writes operation on volume C: timed out while waiting for a release writes command.
Error: (12/29/2015 06:25:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The APC Data Service service failed to start due to the following error:
%%1053
Error: (12/29/2015 06:25:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the APC Data Service service to connect.
Error: (12/29/2015 06:24:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IHA_MessageCenter service failed to start due to the following error:
%%1053
Error: (12/29/2015 06:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.
CodeIntegrity:
===================================
Date: 2014-08-12 22:08:56.249
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-08-12 22:08:55.672
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon II X4 635 Processor
Percentage of memory in use: 49%
Total physical RAM: 4095.29 MB
Available physical RAM: 2051.57 MB
Total Virtual: 8188.78 MB
Available Virtual: 5896.36 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:583.63 GB) (Free:326.98 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.44 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Elements) (Fixed) (Total:465.76 GB) (Free:60.19 GB) NTFS
Drive i: (HP v125w) (Removable) (Total:3.73 GB) (Free:1.04 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 489EA3C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=583.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0002744A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-12-2015
Ran by WAYNE (administrator) on WAYNE-HP (31-12-2015 11:11:37)
Running from C:\Users\WAYNE\Desktop
Loaded Profiles: WAYNE (Available Profiles: WAYNE & HP_Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Vitzo) C:\Program Files\VDownloader\VDownloader4.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Old McDonald's Farm) C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Old McDonald's Farm) C:\Program Files (x86)\Autorun Eater\billy.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [4193280 2015-12-20] (Vitzo)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-25] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Autorun Eater] => C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe [522720 2012-02-17] (Old McDonald's Farm)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1066192 2015-09-01] (Carbonite, Inc.)
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bincom <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\windowsxp-kb969084-x86-enu.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\inst.exe <====== ATTENTION
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-25] (AVAST Software)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-07-17]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F07011C9-A074-4415-A7C9-4344A2CBEBD4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL =
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-25] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-25] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\7m8eqczb.default-1435330639172
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchEngine.US: Yahoo! (Avast)
FF DefaultSearchUrl: hxxps://search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxp://briansetzer.com/
FF Keyword.URL: hxxps://search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security, S.L.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: @citrixonline.com/appdetectorplugin -> C:\Users\WAYNE\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-27] (Citrix Online)
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll [2012-08-06] (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\crexsguw.Test profile\searchplugins\yahoo-avast.xml [2015-12-29]
FF SearchPlugin: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\7m8eqczb.default-1435330639172\searchplugins\yahoo-avast.xml [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-21] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-25]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-25]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20]
CHR Extension: (Google Docs) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-20]
CHR Extension: (Google Drive) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-20]
CHR Extension: (YouTube) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-20]
CHR Extension: (Google Search) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18]
CHR Extension: (Google Sheets) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-18]
CHR Extension: (Google Wallet) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-20]
CHR Extension: (Gmail) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-25] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-01] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-01] (Dropbox, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 stllssvr; "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-25] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
R0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-31 10:52 - 2015-12-31 10:52 - 00000000 _____ C:\Windows\SysWOW64\shoD49A.tmp
2015-12-30 15:59 - 2015-12-30 16:01 - 00006755 _____ C:\VEW.txt
2015-12-30 15:57 - 2015-12-30 15:57 - 00061440 _____ ( ) C:\Users\WAYNE\Desktop\VEW.exe
2015-12-30 12:55 - 2015-12-30 12:55 - 02740982 _____ C:\Users\WAYNE\Documents\coconut Black eyed peas pg 2.pdf
2015-12-30 12:54 - 2015-12-30 12:54 - 02012101 _____ C:\Users\WAYNE\Documents\coconut Black eyed peas pg 1.pdf
2015-12-29 18:22 - 2015-12-29 18:22 - 00003544 ____N C:\bootsqm.dat
2015-12-29 13:16 - 2015-12-29 14:09 - 00000000 ____D C:\AdwCleaner
2015-12-29 13:11 - 2015-12-29 13:11 - 01743360 _____ C:\Users\WAYNE\Desktop\AdwCleaner.exe
2015-12-29 11:11 - 2015-12-29 11:11 - 00000000 _____ C:\Windows\SysWOW64\sho8B4D.tmp
2015-12-29 09:20 - 2015-12-31 10:51 - 00003235 _____ C:\Users\WAYNE\Desktop\Fixlog.txt
2015-12-28 23:33 - 2015-12-29 11:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-28 22:48 - 2015-12-31 11:12 - 00041805 _____ C:\Users\WAYNE\Desktop\FRST.txt
2015-12-28 22:48 - 2015-12-29 14:37 - 00062562 _____ C:\Users\WAYNE\Desktop\Addition.txt
2015-12-28 22:47 - 2015-12-31 11:11 - 00000000 ____D C:\FRST
2015-12-28 22:43 - 2015-12-28 22:43 - 02370560 _____ (Farbar) C:\Users\WAYNE\Desktop\FRST64.exe
2015-12-28 14:18 - 2015-12-28 14:18 - 00002098 _____ C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2015-12-28 14:18 - 2015-12-28 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2015-12-26 19:40 - 2015-12-26 19:41 - 00001683 _____ C:\Users\Public\Desktop\VDownloader.lnk
2015-12-26 19:40 - 2015-12-26 19:41 - 00000000 ____D C:\Users\WAYNE\AppData\Local\VDownloader
2015-12-26 19:40 - 2015-12-26 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2015-12-26 19:40 - 2015-08-27 16:48 - 00444283 _____ C:\Program Files\Common Files\WinPcapNmap.exe
2015-12-25 17:10 - 2015-12-25 17:10 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-25 17:10 - 2015-12-25 17:10 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-25 16:57 - 2015-12-25 16:57 - 02721280 _____ C:\Users\WAYNE\Downloads\msxml6_x64 (1).msi
