Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Infection Win32:Evo-gen [Susp] & "offers4u" pop-up ads


  • Please log in to reply

#16
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 30/12/2015 4:01:43 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 30/12/2015 5:53:58 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:53:58.236]: [00001112]: Initialize TwdsMain Class failed!

Log: 'Application' Date/Time: 30/12/2015 5:53:58 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:53:58.224]: [00001112]: ##### Fatal ERROR!! Create STI-device failed! #####

Log: 'Application' Date/Time: 30/12/2015 5:53:58 PM
Type: Error Category: 0
Event: 1001 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:53:58.223]: [00001112]: BrStiIf: GetDeviceList Failed! pStiInfo = 0x0..  

Log: 'Application' Date/Time: 30/12/2015 7:23:19 AM
Type: Error Category: 0
Event: 12298 Source: VSS
Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\. The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully. ], Flush[0x00000000, The operation completed successfully. ], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced. ], OnRun[0x00000000, The operation completed successfully. ].

Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Log: 'Application' Date/Time: 30/12/2015 7:23:18 AM
Type: Error Category: 0
Event: 12310 Source: VSS
Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out. Error context: DeviceIoControl(\\?\Volume{a3ee7c83-2453-11e0-adba-806e6f6e6963} - 000000000000013C,0x0053c010,0000000000355380,0,0000000000354370,4096,[0]).

Operation:
   Committing shadow copies

Context:
   Execution Context: System Provider

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 30/12/2015 8:20:22 PM
Type: Warning Category: 0
Event: 2400 Source: HP Active Health
Error getting process: The given key was not present in the dictionary.

Log: 'Application' Date/Time: 30/12/2015 8:20:06 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl GET EmbeddedController.AuditLog.JSON command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)

Log: 'Application' Date/Time: 30/12/2015 8:20:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl GET Diags.PostCodeError command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)

Log: 'Application' Date/Time: 30/12/2015 6:10:56 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:56.560]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492

Log: 'Application' Date/Time: 30/12/2015 6:10:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:51.635]: [00001112]: Save Header failed

Log: 'Application' Date/Time: 30/12/2015 6:10:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:51.635]: [00001112]:   Save BMP Header saved. save size = 62

Log: 'Application' Date/Time: 30/12/2015 6:10:51 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:51.626]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492

Log: 'Application' Date/Time: 30/12/2015 6:10:42 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:42.979]: [00001112]: Skip JpegDecInitialize

Log: 'Application' Date/Time: 30/12/2015 6:10:00 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:10:00.063]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492

Log: 'Application' Date/Time: 30/12/2015 6:09:55 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:55.221]: [00001112]: Save Header failed

Log: 'Application' Date/Time: 30/12/2015 6:09:55 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:55.221]: [00001112]:   Save BMP Header saved. save size = 62

Log: 'Application' Date/Time: 30/12/2015 6:09:55 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:55.216]: [00001112]: Scan buffer doesn't have enough memory. ScanBuffRemain = 0, ScanDecOuputMax = 492

Log: 'Application' Date/Time: 30/12/2015 6:09:46 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 13:09:46.206]: [00001112]: Skip JpegDecInitialize

Log: 'Application' Date/Time: 30/12/2015 5:55:37 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:37.933]: [00001112]: Save Header failed

Log: 'Application' Date/Time: 30/12/2015 5:55:37 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:37.933]: [00001112]:   Save BMP Header saved. save size = 54

Log: 'Application' Date/Time: 30/12/2015 5:55:37 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:37.929]: [00001112]: Result status = 2

Log: 'Application' Date/Time: 30/12/2015 5:55:22 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:55:22.575]: [00001112]: ScanDecPageStart() or JpegDecOpen() succeed. IsBandDecMode = 0

Log: 'Application' Date/Time: 30/12/2015 5:54:35 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:54:35.918]: [00001112]: Save Header failed

Log: 'Application' Date/Time: 30/12/2015 5:54:35 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:54:35.918]: [00001112]:   Save BMP Header saved. save size = 54

Log: 'Application' Date/Time: 30/12/2015 5:54:35 PM
Type: Warning Category: 0
Event: 1002 Source: Brother BrLog
TWN BrtTWN: [2015/12/30 12:54:35.914]: [00001112]: Result status = 2
 


  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Do you have a subscription to Carbonite?  If not uninstall the program.

 

You have two programs that are causing a delay in boot and may not be working at all.

 

PowerChute Personal Edition 3.0.2 

IHA_MessageCenter   by Verizon

 

I would uninstall them both and if you  use then then download and install the latest version.


  • 0

#18
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Do you have a subscription to Carbonite?....Yes.  I can't find a way to update to latest software.

 

You have two programs that are causing a delay in boot and may not be working at all.

 

PowerChute Personal Edition 3.0.2 ...I'm using this. I have the latest version.

IHA_MessageCenter   by Verizon....I uninstalled it.


  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP
You can update to the latest version of Carbonite from within the Carbonite InfoCenter.

 

Or so says Carbonite.

 

Looking back over your FRST logs I see you have remnants from Lavasoft but do not see it in the install list.  Let's remove them as they may be causing problems.

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

  • 0

#20
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Fix result of Farbar Recovery Scan Tool (x64) Version:28-12-2015
Ran by WAYNE (2015-12-31 10:42:40) Run:2
Running from C:\Users\WAYNE\Desktop
Loaded Profiles: WAYNE (Available Profiles: WAYNE & HP_Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [345360 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-10-26] (Lavasoft Limited)
CMD: netsh winsock reset catalog
EmptyTemp:





*****************

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015 => key not found.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015 => key not found.

=========  netsh winsock reset catalog =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========

EmptyTemp: => 428.2 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:51:26 ====


  • 0

#21
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-12-2015
Ran by WAYNE (2015-12-31 11:13:44)
Running from C:\Users\WAYNE\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-01-20 02:19:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3431438650-1370896122-3677072999-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3431438650-1370896122-3677072999-1007 - Limited - Enabled)
Guest (S-1-5-21-3431438650-1370896122-3677072999-501 - Limited - Disabled)
HP_Administrator (S-1-5-21-3431438650-1370896122-3677072999-1001 - Limited - Enabled) => C:\Users\HP_Administrator
WAYNE (S-1-5-21-3431438650-1370896122-3677072999-1000 - Administrator - Enabled) => C:\Users\WAYNE