2015-12-25 16:46 - 2015-12-25 16:46 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\Opera Software
2015-12-25 16:46 - 2015-12-25 16:46 - 00000000 ____D C:\Users\WAYNE\AppData\Local\Opera Software
2015-12-25 16:45 - 2015-12-25 16:47 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-25 16:43 - 2015-12-26 19:41 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\VDownloader
2015-12-25 16:41 - 2015-12-25 16:41 - 00017088 _____ C:\Users\WAYNE\Desktop\Restore Report 12-25-2015 04-39-11PM.html
2015-12-25 13:41 - 2015-12-25 13:41 - 00002111 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-12-25 13:41 - 2015-12-25 13:41 - 00000000 ____D C:\Users\Public\Foxit Software
2015-12-25 13:41 - 2015-12-25 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-12-24 18:17 - 2015-12-24 18:18 - 09079391 _____ C:\Users\WAYNE\Downloads\Attachments(1).zip
2015-12-23 19:33 - 2015-12-23 19:33 - 00000000 ____D C:\Users\WAYNE\AppData\Local\CANON_INC
2015-12-23 19:18 - 2015-12-23 19:18 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\Canon_Inc_IC
2015-12-23 19:16 - 2015-12-23 19:16 - 00001163 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-12-23 19:16 - 2015-12-23 19:16 - 00001033 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-12-23 19:15 - 2015-12-23 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-23 19:15 - 2015-12-23 19:16 - 00000000 ____D C:\Program Files (x86)\Canon
2015-12-23 19:15 - 2015-12-23 19:15 - 00000892 _____ C:\Users\Public\Desktop\Digital Photo Professional 4.lnk
2015-12-23 19:15 - 2015-12-23 19:15 - 00000000 ____D C:\Program Files\Canon
2015-12-23 19:13 - 2015-12-23 19:13 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\canon
2015-12-23 19:12 - 2015-12-23 19:12 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2015-12-22 08:22 - 2015-12-22 08:22 - 00001715 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-22 08:22 - 2015-12-22 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-22 08:21 - 2015-12-22 08:22 - 00000000 ____D C:\Program Files\iTunes
2015-12-22 08:21 - 2015-12-22 08:21 - 00000000 ____D C:\Program Files\iPod
2015-12-22 08:21 - 2015-12-22 08:21 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-16 15:19 - 2015-12-16 15:19 - 09079391 _____ C:\Users\WAYNE\Downloads\Attachments.zip
2015-12-12 12:52 - 2015-12-12 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 13:28 - 2015-11-10 13:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 13:28 - 2015-11-10 13:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 13:28 - 2015-11-10 13:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 13:28 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-10 13:28 - 2015-11-10 13:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-10 13:28 - 2015-11-10 12:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 11:08 - 2015-12-29 06:08 - 09479872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-08 18:17 - 2015-11-20 13:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 18:17 - 2015-11-20 13:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 18:17 - 2015-11-20 13:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 18:17 - 2015-11-20 13:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 18:17 - 2015-11-03 14:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 18:17 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 18:15 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 18:15 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 18:15 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 18:15 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 18:15 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 18:15 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 18:15 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 18:14 - 2015-11-11 16:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 18:14 - 2015-11-11 15:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 18:14 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 18:14 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 18:14 - 2015-11-11 10:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 18:14 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 18:14 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 18:14 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 18:14 - 2015-11-11 09:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 18:14 - 2015-11-09 19:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 18:14 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 18:14 - 2015-11-09 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 18:14 - 2015-11-09 19:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 18:14 - 2015-11-09 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 18:14 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 18:14 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 18:14 - 2015-11-09 19:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 18:14 - 2015-11-09 19:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 18:14 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 18:14 - 2015-11-09 19:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 18:14 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 18:14 - 2015-11-09 19:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 18:14 - 2015-11-09 18:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 18:14 - 2015-11-09 18:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 18:14 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 18:14 - 2015-11-09 18:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 18:14 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 18:14 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 18:14 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 18:14 - 2015-11-09 18:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 18:14 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 18:14 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 18:14 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 18:14 - 2015-11-08 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 18:14 - 2015-11-08 17:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 18:14 - 2015-11-08 17:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 18:14 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 18:14 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 18:14 - 2015-11-08 17:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 18:14 - 2015-11-08 17:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 18:14 - 2015-11-08 17:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 18:14 - 2015-11-08 17:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 18:14 - 2015-11-08 17:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 18:14 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 18:14 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 18:14 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 18:14 - 2015-11-08 17:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 18:14 - 2015-11-08 17:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 18:14 - 2015-11-08 17:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 18:14 - 2015-11-08 16:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 18:14 - 2015-11-08 16:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 18:14 - 2015-11-08 16:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 18:14 - 2015-11-08 16:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 18:14 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 18:14 - 2015-11-08 16:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 18:14 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 18:14 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 18:14 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 18:14 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 18:14 - 2015-11-08 16:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 18:14 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 18:14 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 18:14 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 18:14 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 18:14 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 18:14 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-06 13:22 - 2015-12-06 13:22 - 02721280 _____ C:\Users\WAYNE\Downloads\msxml6_x64(2).msi
2015-12-03 13:51 - 2015-12-03 13:51 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 13:51 - 2015-12-03 13:51 - 00000000 ____D C:\Program Files\Common Files\AV
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-31 11:08 - 2014-09-26 18:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-31 11:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-31 11:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-31 11:01 - 2015-11-01 19:15 - 00000000 ___RD C:\Users\WAYNE\Dropbox
2015-12-31 11:01 - 2015-11-01 19:11 - 00000000 ____D C:\Users\WAYNE\AppData\Local\Dropbox
2015-12-31 10:58 - 2015-11-01 19:11 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-31 10:54 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-31 10:16 - 2015-11-01 19:11 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-30 19:45 - 2012-04-23 13:46 - 00000260 _____ C:\Windows\SysWOW64\cmdVBS.vbs
2015-12-30 19:45 - 2012-04-23 13:46 - 00000256 _____ C:\Windows\SysWOW64\MSIevent.bat
2015-12-29 14:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2015-12-29 11:33 - 2015-08-15 22:34 - 00001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-29 11:33 - 2014-09-17 19:57 - 00001101 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-29 11:11 - 2014-09-17 19:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-29 09:20 - 2011-02-11 18:15 - 00000000 ___SD C:\Users\WAYNE\AppData\LocalLow\Temp
2015-12-29 09:20 - 2011-01-20 10:30 - 00000000 ____D C:\Users\WAYNE\AppData\Local\CrashDumps
2015-12-29 06:08 - 2014-09-26 18:44 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-29 06:08 - 2014-09-18 07:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 06:08 - 2014-09-18 07:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-28 14:18 - 2011-02-12 09:45 - 00004144 _____ C:\Windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2015-12-27 21:38 - 2009-07-14 00:13 - 00797888 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-27 21:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-27 00:33 - 2010-12-28 17:02 - 00000000 ____D C:\ProgramData\PDFC
2015-12-26 19:41 - 2014-01-02 19:32 - 00000000 ____D C:\Program Files\VDownloader
2015-12-26 12:25 - 2012-06-03 04:45 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForWAYNE
2015-12-26 12:25 - 2012-06-03 04:45 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForWAYNE.job
2015-12-25 22:35 - 2014-08-17 10:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-25 17:10 - 2014-09-09 20:37 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-25 17:10 - 2014-08-17 10:18 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-25 17:08 - 2014-07-02 16:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-25 16:46 - 2011-01-19 21:43 - 00001379 _____ C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-24 17:55 - 2011-04-21 14:20 - 00000000 ____D C:\Users\WAYNE\Documents\VHS to DVD
2015-12-24 16:42 - 2011-04-12 14:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-23 14:31 - 2014-07-03 07:11 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-23 14:29 - 2014-07-03 07:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-22 08:21 - 2014-02-04 15:25 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-21 17:34 - 2013-04-30 07:38 - 00000000 ____D C:\Users\WAYNE\Documents\Rental
2015-12-14 20:50 - 2014-05-01 16:33 - 00000000 ____D C:\LP Recorder tracks
2015-12-13 01:54 - 2015-02-09 09:00 - 00027136 _____ C:\Users\WAYNE\Documents\Charity mileage 2015.xls
2015-12-12 12:52 - 2015-11-01 19:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-11 03:21 - 2009-07-13 23:45 - 00451224 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 05:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 03:34 - 2012-05-11 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 03:34 - 2012-05-11 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 03:14 - 2012-05-11 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 03:11 - 2013-07-11 06:20 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 03:02 - 2011-01-20 10:47 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 22:09 - 2013-03-19 08:09 - 00000000 ____D C:\LP Recorder wav files
2015-12-08 07:34 - 2015-04-02 12:31 - 00005710 _____ C:\Users\WAYNE\Documents\childhood messages.txt
2015-12-06 14:10 - 2015-02-15 18:34 - 00033280 _____ C:\Users\WAYNE\Documents\Mood Swings mileage 2015.xls
2015-12-04 20:16 - 2015-05-15 14:33 - 00021029 ____H C:\Users\WAYNE\Documents\~WRL2026.tmp
2015-12-03 06:06 - 2011-03-01 13:56 - 03325520 ____H C:\Users\WAYNE\Documents\~WRL2513.tmp
2015-12-02 13:18 - 2011-01-20 20:12 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2013-05-20 12:42 - 2014-06-22 12:57 - 0003729 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-12-26 19:40 - 2015-08-27 16:48 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-04-05 19:39 - 2011-04-05 19:39 - 0007859 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.cat
2011-04-05 19:39 - 2011-04-05 19:39 - 0001167 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.inf
2011-04-05 19:40 - 2011-04-05 19:40 - 0000034 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.log
2011-04-05 19:39 - 2011-04-05 19:39 - 0082816 _____ (VSO Software) C:\Users\WAYNE\AppData\Roaming\pcouffin.sys
2013-02-12 15:47 - 2015-01-19 20:17 - 0000935 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Files to move or delete:
====================
C:\Users\000\WindowsXP-KB969084-x86-enu.exe
C:\Users\WAYNE\en_res.dll
C:\Users\WAYNE\es_res.dll
C:\Users\WAYNE\fr_res.dll
C:\Users\WAYNE\grm_res.dll
C:\Users\WAYNE\it_res.dll
C:\Users\WAYNE\jp_res.dll
C:\Users\WAYNE\mfc80u.dll
C:\Users\WAYNE\msvcr80.dll
C:\Users\WAYNE\PCPE Setup.exe
C:\Users\WAYNE\pt_res.dll
C:\Users\WAYNE\ResourceReader.dll
C:\Users\WAYNE\ru_res.dll
C:\Users\WAYNE\zh_res.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-25 23:40
==================== End of FRST.txt ============================
#22
Posted 31 December 2015 - 10:24 AM
#23
Posted 31 December 2015 - 11:45 AM
I have the latest version of Carbonite.