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version:  - )
Amazon Cloud Player (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter Ultimate 5.8.4 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Problem Report Wizard (Version: 3.0.821.0 - ATI Technologies) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Autorun Eater v2.6 (HKLM-x32\...\Autorun Eater_is1) (Version: 2.6 - Old McDonald's Farm)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.2.10.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 0.9.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.2.10.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.15.10.0 - Canon Inc.)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.9 build 5385 (Sep-01-2015) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CD Wave Editor version 1.72 (HKLM-x32\...\CD Wave_is1) (Version: 1.72 - )
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.0.8.5 (19/03/2011) (HKLM-x32\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.2.7 (06/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.1.3.6 (20/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.1.6.3 (18/08/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version:  - Fengtao Software Inc.)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech)
honestech VHS to DVD 5.0 Deluxe (x32 Version: 5.0 - honestech) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
LP Recorder (HKLM-x32\...\{375DBB30-93A7-11DF-6DF1-00CE5F8B1649}) (Version: 10.1.1.0 - CFB Software)
LP Ripper (HKLM-x32\...\LP Ripper) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4779.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 43.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Scansoft PDF Professional (x32 Version:  - ) Hidden
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Secunia PSI (3.0.0.9015) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia)
Sonic Activation Module (x32 Version: 1.0 - Sonic Solutions) Hidden
Spectro (HKLM-x32\...\{1F8D186D-8C5C-4589-BC28-1A8964CA74A6}) (Version: 1.0.93 - )
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
TreeSize Free V3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2 - JAM Software)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
USB2.0 VIDBOX NW03  (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 3.0.2 - honestech)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version:  - )
VDownloader 4.2.1721 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05C2AFAB-1669-4270-B908-5AEDD12DCF61} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {16C2F780-8534-4282-B1EE-33BCCCF95A84} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {1B4261BA-A30F-4406-9D87-7169711543CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {1ED38ACE-7320-463D-B7D4-BA97BC94FBD2} - System32\Tasks\{3DB4B822-8F0A-4B6B-897B-25EEC36E6544} => pcalua.exe -a C:\Users\WAYNE\Downloads\vkaraoke.exe -d C:\Users\WAYNE\Downloads
Task: {27960216-22B7-4BAC-856B-52003E27175B} - System32\Tasks\{9E5E5D76-BEA8-4241-A71B-A2DC4B79C73D} => pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller.exe -d C:\Users\WAYNE\Downloads
Task: {2A3931BA-E0C3-4885-89B0-CF2DB953B0CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {37B96978-7AAA-4A05-92FB-12AF041C1DA7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-01] (Dropbox, Inc.)
Task: {3C7172BA-E154-4210-81CB-80B0F1CEABBE} - System32\Tasks\{12388B71-6B6D-4F1F-AB05-2E3B3F581A78} => pcalua.exe -a C:\Users\WAYNE\Downloads\jxpiinstall.exe -d C:\Users\WAYNE\Downloads
Task: {45938A5E-07A4-40EB-99B4-EDDB8E4C498C} - System32\Tasks\HPCeeScheduleForWAYNE => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {4F2FA1CA-FB1A-428A-8EF5-761FE1413DB5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-25] (AVAST Software)
Task: {550479C4-DFA9-41A2-94AB-EA4905FB0BA5} - System32\Tasks\{FC5269F4-123B-49B8-9E24-CA0B9F4B4AF0} => pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(2).exe -d C:\Users\WAYNE\Downloads
Task: {5BB13A09-50D5-4B37-AB94-3DBB5BB4D7DD} - System32\Tasks\{E9A83544-B7AA-4216-87AA-1AA7A5F2C905} => pcalua.exe -a C:\Users\WAYNE\Desktop\Flash_Disinfector.exe -d C:\Users\WAYNE\Desktop
Task: {603B1BC1-40AE-4B6F-9F51-2B14962F1D87} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {6724A5B4-790C-4CA0-B06A-65E303E20F9F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-01] (Dropbox, Inc.)
Task: {675314EA-5203-4440-AC82-3BEFFBA103BA} - System32\Tasks\{8C5E6A49-B6CB-41EE-8711-9EB2A2B82850} => pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(1).exe -d C:\Users\WAYNE\Downloads
Task: {6E4CD1FA-6DC5-4D8A-8716-F7CC7967466A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {72BF3A2D-806A-406C-B41D-5255FC320731} - System32\Tasks\{B3BFC816-702E-46B2-B817-F37852601A84} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {737D388B-8F48-4B1B-87DB-2CC1255EA968} - System32\Tasks\{B75BA780-F5C2-489E-96D9-B441EA0F8F48} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2015-09-01] (Carbonite, Inc.)
Task: {742C998D-9267-4B64-BB56-9C85614E5EC7} - System32\Tasks\{3B88E11C-6EEE-4B9C-A1F4-ABB279A8096C} => C:\Program Files (x86)\SpywareGuard\sgmain.exe
Task: {81821ACE-5831-4B79-8C1C-F8757FC95A30} - System32\Tasks\{7E68DA7F-2A76-4A84-BFB3-3B6DAA99BDF6} => C:\Users\WAYNE\Downloads\AdobeFlashPlayer_11.5.502.110_ax_SPS.exe
Task: {853CBFC1-6356-4CA1-BA08-4313C37F6F63} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {8709F0BF-D924-4F2F-A3D1-2E2B270BD379} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {8B16E2C5-FF87-41D9-9310-00FC75F06ABA} - System32\Tasks\{5FBB4B39-272E-4C4F-878B-627233C1A795} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {90024603-975D-469C-9ED7-EB984DF25BE7} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {92900472-CCE7-4634-A6DF-2313F23006A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {96C51570-8E87-4313-AD2F-98C8E36472AA} - System32\Tasks\{08CE54A7-1A03-44FB-8194-D45D469175DF} => pcalua.exe -a C:\Users\WAYNE\Desktop\vkaraoke.exe -d C:\Users\WAYNE\Desktop
Task: {9995EF72-A48A-4938-A1FE-F1A0E656C81A} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {9A617CA1-D496-49CF-8C59-6C4746907AC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {9E67EE41-AB70-4A98-92E3-731CE177AB97} - System32\Tasks\{94E71E9B-7B6C-401D-89CE-5E5DDAF5EAAE} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {AE3980D1-1FE5-44BE-A011-6C1A3265EC0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {BB7E4936-8FFC-4A58-8994-E027535C3860} - System32\Tasks\{DFF6108C-8171-4724-9F72-B13C97BB0FE3} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2015-09-01] (Carbonite, Inc.)
Task: {BC8C5626-4357-4D2B-A51E-879F72E6550C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-30] (Microsoft Corporation)
Task: {C2F3AA2F-D1DD-4ED5-8558-26C8DF0EE90C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {C307104F-E043-49FD-8FB4-01AEA8ADA1FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForWAYNE.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-03 07:08 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-31 07:46 - 2015-12-31 07:46 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\15123100\algo.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2011-02-24 17:39 - 2011-02-24 17:39 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-02-24 17:39 - 2011-02-24 17:39 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2015-12-25 17:10 - 2015-12-25 17:10 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-12 12:51 - 2015-10-30 19:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-12 12:51 - 2015-10-30 19:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-12 12:51 - 2015-12-08 16:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-12 12:51 - 2015-10-30 19:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-12 12:51 - 2015-12-08 16:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-12 12:51 - 2015-10-30 20:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-12 12:51 - 2015-12-08 16:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-12 12:51 - 2015-10-30 20:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-12 12:51 - 2015-10-30 20:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-07-03 07:08 - 2014-11-21 03:48 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:BF3D62E7

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100sexlinks.com -> 100sexlinks.com

There are 5317 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-09-09 19:26 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
::1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NCPluginUpdater => "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: VDownloader => C:\Program Files\VDownloader\VDownloader.exe /silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CB294ACD-D0CF-4C64-9517-EAA1E8C82191}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{E4C10304-B167-49A7-B8F9-EF0AEB8348AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{B01C7204-5A4C-4C9C-8465-682631F1000F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{98440DB8-2495-4977-B40D-EE5E4B6FAD9C}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{6BB97294-8CC8-48E7-84D6-A6E930E9B231}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{9D74DCAC-7F67-4BB9-ACC1-DE04A6329CE3}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{336FE86C-EB9A-4D72-83BF-246E3FF370AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{160F4AE6-6B5A-4D91-97C4-3BD5C9E270D0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{C2602CD6-DF88-40F2-8F6E-8B3E909DF17D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{F4E7C279-EA5A-4BCD-A4BF-E3005F905BBB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{77830A32-BAC9-4339-8335-778B2BEC9AB1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{67F7F85E-CC62-4C95-8D74-1D1AA6C9051E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
FirewallRules: [{7FCB2DEC-6E0D-4B3D-A3DD-9B42D3518917}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{F400B9B3-2F3E-4462-B5EC-FB44A14053BA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{72BD1BDC-DA9E-4157-BD2D-8608190FD0C6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7F10951C-ED22-4BAE-BFF3-25A1C2831814}] => (Allow) svchost.exe
FirewallRules: [{7C4F56A3-4AA8-475F-BD46-E05B2FD0CAE2}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{15AD9551-76A1-40F2-BEF4-80F1A5398027}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{000B10B1-9481-4704-B8FA-846D51A186D2}] => (Allow) LPort=2869
FirewallRules: [{203F77E6-7637-43E0-BE3A-7C7C067F64B5}] => (Allow) LPort=1900
FirewallRules: [{6D360B3C-04FA-47D0-A750-59718E04C8D7}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{D1574A07-9E09-4944-8DE0-DB54A01545CF}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{68B43291-7D97-4EBF-B4F9-A762C00D37F8}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{C22006C3-D83C-4CE2-AAFD-02449499C8F0}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
FirewallRules: [{73308006-0A55-4313-B1A9-39094A5DC029}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{77DC15B9-AB02-4A94-9549-95F54946859A}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{70C0580B-EBA2-4B35-8DC8-0D5DA8DD9B70}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{0869C632-DF9D-4C8B-BDED-D88AF67B8378}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
FirewallRules: [{BBDC9B63-4BA7-44C9-9BF4-2883A39BD742}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdater.exe
FirewallRules: [{3A00BBDD-B091-47C3-9B3D-452D7780CA41}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{15CB24E3-01C5-45AE-A0B5-86108859B8ED}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{97363095-2633-423D-8947-AA1CF612207E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{075AFA60-1457-42BD-9E5D-DAB184E573C6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [{0386B9E5-7085-4EEA-B4BC-DB3BA49C6D15}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
FirewallRules: [TCP Query User{B34A4DF5-D5A0-43E5-8B96-19DCFEF80EB4}F:\techwizard.exe] => (Allow) F:\techwizard.exe
FirewallRules: [UDP Query User{5FFCB1B7-05EA-4140-8D76-CBE5B4AAD1BF}F:\techwizard.exe] => (Allow) F:\techwizard.exe
FirewallRules: [{B154E613-8AC0-42AF-9480-1A961B18FA84}] => (Allow) LPort=50000
FirewallRules: [{D63FE239-F915-4AA9-B2F2-0F8DD3039D76}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{BF8B1AD8-AE80-44AC-BD16-C2A136A43A17}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{962B06F3-87C3-4787-9061-674ED3A0EB4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B16158EA-CFCF-463A-ACEC-4A7E082995B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{458BA114-ADA5-4EDD-808C-EE935F6381A3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{FCBF5BD8-FA13-471A-96DB-C3231AF87209}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{804DDBBB-CA8B-4922-BF68-483E7F26F6EE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{AFD73BC9-AD58-498A-9EEF-1760D490B48D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5CB780DC-732E-49A7-BE71-181CC8B4196A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{0B9623EB-1111-4A92-8CA0-4A71C66BBE8C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{9C5DB092-EEF9-41E2-AB2A-C4199759F6C9}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{3AAC0BF2-6C0B-4A92-8E1A-878B7CD25410}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{C26D7715-D0F9-41F4-9CEC-4A874E5256E5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{CF019F7A-9295-453C-8469-3D6B2E411257}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{560C430D-0D9B-4BAB-9F44-AE808FAE6A6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D576B179-3A1C-43CE-93C5-00B41B8E9843}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{121FEF0C-34F0-4631-8670-BE99915DD229}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0D8510A3-D231-44D7-B123-AF7F7D4D1433}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7529187B-B1A2-4564-989D-22E67C7813CC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{453D4BC5-EDD6-4EA2-8A67-1DAFA2AD43D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{896E11AB-D6C5-4476-9C26-0FCADA9E4357}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{513CDA7D-4471-47B2-91C9-EBB159306A85}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{0B3C8FE2-6BC6-4559-B4C9-6C48AC889B34}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{88ECE08A-C9D8-40A4-8848-526DCA75A919}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0BB612AE-C6EA-43D2-9972-A8075D7882F7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9AF168E8-1C33-4B63-8982-7727C37CA6D5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{55542234-B119-45CE-AD13-BC246B72B688}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