#24
Posted 31 December 2015 - 12:57 PM
See if you can download, unzip and run by right clicking and Run As Admin the STUXNET Scanner Tool
http://blog.trendmic...-forensic-tool/
Also run FRST as before but this time check the Shortcut.txt box and then hit scan. It should create a file shortcut.txt which I need to see.
#25
Posted 31 December 2015 - 01:21 PM
I ran STUXNET. A screen appears then quickly disappears.
Shortcut.txt below. More to follow.
Users shortcut scan result (x64) Version:28-12-2015
Ran by WAYNE (2015-12-31 14:17:58)
Running from C:\Users\WAYNE\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk -> C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Premium.lnk -> C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk -> C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon\Verizon Update Center\Inbox.lnk -> C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\DisplayAgent.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon\Verizon Update Center\Preferences.lnk -> C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\MC_Client_Preferences.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk -> C:\Program Files\VDownloader\VDownloader4.exe (Vitzo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Operating Specifications.lnk -> C:\hp\documentation\opspecs_WW.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety & Comfort Guide.lnk -> C:\hp\documentation\SCG_en-US.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety and Regulatory Information.lnk -> C:\hp\documentation\safetyreg_EN.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Upgrading and Servicing Guide.lnk -> C:\hp\documentation\usgvn2_EN.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014\TurboTax 2014.lnk -> C:\Windows\Installer\{F2283AA1-869C-4497-8F18-09E36C67A014}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2013\TurboTax 2013.lnk -> C:\Windows\Installer\{2A4EEB5C-3BA6-4299-A87F-783861B567D9}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2012\TurboTax 2012.lnk -> C:\Windows\Installer\{F014B696-28C5-4554-802F-A15380418F53}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2010\TurboTax 2010.lnk -> C:\Windows\Installer\{A525E00B-6609-442E-9DCD-64453C233E8D}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free (Administrator).lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free Help.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\Uninstall TreeSize Free.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trader's Little Helper\Change Log.lnk -> C:\Program Files (x86)\Trader's Little Helper\changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trader's Little Helper\Trader's Little Helper.lnk -> C:\Program Files (x86)\Trader's Little Helper\tralih.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trader's Little Helper\Uninstall.lnk -> C:\Program Files (x86)\Trader's Little Helper\Uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk -> C:\Windows\Installer\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectro\Spectro.lnk -> C:\Program Files (x86)\Spectro\Spectro.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Home.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio\CinemaNow\Roxio CinemaNow.lnk -> C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Disc Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\CDCreator.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\ReaMote Slave (x64).lnk -> C:\Program Files\REAPER (x64)\reamote.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER License and User Agreement.lnk -> C:\Program Files\REAPER (x64)\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\Uninstall REAPER (x64).lnk -> C:\Program Files\REAPER (x64)\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\Whatsnew.txt.lnk -> C:\Program Files\REAPER (x64)\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete\PDF Complete.lnk -> C:\Program Files (x86)\PDF Complete\pdfvista.exe (PDF Complete Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP support information.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP Vision Diagnostics Disc Creation.lnk -> C:\Program Files\Hewlett-Packard\HP Vision Hardware Diagnostics\DiscCreation\disccreation.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda USB Vaccine\Uninstall Panda USB Vaccine.lnk -> C:\Program Files (x86)\Panda USB Vaccine\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\Skype.lnk -> C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\ImageViewer.lnk -> C:\Program Files (x86)\Nuance\PaperPort\pppagevw.exe (Nuance Communications, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\PaperPort.lnk -> C:\Program Files (x86)\Nuance\PaperPort\PaprPort.exe (Nuance Communications, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\PDF Viewer Plus.lnk -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PDFPlus.exe (Nuance Communications, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\infopath.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\mspub.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk -> C:\Program Files\Microsoft Office 15\root\office15\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\setlang.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Skype for Business Recording Manager.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\LPRipper Help.lnk -> C:\Program Files (x86)\LP Ripper\LPRipper.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\LPRipper.lnk -> C:\Program Files (x86)\LP Ripper\LPRipper.exe (CFB Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\Quick Start Guide.lnk -> C:\Program Files (x86)\LP Ripper\QuickStart.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\ReadMe.lnk -> C:\Program Files (x86)\LP Ripper\ReadMe.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\LP Recorder Help.lnk -> C:\Program Files (x86)\LP Recorder\LPRecorder.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\LP Recorder.lnk -> C:\Program Files (x86)\LP Recorder\LPRecorder.exe (CFB Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\Quick Start Guide.lnk -> C:\Program Files (x86)\LP Recorder\QuickStart.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\ReadMe.lnk -> C:\Program Files (x86)\LP Recorder\ReadMe.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\What's New.lnk -> C:\Program Files (x86)\LP Recorder\WhatsNew.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LabelPrint.lnk -> C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Quick Demo.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\Quick Demo.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\Hp\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart DVD.lnk -> C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Photo.lnk -> C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Video.lnk -> C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart.lnk -> C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\AdvisorVideo.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\AdvisorVideo\Doc.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Burn Video Folder to Disc.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\HTFolderToDisc.exe (Honest Technology (www.honestech.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Change Video Standard.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\ChangeVideoStandard.exe (honestech)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Copy DVD Disc.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\HTCopyVideoDVDDisc.exe (Honest Technology (www.honestech.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\honestech VHS to DVD 5.0 Deluxe User Guide.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5UG.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\honestech VHS to DVD 5.0 Deluxe.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5Starter.exe (Honest Technology)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Uninstall Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\CryptoPrevent\CryptoPrevent.lnk -> C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPrevent.exe (Foolish IT LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\CryptoPrevent\Uninstall CryptoPrevent.lnk -> C:\Program Files (x86)\Foolish IT\CryptoPrevent\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\Kobo.lnk -> C:\Program Files (x86)\Kobo\Kobo.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\PressReader.lnk -> C:\Program Files (x86)\NewspaperDirect\PressReader\PressReader.exe (NewspaperDirect)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\Zinio Reader 4.lnk -> C:\Program Files (x86)\Zinio Reader 4\Zinio Reader 4.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\DVDFab 9 US.lnk -> C:\Program Files (x86)\DVDFab 9 US\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 9 US\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\Uninstall DVDFab 9 US.lnk -> C:\Program Files (x86)\DVDFab 9 US\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\DVDFab 9.lnk -> C:\Program Files (x86)\DVDFab 9\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 9\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\Uninstall DVDFab 9.lnk -> C:\Program Files (x86)\DVDFab 9\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab 8 Profile Editor.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\ProfileEditor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab Online.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\Uninstall DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\DVDFab 8.lnk -> C:\Program Files (x86)\DVDFab 8\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 8\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\DVDFab Online.lnk -> C:\Program Files (x86)\DVDFab 8\DVDFab.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\Uninstall DVDFab 8.lnk -> C:\Program Files (x86)\DVDFab 8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6\DVDFab 6.lnk -> C:\Program Files (x86)\DVDFab 6\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6\DVDFab Online.lnk -> C:\Program Files (x86)\DVDFab 6\DVDFab.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6\Uninstall DVDFab 6.lnk -> C:\Program Files (x86)\DVDFab 6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Wave\CD Wave Editor.lnk -> C:\Program Files (x86)\CD Wave\CDWav.exe (MiLo Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Picture Style Editor\Picture Style Editor.lnk -> C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Web Service Registration Tool\EOS Web Service Registration Tool.lnk -> C:\Program Files (x86)\Canon\EOS Web Service Registration Tool\EOS Web Service Registration Tool.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2 Readme.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU2\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU2\EOS Utility 2.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 3 Readme.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU3\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Lens Registration Tool\EOS Lens Registration Tool.lnk -> C:\Program Files (x86)\Canon\EOS Lens Registration Tool\EOS Lens Registration Tool.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Digital Photo Professional 4\Digital Photo Professional 4.lnk -> C:\Program Files\Canon\Digital Photo Professional 4\Dpp4.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\readmeusa.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Scanner Settings\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\ScanRead.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Scanner Settings\Scanner Utility.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\BrScUtil.exe (Brother Industries Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Sending\How to use PC-FAX Sending.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\howtousebrotherpc.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Autorun Eater.lnk -> C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Farm Manual.lnk -> C:\Program Files (x86)\Autorun Eater\aehelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Uninstall Autorun Eater.lnk -> C:\Program Files (x86)\Autorun Eater\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Problem Report Wizard\Run ATI Problem Report Wizard.lnk -> C:\Program Files (x86)\ATI Technologies\PRW\amdprw.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC\PowerChute Personal Edition.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\PowerChute.exe (Schneider Electric)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Any Video Converter Ultimate on the Web.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.exe (Anvsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Uninstall Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter on the Web.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe (AnvSoft Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Uninstall Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon MP3 Downloader\Amazon MP3 Downloader.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\AmazonMP3Downloader.exe (Amazon.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon MP3 Downloader\Uninstall Amazon MP3 Downloader.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\CinemaNow\MediaManager\shortcuts\CinemaNow\CinemaNow Media Manager.lnk -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe (CinemaNow Inc.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk -> C:\Users\WAYNE\AppData\Local\HuluDesktop\HuluDesktop.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\Links\Desktop.lnk -> C:\Users\HP_Administrator\Desktop ()
Shortcut: C:\Users\HP_Administrator\Links\Downloads.lnk -> C:\Users\HP_Administrator\Downloads ()
Shortcut: C:\Users\HP_Administrator\Desktop\vanBasco's Karaoke Player.lnk -> C:\Program Files (x86)\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk -> C:\Users\HP_Administrator\AppData\Local\HuluDesktop\HuluDesktop.exe (Hulu LLC)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Drag-to-Disc Drive (E).lnk -> E:\ (No File)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk -> C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Amazon Cloud Player.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\Amazon Cloud Player.url ()
Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\Brother Creative Center.lnk -> C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url ()
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Digital Photo Professional 4.lnk -> C:\Program Files\Canon\Digital Photo Professional 4\Dpp4.exe (CANON INC.)