26-12-2015 02:00:23 Windows Backup
27-12-2015 02:00:14 Windows Backup
28-12-2015 02:00:14 Windows Backup
29-12-2015 02:00:13 Windows Backup
29-12-2015 04:15:26 Windows Update
30-12-2015 02:00:23 Windows Backup
30-12-2015 19:44:42 Removed IHA_MessageCenter
31-12-2015 02:00:17 Windows Backup

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2015 10:59:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070013, The media is write protected.
.

Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]

Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070013, The media is write protected.
.

Error: (12/31/2015 10:52:44 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070013, The media is write protected.
]

Error: (12/31/2015 10:52:43 AM) (Source: APC UPS Service) (EventID: 28688) (User: NT AUTHORITY)
Description: PowerChute not communicating with the battery backup.

Error: (12/30/2015 12:53:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/30 12:53:58.236]: [00001112]: Initialize TwdsMain Class failed!

Error: (12/30/2015 12:53:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/30 12:53:58.224]: [00001112]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (12/30/2015 12:53:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/12/30 12:53:58.223]: [00001112]: BrStiIf: GetDeviceList Failed! pStiInfo = 0x0..

Error: (12/30/2015 02:23:19 AM) (Source: VSS) (EventID: 12298) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x00000000, The operation completed successfully.
], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
], OnRun[0x00000000, The operation completed successfully.
].


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet


System errors:
=============
Error: (12/31/2015 10:59:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053

Error: (12/31/2015 10:59:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.

Error: (12/30/2015 02:23:28 AM) (Source: volsnap) (EventID: 8) (User: )
Description: The flush and hold writes operation on volume C: timed out while waiting for a release writes command.

Error: (12/29/2015 06:25:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The APC Data Service service failed to start due to the following error:
%%1053

Error: (12/29/2015 06:25:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the APC Data Service service to connect.

Error: (12/29/2015 06:24:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The IHA_MessageCenter service failed to start due to the following error:
%%1053

Error: (12/29/2015 06:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the IHA_MessageCenter service to connect.


CodeIntegrity:
===================================
  Date: 2014-08-12 22:08:56.249
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-12 22:08:55.672
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Athlon™ II X4 635 Processor
Percentage of memory in use: 49%
Total physical RAM: 4095.29 MB
Available physical RAM: 2051.57 MB
Total Virtual: 8188.78 MB
Available Virtual: 5896.36 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:583.63 GB) (Free:326.98 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.44 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Elements) (Fixed) (Total:465.76 GB) (Free:60.19 GB) NTFS
Drive i: (HP v125w) (Removable) (Total:3.73 GB) (Free:1.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 489EA3C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=583.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0002744A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)

==================== End of Addition.txt ============================

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-12-2015
Ran by WAYNE (administrator) on WAYNE-HP (31-12-2015 11:11:37)
Running from C:\Users\WAYNE\Desktop
Loaded Profiles: WAYNE (Available Profiles: WAYNE & HP_Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Vitzo) C:\Program Files\VDownloader\VDownloader4.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Old McDonald's Farm) C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Old McDonald's Farm) C:\Program Files (x86)\Autorun Eater\billy.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [4193280 2015-12-20] (Vitzo)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-25] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Autorun Eater] => C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe [522720 2012-02-17] (Old McDonald's Farm)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1066192 2015-09-01] (Carbonite, Inc.)
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bincom <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\windowsxp-kb969084-x86-enu.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\inst.exe <====== ATTENTION
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-25] (AVAST Software)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2015-09-01] (Carbonite, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-07-17]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F07011C9-A074-4415-A7C9-4344A2CBEBD4}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL =
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-25] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-25] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\7m8eqczb.default-1435330639172
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! (Avast)
FF DefaultSearchEngine.US: Yahoo! (Avast)
FF DefaultSearchUrl: hxxps://search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxp://briansetzer.com/
FF Keyword.URL: hxxps://search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security, S.L.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: @citrixonline.com/appdetectorplugin -> C:\Users\WAYNE\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-27] (Citrix Online)
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll [2012-08-06] (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\crexsguw.Test profile\searchplugins\yahoo-avast.xml [2015-12-29]
FF SearchPlugin: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\7m8eqczb.default-1435330639172\searchplugins\yahoo-avast.xml [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-21] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-25]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-25]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-20]
CHR Extension: (Google Docs) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-20]
CHR Extension: (Google Drive) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-20]
CHR Extension: (YouTube) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-20]
CHR Extension: (Google Search) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18]
CHR Extension: (Google Sheets) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-18]
CHR Extension: (Google Wallet) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-20]
CHR Extension: (Gmail) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-25] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-01] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-01] (Dropbox, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 stllssvr; "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-25] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
R0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-31 10:52 - 2015-12-31 10:52 - 00000000 _____ C:\Windows\SysWOW64\shoD49A.tmp
2015-12-30 15:59 - 2015-12-30 16:01 - 00006755 _____ C:\VEW.txt
2015-12-30 15:57 - 2015-12-30 15:57 - 00061440 _____ ( ) C:\Users\WAYNE\Desktop\VEW.exe
2015-12-30 12:55 - 2015-12-30 12:55 - 02740982 _____ C:\Users\WAYNE\Documents\coconut Black eyed peas pg 2.pdf
2015-12-30 12:54 - 2015-12-30 12:54 - 02012101 _____ C:\Users\WAYNE\Documents\coconut Black eyed peas pg 1.pdf
2015-12-29 18:22 - 2015-12-29 18:22 - 00003544 ____N C:\bootsqm.dat
2015-12-29 13:16 - 2015-12-29 14:09 - 00000000 ____D C:\AdwCleaner
2015-12-29 13:11 - 2015-12-29 13:11 - 01743360 _____ C:\Users\WAYNE\Desktop\AdwCleaner.exe
2015-12-29 11:11 - 2015-12-29 11:11 - 00000000 _____ C:\Windows\SysWOW64\sho8B4D.tmp
2015-12-29 09:20 - 2015-12-31 10:51 - 00003235 _____ C:\Users\WAYNE\Desktop\Fixlog.txt
2015-12-28 23:33 - 2015-12-29 11:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-28 22:48 - 2015-12-31 11:12 - 00041805 _____ C:\Users\WAYNE\Desktop\FRST.txt
2015-12-28 22:48 - 2015-12-29 14:37 - 00062562 _____ C:\Users\WAYNE\Desktop\Addition.txt
2015-12-28 22:47 - 2015-12-31 11:11 - 00000000 ____D C:\FRST
2015-12-28 22:43 - 2015-12-28 22:43 - 02370560 _____ (Farbar) C:\Users\WAYNE\Desktop\FRST64.exe
2015-12-28 14:18 - 2015-12-28 14:18 - 00002098 _____ C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
2015-12-28 14:18 - 2015-12-28 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2015-12-26 19:40 - 2015-12-26 19:41 - 00001683 _____ C:\Users\Public\Desktop\VDownloader.lnk
2015-12-26 19:40 - 2015-12-26 19:41 - 00000000 ____D C:\Users\WAYNE\AppData\Local\VDownloader
2015-12-26 19:40 - 2015-12-26 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader
2015-12-26 19:40 - 2015-08-27 16:48 - 00444283 _____ C:\Program Files\Common Files\WinPcapNmap.exe
2015-12-25 17:10 - 2015-12-25 17:10 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-25 17:10 - 2015-12-25 17:10 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-25 16:57 - 2015-12-25 16:57 - 02721280 _____ C:\Users\WAYNE\Downloads\msxml6_x64 (1).msi
2015-12-25 16:46 - 2015-12-25 16:46 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\Opera Software
2015-12-25 16:46 - 2015-12-25 16:46 - 00000000 ____D C:\Users\WAYNE\AppData\Local\Opera Software
2015-12-25 16:45 - 2015-12-25 16:47 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-25 16:43 - 2015-12-26 19:41 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\VDownloader
2015-12-25 16:41 - 2015-12-25 16:41 - 00017088 _____ C:\Users\WAYNE\Desktop\Restore Report 12-25-2015 04-39-11PM.html
2015-12-25 13:41 - 2015-12-25 13:41 - 00002111 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2015-12-25 13:41 - 2015-12-25 13:41 - 00000000 ____D C:\Users\Public\Foxit Software
2015-12-25 13:41 - 2015-12-25 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-12-24 18:17 - 2015-12-24 18:18 - 09079391 _____ C:\Users\WAYNE\Downloads\Attachments(1).zip
2015-12-23 19:33 - 2015-12-23 19:33 - 00000000 ____D C:\Users\WAYNE\AppData\Local\CANON_INC
2015-12-23 19:18 - 2015-12-23 19:18 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\Canon_Inc_IC
2015-12-23 19:16 - 2015-12-23 19:16 - 00001163 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-12-23 19:16 - 2015-12-23 19:16 - 00001033 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-12-23 19:15 - 2015-12-23 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-23 19:15 - 2015-12-23 19:16 - 00000000 ____D C:\Program Files (x86)\Canon
2015-12-23 19:15 - 2015-12-23 19:15 - 00000892 _____ C:\Users\Public\Desktop\Digital Photo Professional 4.lnk
2015-12-23 19:15 - 2015-12-23 19:15 - 00000000 ____D C:\Program Files\Canon
2015-12-23 19:13 - 2015-12-23 19:13 - 00000000 ____D C:\Users\WAYNE\AppData\Roaming\canon
2015-12-23 19:12 - 2015-12-23 19:12 - 00000000 ____D C:\ProgramData\Canon_Inc_IC
2015-12-22 08:22 - 2015-12-22 08:22 - 00001715 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-22 08:22 - 2015-12-22 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-22 08:21 - 2015-12-22 08:22 - 00000000 ____D C:\Program Files\iTunes
2015-12-22 08:21 - 2015-12-22 08:21 - 00000000 ____D C:\Program Files\iPod
2015-12-22 08:21 - 2015-12-22 08:21 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-16 15:19 - 2015-12-16 15:19 - 09079391 _____ C:\Users\WAYNE\Downloads\Attachments.zip
2015-12-12 12:52 - 2015-12-12 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 13:28 - 2015-11-10 13:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 13:28 - 2015-11-10 13:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 13:28 - 2015-11-10 13:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 13:28 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-10 13:28 - 2015-11-10 13:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-10 13:28 - 2015-11-10 12:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 11:08 - 2015-12-29 06:08 - 09479872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-08 18:17 - 2015-11-20 13:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 18:17 - 2015-11-20 13:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 18:17 - 2015-11-20 13:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 18:17 - 2015-11-20 13:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 18:17 - 2015-11-20 13:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 18:17 - 2015-11-20 13:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 18:17 - 2015-11-03 14:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 18:17 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 18:15 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 18:15 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 18:15 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 18:15 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 18:15 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 18:15 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 18:15 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 18:14 - 2015-11-11 16:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 18:14 - 2015-11-11 15:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 18:14 - 2015-11-11 11:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 18:14 - 2015-11-11 11:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 18:14 - 2015-11-11 10:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 18:14 - 2015-11-11 10:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 18:14 - 2015-11-11 10:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 18:14 - 2015-11-11 10:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 18:14 - 2015-11-11 09:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 18:14 - 2015-11-09 19:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 18:14 - 2015-11-09 19:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 18:14 - 2015-11-09 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 18:14 - 2015-11-09 19:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 18:14 - 2015-11-09 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 18:14 - 2015-11-09 19:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 18:14 - 2015-11-09 19:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 18:14 - 2015-11-09 19:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 18:14 - 2015-11-09 19:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 18:14 - 2015-11-09 19:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 18:14 - 2015-11-09 19:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 18:14 - 2015-11-09 19:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 18:14 - 2015-11-09 19:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 18:14 - 2015-11-09 18:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 18:14 - 2015-11-09 18:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 18:14 - 2015-11-09 18:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 18:14 - 2015-11-09 18:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 18:14 - 2015-11-09 18:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 18:14 - 2015-11-09 18:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 18:14 - 2015-11-09 18:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 18:14 - 2015-11-09 18:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 18:14 - 2015-11-09 18:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 18:14 - 2015-11-09 18:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 18:14 - 2015-11-09 18:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 18:14 - 2015-11-08 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 18:14 - 2015-11-08 17:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 18:14 - 2015-11-08 17:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 18:14 - 2015-11-08 17:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 18:14 - 2015-11-08 17:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 18:14 - 2015-11-08 17:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 18:14 - 2015-11-08 17:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 18:14 - 2015-11-08 17:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 18:14 - 2015-11-08 17:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 18:14 - 2015-11-08 17:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 18:14 - 2015-11-08 17:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 18:14 - 2015-11-08 17:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 18:14 - 2015-11-08 17:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 18:14 - 2015-11-08 17:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 18:14 - 2015-11-08 17:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 18:14 - 2015-11-08 17:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 18:14 - 2015-11-08 16:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 18:14 - 2015-11-08 16:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 18:14 - 2015-11-08 16:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 18:14 - 2015-11-08 16:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 18:14 - 2015-11-08 16:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 18:14 - 2015-11-08 16:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 18:14 - 2015-11-08 16:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 18:14 - 2015-11-08 16:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 18:14 - 2015-11-08 16:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 18:14 - 2015-11-08 16:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 18:14 - 2015-11-08 16:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 18:14 - 2015-11-08 16:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 18:14 - 2015-11-08 15:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 18:14 - 2015-11-08 15:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 18:14 - 2015-11-08 15:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 18:14 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 18:14 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-06 13:22 - 2015-12-06 13:22 - 02721280 _____ C:\Users\WAYNE\Downloads\msxml6_x64(2).msi
2015-12-03 13:51 - 2015-12-03 13:51 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 13:51 - 2015-12-03 13:51 - 00000000 ____D C:\Program Files\Common Files\AV