Shortcut: C:\Users\Public\Desktop\DVDFab 9 US.lnk -> C:\Program Files (x86)\DVDFab 9 US\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\Users\Public\Desktop\DVDFab 9.lnk -> C:\Program Files (x86)\DVDFab 9\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\Users\Public\Desktop\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Shortcut: C:\Users\Public\Desktop\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.)
Shortcut: C:\Users\Public\Desktop\honestech VHS to DVD 5.0 Deluxe User Guide.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5UG.pdf ()
Shortcut: C:\Users\Public\Desktop\honestech VHS to DVD 5.0 Deluxe.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5Starter.exe (Honest Technology)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\LP Recorder.lnk -> C:\Program Files (x86)\LP Recorder\LPRecorder.exe (CFB Software)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Picture Style Editor.lnk -> C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe (CANON INC.)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\REAPER (x64).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated)
Shortcut: C:\Users\Public\Desktop\Restored files for user Administrator.lnk -> C:\Administrator ()
Shortcut: C:\Users\Public\Desktop\Roxio Creator Home.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe ()
Shortcut: C:\Users\Public\Desktop\Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\Trader's Little Helper.lnk -> C:\Program Files (x86)\Trader's Little Helper\tralih.exe ()
Shortcut: C:\Users\Public\Desktop\TurboTax 2010.lnk -> C:\Windows\Installer\{A525E00B-6609-442E-9DCD-64453C233E8D}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2012.lnk -> C:\Windows\Installer\{F014B696-28C5-4554-802F-A15380418F53}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2013.lnk -> C:\Windows\Installer\{2A4EEB5C-3BA6-4299-A87F-783861B567D9}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2014.lnk -> C:\Windows\Installer\{F2283AA1-869C-4497-8F18-09E36C67A014}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\VDownloader.lnk -> C:\Program Files\VDownloader\VDownloader4.exe (Vitzo)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\WAYNE\Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Pictures\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Links\Desktop.lnk -> C:\Users\WAYNE\Desktop ()
Shortcut: C:\Users\WAYNE\Links\Downloads.lnk -> C:\Users\WAYNE\Downloads ()
Shortcut: C:\Users\WAYNE\Links\Dropbox.lnk -> C:\Users\WAYNE\Dropbox ()
Shortcut: C:\Users\WAYNE\Desktop\Amazing Slow Downer.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\Amazing.exe (Roni Music)
Shortcut: C:\Users\WAYNE\Desktop\Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Cloud Player.exe (Amazon)
Shortcut: C:\Users\WAYNE\Desktop\Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.exe (Anvsoft)
Shortcut: C:\Users\WAYNE\Desktop\Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe (AnvSoft Inc.)
Shortcut: C:\Users\WAYNE\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\WAYNE\Desktop\cmd.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab 6.lnk -> C:\Program Files (x86)\DVDFab 6\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab 8.lnk -> C:\Program Files (x86)\DVDFab 8\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab Profile Editor.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\ProfileEditor.exe ()
Shortcut: C:\Users\WAYNE\Desktop\FiOS Information.lnk -> C:\Users\WAYNE\AppData\Roaming\TechWizard\info.html ()
Shortcut: C:\Users\WAYNE\Desktop\Install Verizon Media Manager.lnk -> C:\Users\WAYNE\AppData\Roaming\TechWizard\mediamanager.exe ()
Shortcut: C:\Users\WAYNE\Desktop\psi - Shortcut.lnk -> C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)
Shortcut: C:\Users\WAYNE\Desktop\Update Checker.lnk -> C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
Shortcut: C:\Users\WAYNE\Desktop\vanBasco's Karaoke Player.lnk -> C:\Program Files (x86)\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk -> C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player\Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Cloud Player.exe (Amazon)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player\Uninstall Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Uninstall.exe (Amazon)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Amazing Slow Downer Help.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\ASD_help.chm ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Amazing Slow Downer.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\Amazing.exe (Roni Music)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Order Amazing Slow Downer.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\Order.txt ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Uninstall.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\uninstall.exe ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\SendTo\Drag-to-Disc Drive (E).lnk -> E:\ (No File)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\WAYNE\Dropbox ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink DVD Suite Premium.lnk -> C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\PS.exe (CyberLink Corp.)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Uninstall Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Uninstall.exe (Amazon)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials for QuickBooks, Quicken and TurboTax.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=quickenfc&pf=cndt&locale=en_us&bd=pavilion&c=104
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Download Store.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\HP Barnes & Noble Desktop eReader.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=onlinesvs&pf=cndt&locale=en_us&bd=all&c=104
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk -> C:\swsetup\APP\Applications\HP\HPPA\1.1\src\QuickLnk.exe (Hewlett-Packard Company) -> -exec /T:"c:\SWSETUP\APP\Applications\HP\HPPA\1.1\src\HPPA_Setup-1.1.1.5.exe" /L:"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation) -> -settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software) -> /NOADMIN
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Uninstall TomTom HOME 2.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Seagate Technology) -> C:\Program Files (x86)\Seagate\SeaTools for Windows\STX_Oz_multi.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Audio.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Audio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Backup.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Backup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Copy.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Copy
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Data.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Data
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\DVD and Video.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Video
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Photo.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Photo
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Tools.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Tools
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\Install REAPER (x64) to USB key or Removable Media.lnk -> C:\Program Files\REAPER (x64)\reaper-to-usb.bat () -> "C:\Program Files\REAPER (x64)"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64) (create new project).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated) -> -new
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64) (reset configuration to factory defaults).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated) -> -resetconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64) (show audio configuration on startup).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated) -> -audiocfg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda USB Vaccine\Panda USB Vaccine.lnk -> C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security) -> /resident /shownow