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-31 11:08 - 2014-09-26 18:44 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-31 11:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-31 11:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-31 11:01 - 2015-11-01 19:15 - 00000000 ___RD C:\Users\WAYNE\Dropbox
2015-12-31 11:01 - 2015-11-01 19:11 - 00000000 ____D C:\Users\WAYNE\AppData\Local\Dropbox
2015-12-31 10:58 - 2015-11-01 19:11 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-31 10:54 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-31 10:16 - 2015-11-01 19:11 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-30 19:45 - 2012-04-23 13:46 - 00000260 _____ C:\Windows\SysWOW64\cmdVBS.vbs
2015-12-30 19:45 - 2012-04-23 13:46 - 00000256 _____ C:\Windows\SysWOW64\MSIevent.bat
2015-12-29 14:36 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2015-12-29 11:33 - 2015-08-15 22:34 - 00001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-29 11:33 - 2014-09-17 19:57 - 00001101 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-29 11:11 - 2014-09-17 19:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-29 09:20 - 2011-02-11 18:15 - 00000000 ___SD C:\Users\WAYNE\AppData\LocalLow\Temp
2015-12-29 09:20 - 2011-01-20 10:30 - 00000000 ____D C:\Users\WAYNE\AppData\Local\CrashDumps
2015-12-29 06:08 - 2014-09-26 18:44 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-29 06:08 - 2014-09-18 07:42 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 06:08 - 2014-09-18 07:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-28 14:18 - 2011-02-12 09:45 - 00004144 _____ C:\Windows\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2015-12-27 21:38 - 2009-07-14 00:13 - 00797888 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-27 21:38 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-27 00:33 - 2010-12-28 17:02 - 00000000 ____D C:\ProgramData\PDFC
2015-12-26 19:41 - 2014-01-02 19:32 - 00000000 ____D C:\Program Files\VDownloader
2015-12-26 12:25 - 2012-06-03 04:45 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForWAYNE
2015-12-26 12:25 - 2012-06-03 04:45 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForWAYNE.job
2015-12-25 22:35 - 2014-08-17 10:18 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-25 17:10 - 2014-09-09 20:37 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-25 17:10 - 2014-09-09 20:37 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-25 17:10 - 2014-08-17 10:18 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-25 17:08 - 2014-07-02 16:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-25 16:46 - 2011-01-19 21:43 - 00001379 _____ C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-24 17:55 - 2011-04-21 14:20 - 00000000 ____D C:\Users\WAYNE\Documents\VHS to DVD
2015-12-24 16:42 - 2011-04-12 14:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-23 14:31 - 2014-07-03 07:11 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-23 14:29 - 2014-07-03 07:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-22 08:21 - 2014-02-04 15:25 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-21 17:34 - 2013-04-30 07:38 - 00000000 ____D C:\Users\WAYNE\Documents\Rental
2015-12-14 20:50 - 2014-05-01 16:33 - 00000000 ____D C:\LP Recorder tracks
2015-12-13 01:54 - 2015-02-09 09:00 - 00027136 _____ C:\Users\WAYNE\Documents\Charity mileage 2015.xls
2015-12-12 12:52 - 2015-11-01 19:11 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-11 03:21 - 2009-07-13 23:45 - 00451224 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 05:02 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-12-09 03:34 - 2012-05-11 02:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 03:34 - 2012-05-11 02:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 03:14 - 2012-05-11 02:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 03:11 - 2013-07-11 06:20 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 03:02 - 2011-01-20 10:47 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-08 22:09 - 2013-03-19 08:09 - 00000000 ____D C:\LP Recorder wav files
2015-12-08 07:34 - 2015-04-02 12:31 - 00005710 _____ C:\Users\WAYNE\Documents\childhood messages.txt
2015-12-06 14:10 - 2015-02-15 18:34 - 00033280 _____ C:\Users\WAYNE\Documents\Mood Swings mileage 2015.xls
2015-12-04 20:16 - 2015-05-15 14:33 - 00021029 ____H C:\Users\WAYNE\Documents\~WRL2026.tmp
2015-12-03 06:06 - 2011-03-01 13:56 - 03325520 ____H C:\Users\WAYNE\Documents\~WRL2513.tmp
2015-12-02 13:18 - 2011-01-20 20:12 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-05-20 12:42 - 2014-06-22 12:57 - 0003729 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-12-26 19:40 - 2015-08-27 16:48 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2011-04-05 19:39 - 2011-04-05 19:39 - 0007859 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.cat
2011-04-05 19:39 - 2011-04-05 19:39 - 0001167 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.inf
2011-04-05 19:40 - 2011-04-05 19:40 - 0000034 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.log
2011-04-05 19:39 - 2011-04-05 19:39 - 0082816 _____ (VSO Software) C:\Users\WAYNE\AppData\Roaming\pcouffin.sys
2013-02-12 15:47 - 2015-01-19 20:17 - 0000935 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Files to move or delete:
====================
C:\Users\000\WindowsXP-KB969084-x86-enu.exe
C:\Users\WAYNE\en_res.dll
C:\Users\WAYNE\es_res.dll
C:\Users\WAYNE\fr_res.dll
C:\Users\WAYNE\grm_res.dll
C:\Users\WAYNE\it_res.dll
C:\Users\WAYNE\jp_res.dll
C:\Users\WAYNE\mfc80u.dll
C:\Users\WAYNE\msvcr80.dll
C:\Users\WAYNE\PCPE Setup.exe
C:\Users\WAYNE\pt_res.dll
C:\Users\WAYNE\ResourceReader.dll
C:\Users\WAYNE\ru_res.dll
C:\Users\WAYNE\zh_res.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-25 23:40

==================== End of FRST.txt ============================


  • 0

#22
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Just got the attached message.

Attached Thumbnails

  • Capture.PNG

  • 0

#23
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

I have the latest version of Carbonite.


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

See if you can download, unzip and run by right clicking and Run As Admin the STUXNET Scanner Tool 

 

http://blog.trendmic...-forensic-tool/

 

Also run FRST as before but this time check the Shortcut.txt box and then hit scan.  It should create a file shortcut.txt which I need to see.

 

 

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner.  Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).  
 
# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.
 
 
Let's also try the bitdefender quickscan.
 
 
When it finishes there is a View Report option at the bottom.  Click on it and copy and paste the report (even if it says nothing found).

  • 0

#25
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

I ran STUXNET. A screen appears then quickly disappears.

 

Shortcut.txt below. More to follow.

 

Users shortcut scan result (x64) Version:28-12-2015
Ran by WAYNE (2015-12-31 14:17:58)
Running from C:\Users\WAYNE\Desktop
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)





Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk -> C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Premium.lnk -> C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\PS.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk -> C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon\Verizon Update Center\Inbox.lnk -> C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\DisplayAgent.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon\Verizon Update Center\Preferences.lnk -> C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\MC_Client_Preferences.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk -> C:\Program Files\VDownloader\VDownloader4.exe (Vitzo)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Operating Specifications.lnk -> C:\hp\documentation\opspecs_WW.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety & Comfort Guide.lnk -> C:\hp\documentation\SCG_en-US.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Safety and Regulatory Information.lnk -> C:\hp\documentation\safetyreg_EN.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\User Guides\Upgrading and Servicing Guide.lnk -> C:\hp\documentation\usgvn2_EN.xps ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014\TurboTax 2014.lnk -> C:\Windows\Installer\{F2283AA1-869C-4497-8F18-09E36C67A014}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2013\TurboTax 2013.lnk -> C:\Windows\Installer\{2A4EEB5C-3BA6-4299-A87F-783861B567D9}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2012\TurboTax 2012.lnk -> C:\Windows\Installer\{F014B696-28C5-4554-802F-A15380418F53}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2010\TurboTax 2010.lnk -> C:\Windows\Installer\{A525E00B-6609-442E-9DCD-64453C233E8D}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free (Administrator).lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free Help.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\Uninstall TreeSize Free.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trader's Little Helper\Change Log.lnk -> C:\Program Files (x86)\Trader's Little Helper\changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trader's Little Helper\Trader's Little Helper.lnk -> C:\Program Files (x86)\Trader's Little Helper\tralih.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trader's Little Helper\Uninstall.lnk -> C:\Program Files (x86)\Trader's Little Helper\Uninstall\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\TomTom HOME 2.lnk -> C:\Windows\Installer\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}\NewShortcut1_BB5D96B1D05B428EBAD4A437B7244768.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectro\Spectro.lnk -> C:\Program Files (x86)\Spectro\Spectro.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\Uninstall.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Home.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio\CinemaNow\Roxio CinemaNow.lnk -> C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Disc Creation.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\CDCreator.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager\Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\ReaMote Slave (x64).lnk -> C:\Program Files\REAPER (x64)\reamote.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER License and User Agreement.lnk -> C:\Program Files\REAPER (x64)\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\Uninstall REAPER (x64).lnk -> C:\Program Files\REAPER (x64)\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\Whatsnew.txt.lnk -> C:\Program Files\REAPER (x64)\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Complete\PDF Complete.lnk -> C:\Program Files (x86)\PDF Complete\pdfvista.exe (PDF Complete Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP support information.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Information\HPSysInfo.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools\HP Vision Diagnostics Disc Creation.lnk -> C:\Program Files\Hewlett-Packard\HP Vision Hardware Diagnostics\DiscCreation\disccreation.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda USB Vaccine\Uninstall Panda USB Vaccine.lnk -> C:\Program Files (x86)\Panda USB Vaccine\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\Skype.lnk -> C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\ImageViewer.lnk -> C:\Program Files (x86)\Nuance\PaperPort\pppagevw.exe (Nuance Communications, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\PaperPort.lnk -> C:\Program Files (x86)\Nuance\PaperPort\PaprPort.exe (Nuance Communications, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\PDF Viewer Plus.lnk -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PDFPlus.exe (Nuance Communications, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\infopath.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\mspub.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk -> C:\Program Files\Microsoft Office 15\root\office15\lync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\setlang.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Skype for Business Recording Manager.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OcPubMgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msotd.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msoev.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\LPRipper Help.lnk -> C:\Program Files (x86)\LP Ripper\LPRipper.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\LPRipper.lnk -> C:\Program Files (x86)\LP Ripper\LPRipper.exe (CFB Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\Quick Start Guide.lnk -> C:\Program Files (x86)\LP Ripper\QuickStart.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Ripper\ReadMe.lnk -> C:\Program Files (x86)\LP Ripper\ReadMe.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\LP Recorder Help.lnk -> C:\Program Files (x86)\LP Recorder\LPRecorder.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\LP Recorder.lnk -> C:\Program Files (x86)\LP Recorder\LPRecorder.exe (CFB Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\Quick Start Guide.lnk -> C:\Program Files (x86)\LP Recorder\QuickStart.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\ReadMe.lnk -> C:\Program Files (x86)\LP Recorder\ReadMe.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LP Recorder\What's New.lnk -> C:\Program Files (x86)\LP Recorder\WhatsNew.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LabelPrint.lnk -> C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Control Panel.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\LightScribe Website.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\LightScribe Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Quick Demo.lnk -> C:\Program Files (x86)\Common Files\LightScribe\shortcuts\Quick Demo.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\Hp\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart DVD.lnk -> C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Photo.lnk -> C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Video.lnk -> C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart.lnk -> C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\AdvisorVideo.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\AdvisorVideo\Doc.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Burn Video Folder to Disc.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\HTFolderToDisc.exe (Honest Technology (www.honestech.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Change Video Standard.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\ChangeVideoStandard.exe (honestech)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Copy DVD Disc.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\HTCopyVideoDVDDisc.exe (Honest Technology (www.honestech.com))
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\honestech VHS to DVD 5.0 Deluxe User Guide.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5UG.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\honestech VHS to DVD 5.0 Deluxe.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5Starter.exe (Honest Technology)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader\Uninstall Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\CryptoPrevent\CryptoPrevent.lnk -> C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPrevent.exe (Foolish IT LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\CryptoPrevent\Uninstall CryptoPrevent.lnk -> C:\Program Files (x86)\Foolish IT\CryptoPrevent\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\Kobo.lnk -> C:\Program Files (x86)\Kobo\Kobo.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\PressReader.lnk -> C:\Program Files (x86)\NewspaperDirect\PressReader\PressReader.exe (NewspaperDirect)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\Zinio Reader 4.lnk -> C:\Program Files (x86)\Zinio Reader 4\Zinio Reader 4.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\DVDFab 9 US.lnk -> C:\Program Files (x86)\DVDFab 9 US\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 9 US\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\Uninstall DVDFab 9 US.lnk -> C:\Program Files (x86)\DVDFab 9 US\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\DVDFab 9.lnk -> C:\Program Files (x86)\DVDFab 9\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 9\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\Uninstall DVDFab 9.lnk -> C:\Program Files (x86)\DVDFab 9\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab 8 Profile Editor.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\ProfileEditor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\DVDFab Online.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8 Qt\Uninstall DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\DVDFab 8.lnk -> C:\Program Files (x86)\DVDFab 8\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\DVDFab History.lnk -> C:\Program Files (x86)\DVDFab 8\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\DVDFab Online.lnk -> C:\Program Files (x86)\DVDFab 8\DVDFab.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 8\Uninstall DVDFab 8.lnk -> C:\Program Files (x86)\DVDFab 8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6\DVDFab 6.lnk -> C:\Program Files (x86)\DVDFab 6\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6\DVDFab Online.lnk -> C:\Program Files (x86)\DVDFab 6\DVDFab.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 6\Uninstall DVDFab 6.lnk -> C:\Program Files (x86)\DVDFab 6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Wave\CD Wave Editor.lnk -> C:\Program Files (x86)\CD Wave\CDWav.exe (MiLo Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Picture Style Editor\Picture Style Editor.lnk -> C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Web Service Registration Tool\EOS Web Service Registration Tool.lnk -> C:\Program Files (x86)\Canon\EOS Web Service Registration Tool\EOS Web Service Registration Tool.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2 Readme.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU2\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU2\EOS Utility 2.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 3 Readme.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EU3\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Lens Registration Tool\EOS Lens Registration Tool.lnk -> C:\Program Files (x86)\Canon\EOS Lens Registration Tool\EOS Lens Registration Tool.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Digital Photo Professional 4\Digital Photo Professional 4.lnk -> C:\Program Files\Canon\Digital Photo Professional 4\Dpp4.exe (CANON INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\readmeusa.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Scanner Settings\Read Me.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\ScanRead.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Scanner Settings\Scanner Utility.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\BrScUtil.exe (Brother Industries Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Sending\How to use PC-FAX Sending.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\howtousebrotherpc.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Autorun Eater.lnk -> C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe (Old McDonald's Farm)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Farm Manual.lnk -> C:\Program Files (x86)\Autorun Eater\aehelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Uninstall Autorun Eater.lnk -> C:\Program Files (x86)\Autorun Eater\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Problem Report Wizard\Run ATI Problem Report Wizard.lnk -> C:\Program Files (x86)\ATI Technologies\PRW\amdprw.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC\PowerChute Personal Edition.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\PowerChute.exe (Schneider Electric)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Any Video Converter Ultimate on the Web.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.exe (Anvsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter Ultimate\Uninstall Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter on the Web.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe (AnvSoft Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft\Any Video Converter\Uninstall Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon MP3 Downloader\Amazon MP3 Downloader.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\AmazonMP3Downloader.exe (Amazon.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon MP3 Downloader\Uninstall Amazon MP3 Downloader.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink)
Shortcut: C:\ProgramData\CinemaNow\MediaManager\shortcuts\CinemaNow\CinemaNow Media Manager.lnk -> C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe (CinemaNow Inc.)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk -> C:\Users\WAYNE\AppData\Local\HuluDesktop\HuluDesktop.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\Links\Desktop.lnk -> C:\Users\HP_Administrator\Desktop ()
Shortcut: C:\Users\HP_Administrator\Links\Downloads.lnk -> C:\Users\HP_Administrator\Downloads ()
Shortcut: C:\Users\HP_Administrator\Desktop\vanBasco's Karaoke Player.lnk -> C:\Program Files (x86)\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hulu Desktop.lnk -> C:\Users\HP_Administrator\AppData\Local\HuluDesktop\HuluDesktop.exe (Hulu LLC)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Drag-to-Disc Drive (E).lnk -> E:\ (No File)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk -> C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Amazon Cloud Player.lnk -> C:\Program Files (x86)\Amazon\MP3 Downloader\Amazon Cloud Player.url ()
Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\Brother Creative Center.lnk -> C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url ()
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Digital Photo Professional 4.lnk -> C:\Program Files\Canon\Digital Photo Professional 4\Dpp4.exe (CANON INC.)
Shortcut: C:\Users\Public\Desktop\DVDFab 9 US.lnk -> C:\Program Files (x86)\DVDFab 9 US\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\Users\Public\Desktop\DVDFab 9.lnk -> C:\Program Files (x86)\DVDFab 9\DVDFab.exe (FengTao Software Inc.)
Shortcut: C:\Users\Public\Desktop\EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Shortcut: C:\Users\Public\Desktop\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.)
Shortcut: C:\Users\Public\Desktop\honestech VHS to DVD 5.0 Deluxe User Guide.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5UG.pdf ()
Shortcut: C:\Users\Public\Desktop\honestech VHS to DVD 5.0 Deluxe.lnk -> C:\Program Files (x86)\honestech VHS to DVD 5.0 Deluxe\VHStoDVD5Starter.exe (Honest Technology)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\LP Recorder.lnk -> C:\Program Files (x86)\LP Recorder\LPRecorder.exe (CFB Software)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Picture Style Editor.lnk -> C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe (CANON INC.)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\REAPER (x64).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated)
Shortcut: C:\Users\Public\Desktop\Restored files for user Administrator.lnk -> C:\Administrator ()
Shortcut: C:\Users\Public\Desktop\Roxio Creator Home.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe ()
Shortcut: C:\Users\Public\Desktop\Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\Trader's Little Helper.lnk -> C:\Program Files (x86)\Trader's Little Helper\tralih.exe ()
Shortcut: C:\Users\Public\Desktop\TurboTax 2010.lnk -> C:\Windows\Installer\{A525E00B-6609-442E-9DCD-64453C233E8D}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2012.lnk -> C:\Windows\Installer\{F014B696-28C5-4554-802F-A15380418F53}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2013.lnk -> C:\Windows\Installer\{2A4EEB5C-3BA6-4299-A87F-783861B567D9}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2014.lnk -> C:\Windows\Installer\{F2283AA1-869C-4497-8F18-09E36C67A014}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\VDownloader.lnk -> C:\Program Files\VDownloader\VDownloader4.exe (Vitzo)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\WAYNE\Videos\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Pictures\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Pictures\My Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Music\Samples.lnk -> C:\Program Files\muvee Technologies\muvee autoProducer 4.0\Samples (No File)
Shortcut: C:\Users\WAYNE\Links\Desktop.lnk -> C:\Users\WAYNE\Desktop ()
Shortcut: C:\Users\WAYNE\Links\Downloads.lnk -> C:\Users\WAYNE\Downloads ()
Shortcut: C:\Users\WAYNE\Links\Dropbox.lnk -> C:\Users\WAYNE\Dropbox ()
Shortcut: C:\Users\WAYNE\Desktop\Amazing Slow Downer.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\Amazing.exe (Roni Music)
Shortcut: C:\Users\WAYNE\Desktop\Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Cloud Player.exe (Amazon)
Shortcut: C:\Users\WAYNE\Desktop\Any Video Converter Ultimate.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter Ultimate\AVCUltimate.exe (Anvsoft)
Shortcut: C:\Users\WAYNE\Desktop\Any Video Converter.lnk -> C:\Program Files (x86)\AnvSoft\Any Video Converter\AVCFree.exe (AnvSoft Inc.)
Shortcut: C:\Users\WAYNE\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\WAYNE\Desktop\cmd.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab 6.lnk -> C:\Program Files (x86)\DVDFab 6\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab 8.lnk -> C:\Program Files (x86)\DVDFab 8\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\Desktop\DVDFab Profile Editor.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\ProfileEditor.exe ()
Shortcut: C:\Users\WAYNE\Desktop\FiOS Information.lnk -> C:\Users\WAYNE\AppData\Roaming\TechWizard\info.html ()
Shortcut: C:\Users\WAYNE\Desktop\Install Verizon Media Manager.lnk -> C:\Users\WAYNE\AppData\Roaming\TechWizard\mediamanager.exe ()
Shortcut: C:\Users\WAYNE\Desktop\psi - Shortcut.lnk -> C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)
Shortcut: C:\Users\WAYNE\Desktop\Update Checker.lnk -> C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
Shortcut: C:\Users\WAYNE\Desktop\vanBasco's Karaoke Player.lnk -> C:\Program Files (x86)\vanBasco's Karaoke Player\vmidi.exe ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk -> C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player\Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Cloud Player.exe (Amazon)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player\Uninstall Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Uninstall.exe (Amazon)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Amazing Slow Downer Help.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\ASD_help.chm ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Amazing Slow Downer.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\Amazing.exe (Roni Music)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Order Amazing Slow Downer.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\Order.txt ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazing Slow Downer\Uninstall.lnk -> C:\Program Files (x86)\Roni Music\Amazing Slow Downer\uninstall.exe ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\SendTo\Drag-to-Disc Drive (E).lnk -> E:\ (No File)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\WAYNE\Dropbox ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DVDFab 8 Qt.lnk -> C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe (Fengtao Software Inc.)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk -> C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe (Foxit Software Inc.)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Roxio Creator DE.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe ()
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink DVD Suite Premium.lnk -> C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Premium\PS.exe (CyberLink Corp.)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Uninstall Amazon Cloud Player.lnk -> C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Uninstall.exe (Amazon)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials for QuickBooks, Quicken and TurboTax.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=quickenfc&pf=cndt&locale=en_us&bd=pavilion&c=104
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Download Store.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=onlinesvs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders\HP Barnes & Noble Desktop eReader.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=onlinesvs&pf=cndt&locale=en_us&bd=all&c=104