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\getonline.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=GETONLINE
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\Scanner Setup Wizard.lnk -> C:\Program Files (x86)\Nuance\PaperPort\ScannerWizardU.exe (Nuance Communications, Inc.) -> /A [PaperPort 12.1] /L [eng]
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Excel Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Excel Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Word Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Word Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Clip Organizer 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office 2010 Upload Center 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Picture Manager 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Starter To-Go Device Manager 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Starter To-Go Device Manager 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\infopath.exe (Microsoft Corporation) -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk -> C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk -> C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Getting Started.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe (Hewlett-Packard Company) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company) -> /p 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Music.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe (CyberLink Corp.) -> /MS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HP Setup.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> DESKTOP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HPAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCAlerts.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_ACTION_CENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDashboard.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_HEALTH_SECURITY TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDiscovery.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=ECENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDock.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Uninstall honestech VHS to DVD 5.0 Deluxe.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{44FF002B-5AB3-4447-8F98-614387B63EE6}\setup.exe (Acresso Software Inc. ) -> -runfromtemp -l0x0009 -uninst
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All MMO Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite\Carbonite InfoCenter.lnk -> C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite\Uninstall Carbonite.lnk -> C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteSetup.exe (Carbonite, Inc.) -> /remove
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Picture Style Editor\Picture Style Editor UnInstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Picture Style Editor\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Web Service Registration Tool\EOS Web Service Registration Tool Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Web Service Registration Tool\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2 Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Utility 2\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 3 Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Utility 3\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Lens Registration Tool\EOS Lens Registration Tool Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Lens Registration Tool\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Digital Photo Professional 4\Digital Photo Professional 4 Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Digital Photo Professional 4 (x64)\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\ControlCenter4.lnk -> C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) -> /model="MFC-7360N"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Installation Diagnostics.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\Brinstck.exe (Brother Industries, Ltd.) -> -R MFC-7360N
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\On-Line Registration.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\Brolink\Brolink0.exe (Brother Industories, Ltd.) -> OLR_URL /mMFC-7360N
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Remote Setup.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\brmfrmss.exe (Brother Industries Ltd.) -> LCL "MFC-7360N"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Status Monitor.lnk -> C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) -> MFC-7360N /BRINFOSHOW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\UnInstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0009 UNINSTALL Reg=BLL-FB,Brother MFC-7360N,USB
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Scanner Settings\Scanners and Cameras.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ScannersAndCameras
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Sending\PC-FAX Address Book.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\AddrBook.exe (Brother Industries, Ltd.) -> PCFAX TOP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Sending\PC-FAX Setup.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\PCfxSet.exe (Brother Industries, Ltd.) -> PCFAX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Receiving\Receive.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe (Brother Industries, Ltd.) -> LCL "MFC-7360N" -RM0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Problem Report Wizard\Uninstall ATI Problem Report Wizard.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {5F146AD2-9F9B-5284-CD9D-40C881E3ACEC}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallApp
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /DelRP
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallDriver
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /RecoveryReport
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /CDCreator
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\HP Setup\launchreg.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=Registration
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\base\launch_base.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=GETONLINE
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Public\Desktop\Carbonite InfoCenter.lnk -> C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) -> /open
ShortcutWithArgument: C:\Users\Public\Desktop\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Seagate Technology) -> C:\Program Files (x86)\Seagate\SeaTools for Windows\STX_Oz_multi.ico
ShortcutWithArgument: C:\Users\WAYNE\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\WAYNE\Desktop\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company) -> /p 2
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Excel\Rental%20mileage%202015304893852255843086\Rental%20mileage%202015.xls.lnk -> C:\Users\WAYNE\Documents\Rental\Rental mileage 2015.xls () -> 55
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda USB Vaccine\Panda USB Vaccine on the Web.url -> hxxp://research.pandasecurity.com/archive/Panda-USB-and-AutoRun-Vaccine.aspx
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\Live Help by dSupportOnline.url -> hxxp://dsupportonline.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\www.foolishit.com.url -> hxxp://www.foolishit.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\DVDFab Online.url -> hxxp://www.dvdfab.cn/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\DVDFab Online.url -> hxxp://www.dvdfab.cn/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Brother Creative Center.url -> "hxxp://www.brother.com/creativecenter/?WT.mc_id=AF"