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk -> C:\swsetup\APP\Applications\HP\HPPA\1.1\src\QuickLnk.exe (Hewlett-Packard Company) -> -exec /T:"c:\SWSETUP\APP\Applications\HP\HPPA\1.1\src\HPPA_Setup-1.1.1.5.exe" /L:"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Install HP Power Assistant.lnk"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation) -> -settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free.lnk -> C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe (JAM Software) -> /NOADMIN
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom\Uninstall TomTom HOME 2.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate\SeaTools for Windows\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Seagate Technology) -> C:\Program Files (x86)\Seagate\SeaTools for Windows\STX_Oz_multi.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Audio.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Audio
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Backup.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Backup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Copy.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Copy
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Data.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Data
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\DVD and Video.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Video
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Photo.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Photo
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE\Projects\Tools.lnk -> C:\Program Files (x86)\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe () -> /Launch Tools
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\Install REAPER (x64) to USB key or Removable Media.lnk -> C:\Program Files\REAPER (x64)\reaper-to-usb.bat () -> "C:\Program Files\REAPER (x64)"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64) (create new project).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated) -> -new
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64) (reset configuration to factory defaults).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated) -> -resetconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)\REAPER (x64) (show audio configuration on startup).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated) -> -audiocfg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda USB Vaccine\Panda USB Vaccine.lnk -> C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security) -> /resident  /shownow
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services\getonline.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=GETONLINE
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12\Scanner Setup Wizard.lnk -> C:\Program Files (x86)\Nuance\PaperPort\ScannerWizardU.exe (Nuance Communications, Inc.) -> /A [PaperPort 12.1] /L [eng]
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Excel Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Excel Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Word Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Word Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Clip Organizer 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office 2010 Upload Center 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Picture Manager 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Starter To-Go Device Manager 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Starter To-Go Device Manager 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\infopath.exe (Microsoft Corporation) -> /design
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk -> C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\DATABASECOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk -> C:\Program Files\Microsoft Office 15\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files\Microsoft Office 15\Root\Office15\DCF\SPREADSHEETCOMPARE.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling\Getting Started.lnk -> C:\Program Files (x86)\Common Files\LightScribe\LSLauncher.exe (Hewlett-Packard Company) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company) -> /p 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP MediaSmart\HP MediaSmart Music.lnk -> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe (CyberLink Corp.) -> /MS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HP Setup.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> DESKTOP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\HPAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCAlerts.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_ACTION_CENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDashboard.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=PC_HEALTH_SECURITY TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDiscovery.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=STANDARD,SYSTRAY pillar=ECENTER TOUCHPOINT=STARTMENU
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Advisor\PCDock.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech VHS to DVD 5.0 Deluxe\Uninstall honestech VHS to DVD 5.0 Deluxe.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{44FF002B-5AB3-4447-8F98-614387B63EE6}\setup.exe (Acresso Software Inc.                                        ) -> -runfromtemp -l0x0009 -uninst
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All MMO Games.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite\Carbonite InfoCenter.lnk -> C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) ->  /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite\Uninstall Carbonite.lnk -> C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteSetup.exe (Carbonite, Inc.) -> /remove
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Picture Style Editor\Picture Style Editor UnInstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Picture Style Editor\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Web Service Registration Tool\EOS Web Service Registration Tool Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Web Service Registration Tool\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 2 Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Utility 2\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Utility\EOS Utility 3 Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Utility 3\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\EOS Lens Registration Tool\EOS Lens Registration Tool Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\EOS Lens Registration Tool\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Digital Photo Professional 4\Digital Photo Professional 4 Uninstall.lnk -> C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\UnInstaller\UniversalUnInstaller.exe (CANON INC.) -> "C:\Program Files (x86)\Common Files\Canon_Inc_IC\UniversalInstaller\Uninstall\Digital Photo Professional 4 (x64)\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\ControlCenter4.lnk -> C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) -> /model="MFC-7360N"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Installation Diagnostics.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\Brinstck.exe (Brother Industries, Ltd.) -> -R MFC-7360N
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\On-Line Registration.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\Brolink\Brolink0.exe (Brother Industories, Ltd.) -> OLR_URL /mMFC-7360N
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Remote Setup.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\brmfrmss.exe (Brother Industries Ltd.) -> LCL "MFC-7360N"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Status Monitor.lnk -> C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) -> MFC-7360N /BRINFOSHOW
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\UnInstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}\setup.exe (Macrovision Corporation) -> -runfromtemp -l0x0009 UNINSTALL Reg=BLL-FB,Brother MFC-7360N,USB
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Scanner Settings\Scanners and Cameras.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ScannersAndCameras
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Sending\PC-FAX Address Book.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\AddrBook.exe (Brother Industries, Ltd.) -> PCFAX TOP
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Sending\PC-FAX Setup.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\PCfxSet.exe (Brother Industries, Ltd.) -> PCFAX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\PC-FAX Receiving\Receive.lnk -> C:\Program Files (x86)\Brother\Brmfl10f\FAXRX.exe (Brother Industries, Ltd.) -> LCL "MFC-7360N" -RM0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Problem Report Wizard\Uninstall ATI Problem Report Wizard.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {5F146AD2-9F9B-5284-CD9D-40C881E3ACEC}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\HP Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallApp
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\DelRP.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /DelRP
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /ReinstallDriver
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Report.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /RecoveryReport
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk -> C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe (CyberLink) -> /CDCreator
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\HP Setup\launchreg.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=Registration
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\base\launch_base.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Setup\hptcs.exe (Hewlett-Packard) -> MODE=GETONLINE
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard) -> view=DOCKVIEW,SYSTRAY
ShortcutWithArgument: C:\Users\HP_Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Public\Desktop\Carbonite InfoCenter.lnk -> C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.) ->  /open
ShortcutWithArgument: C:\Users\Public\Desktop\SeaTools for Windows.lnk -> C:\Program Files (x86)\Seagate\SeaTools for Windows\SeaToolsforWindows.exe (Seagate Technology) -> C:\Program Files (x86)\Seagate\SeaTools for Windows\STX_Oz_multi.ico
ShortcutWithArgument: C:\Users\WAYNE\Desktop\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\WAYNE\Desktop\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company) -> /p 2
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\WAYNE\AppData\Roaming\Microsoft\Excel\Rental%20mileage%202015304893852255843086\Rental%20mileage%202015.xls.lnk -> C:\Users\WAYNE\Documents\Rental\Rental mileage 2015.xls () -> 55