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\On-line help and FAQ's.url -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=mfc316&LNG=en&SRC=FAQ
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\User's Guides.url -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=mfc316&LNG=en&SRC=DOC
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Visit The Farm!.url -> hxxp://oldmcdonald.wordpress.com/
InternetURL: C:\Users\Default\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart
InternetURL: C:\Users\Default\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Users\Default\Favorites\Links\Customize Links.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=CLinks
InternetURL: C:\Users\Default\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
InternetURL: C:\Users\Default\Favorites\Links\Windows Marketplace.url -> hxxp://go.microsoft.com/fwlink/?LinkId=30857&clcid=0x409
InternetURL: C:\Users\Default\Favorites\Links\Windows Media.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windowsmedia
InternetURL: C:\Users\Default\Favorites\Links\Windows.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windows
InternetURL: C:\Users\Default\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\HP_Administrator\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\HP_Administrator\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\HP_Administrator\Favorites\Links\Ebay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=ebay&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Links\HP - See What's Hot.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=webslice&tp=iefavbar&pf=cndt&locale=en_us&bd=pavilion&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Links\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=myhpgames&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\CyberLink Product Support.url -> hxxps://membership.cyberlink.com/prog/support/cs/service/my-stuff.do
InternetURL: C:\Users\WAYNE\Favorites\Days of Vinyl email.url -> hxxps://www.google.com/a/daysofvinyl.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fa%2Fdaysofvinyl.com%2F&bsv=1eic6yu9oa4y3<mpl=default<mplcache=2
InternetURL: C:\Users\WAYNE\Favorites\Flash Drive Disinfector does not run - nothing happens - Page 2#entry1964349.url -> hxxp://www.geekstogo.com/forum/topic/294342-flash-drive-disinfector-does-not-run-nothing-happens/page__pid__1964349__st__15#entry1964349
InternetURL: C:\Users\WAYNE\Favorites\Geeks To Go browser redirect.url -> hxxp://www.geekstogo.com/forum/topic/293644-cant-get-rid-of-browser-redirects-willing-to-wipe-disk/page__pid__1957359__st__30#entry1957359
InternetURL: C:\Users\WAYNE\Favorites\How do I uninstall antivirus or antispyware programs Microsoft Security Essentials.url -> hxxp://www.microsoft.com/security_essentials/helpTopic.aspx?assetid=4cae1455-6ead-493c-b5d8-7c88f39c0656&mkt=en-us
InternetURL: C:\Users\WAYNE\Favorites\HP Instant Care.url -> hxxps://h50203.www5.hp.com/CSMWeb/customer/ChatUser.aspx?User=Wayne%20Kern&caseID=13410713&callfrom=null®ion=NA&country=US:US&origin=acc
InternetURL: C:\Users\WAYNE\Favorites\Photos LIGHTS.url -> hxxp://www.iamlights.com/media/photos
InternetURL: C:\Users\WAYNE\Favorites\Verizon Webmail.url -> hxxp://webmail.verizon.com/netmail/driver?nimlet=deggetfolder
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Activate FiOS Service.url -> hxxps://activatemyfios.verizon.net
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Broadband Extras.url -> hxxp://www22.verizon.com/ResidentialHelp/FiOSInternet/General+Support/Essentials+And+Extras/Essentials+And+Extras.htm
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Digital Voice Account Manager.url -> hxxps://www36.verizon.com/fiosvoice/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Equipment and Accessories Store.url -> hxxp://www.verizon.com/fiosaccessories
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Media Manager.url -> hxxp://www.verizon.com/mediamanager
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Support Home.url -> hxxp://www22.verizon.com/fioshelp
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS TV Central.url -> hxxp://www.verizon.com/fiostvcentral
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS TV Channel Lineup.url -> hxxp://www22.verizon.com/Content/FiOSTV/channel+lineup/channel+lineup.htm?zipCode=21093
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Free Tools for VOL Customers.url -> hxxp://www.verizon.net/freetools
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Home Voice Mail Quick Start.url -> hxxp://www22.verizon.com/ResidentialHelp/Phone/Calling+Features/Home+Voice+Mail/Questions+and+Answers/96579.htm
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Message Center.url -> hxxp://webmail.verizon.com/signin/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Refer-a-Friend.url -> hxxps://www.sharethenetwork.com/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Reset VOL Password.url -> hxxp://netservices.verizon.net/portal/link/main/forgotpassword
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Speed Optimization.url -> hxxp://www2.verizon.net/help/fios_settings/optimizer/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon Gaming Site.url -> hxxp://games.verizon.com/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon In Home Agent.url -> hxxp://www.verizon.com/connect
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon Speedtest.url -> hxxp://www2.verizon.net/micro/speedtest/java/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon Store Locator.url -> hxxps://www22.verizon.com/Residential/Templates/sas/sas_StoreLocator_results.aspx?State=MD&SName=Maryland
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon WiFi.url -> hxxp://www.verizon.com/wifi
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\WAYNE\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\WAYNE\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\WAYNE\Favorites\Links\Ebay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=ebay&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\Links\HP - See What's Hot.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=webslice&tp=iefavbar&pf=cndt&locale=en_us&bd=pavilion&c=104
InternetURL: C:\Users\WAYNE\Favorites\Links\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=myhpgames&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\Links\Suggested Sites (2).url -> hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\WAYNE\Favorites\Links\Suggested Sites.url -> 0
InternetURL: C:\Users\WAYNE\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\WAYNE\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
==================== End of Shortcut.txt =============================
#26
Posted 31 December 2015 - 01:35 PM
#27
Posted 31 December 2015 - 04:24 PM
Enable
#28
Posted 31 December 2015 - 06:34 PM
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Update Init
Update Download
Update Finalize
Updated modules version: 27444
C:\Users\WAYNE\AppData\Roaming\uTorrent\uTorrent.exe.9699.tmp a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
#29
Posted 31 December 2015 - 06:35 PM
I'll do bitdefender quickscan tomorrow. Thanks. Happy New Year!
#30
Posted 01 January 2016 - 07:11 AM
C:\Users\WAYNE\AppData\Roaming\uTorrent\uTorrent.exe.9699.tmp a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting - quarantined
------------------------------------
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Update Init
Update Download
Update Finalize
Updated modules version: 27444
-----------------------------------------
You’re Good To Go! No Active Viruses Found.
Keep your computer clean with Bitdefender Internet Security!
----------------------
Happy New Year, Ron, and thanks for all your help so far.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users