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda USB Vaccine\Panda USB Vaccine on the Web.url -> hxxp://research.pandasecurity.com/archive/Panda-USB-and-AutoRun-Vaccine.aspx
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\Live Help by dSupportOnline.url -> hxxp://dsupportonline.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\www.foolishit.com.url -> hxxp://www.foolishit.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US\DVDFab Online.url -> hxxp://www.dvdfab.cn/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9\DVDFab Online.url -> hxxp://www.dvdfab.cn/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 0
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\Brother Creative Center.url -> "hxxp://www.brother.com/creativecenter/?WT.mc_id=AF"
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\On-line help and FAQ's.url -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=mfc316&LNG=en&SRC=FAQ
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother\MFC-7360N\User's Guides.url -> hxxp://solutions.brother.com/cgi-bin/solutions.cgi?MDL=mfc316&LNG=en&SRC=DOC
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Eater\Visit The Farm!.url -> hxxp://oldmcdonald.wordpress.com/
InternetURL: C:\Users\Default\Favorites\MSN.com.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=IStart
InternetURL: C:\Users\Default\Favorites\Radio Station Guide.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=windows&sbp=mediaplayer&plcid=&pver=6.1&os=&over=&olcid=&clcid=&ar=Media&sba=RadioBar&o1=&o2=&o3=
InternetURL: C:\Users\Default\Favorites\Links\Customize Links.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=CLinks
InternetURL: C:\Users\Default\Favorites\Links\Free Hotmail.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=hotmail
InternetURL: C:\Users\Default\Favorites\Links\Windows Marketplace.url -> hxxp://go.microsoft.com/fwlink/?LinkId=30857&clcid=0x409
InternetURL: C:\Users\Default\Favorites\Links\Windows Media.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windowsmedia
InternetURL: C:\Users\Default\Favorites\Links\Windows.url -> hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=windows
InternetURL: C:\Users\Default\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\Default\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\HP_Administrator\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\HP_Administrator\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\HP_Administrator\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\HP_Administrator\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\HP_Administrator\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\HP_Administrator\Favorites\Links\Ebay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=ebay&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Links\HP - See What's Hot.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=webslice&tp=iefavbar&pf=cndt&locale=en_us&bd=pavilion&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Links\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=myhpgames&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\HP_Administrator\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\CyberLink Product Support.url -> hxxps://membership.cyberlink.com/prog/support/cs/service/my-stuff.do
InternetURL: C:\Users\WAYNE\Favorites\Days of Vinyl email.url -> hxxps://www.google.com/a/daysofvinyl.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fa%2Fdaysofvinyl.com%2F&bsv=1eic6yu9oa4y3&ltmpl=default&ltmplcache=2
InternetURL: C:\Users\WAYNE\Favorites\Flash Drive Disinfector does not run - nothing happens - Page 2#entry1964349.url -> hxxp://www.geekstogo.com/forum/topic/294342-flash-drive-disinfector-does-not-run-nothing-happens/page__pid__1964349__st__15#entry1964349
InternetURL: C:\Users\WAYNE\Favorites\Geeks To Go browser redirect.url -> hxxp://www.geekstogo.com/forum/topic/293644-cant-get-rid-of-browser-redirects-willing-to-wipe-disk/page__pid__1957359__st__30#entry1957359
InternetURL: C:\Users\WAYNE\Favorites\How do I uninstall antivirus or antispyware programs  Microsoft Security Essentials.url -> hxxp://www.microsoft.com/security_essentials/helpTopic.aspx?assetid=4cae1455-6ead-493c-b5d8-7c88f39c0656&mkt=en-us
InternetURL: C:\Users\WAYNE\Favorites\HP Instant Care.url -> hxxps://h50203.www5.hp.com/CSMWeb/customer/ChatUser.aspx?User=Wayne%20Kern&caseID=13410713&callfrom=null&region=NA&country=US:US&origin=acc
InternetURL: C:\Users\WAYNE\Favorites\Photos  LIGHTS.url -> hxxp://www.iamlights.com/media/photos
InternetURL: C:\Users\WAYNE\Favorites\Verizon Webmail.url -> hxxp://webmail.verizon.com/netmail/driver?nimlet=deggetfolder
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Get Windows Live.url -> hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\WAYNE\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Activate FiOS Service.url -> hxxps://activatemyfios.verizon.net
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Broadband Extras.url -> hxxp://www22.verizon.com/ResidentialHelp/FiOSInternet/General+Support/Essentials+And+Extras/Essentials+And+Extras.htm
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Digital Voice Account Manager.url -> hxxps://www36.verizon.com/fiosvoice/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Equipment and Accessories Store.url -> hxxp://www.verizon.com/fiosaccessories
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Media Manager.url -> hxxp://www.verizon.com/mediamanager
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS Support Home.url -> hxxp://www22.verizon.com/fioshelp
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS TV Central.url -> hxxp://www.verizon.com/fiostvcentral
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\FiOS TV Channel Lineup.url -> hxxp://www22.verizon.com/Content/FiOSTV/channel+lineup/channel+lineup.htm?zipCode=21093
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Free Tools for VOL Customers.url -> hxxp://www.verizon.net/freetools
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Home Voice Mail Quick Start.url -> hxxp://www22.verizon.com/ResidentialHelp/Phone/Calling+Features/Home+Voice+Mail/Questions+and+Answers/96579.htm
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Message Center.url -> hxxp://webmail.verizon.com/signin/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Refer-a-Friend.url -> hxxps://www.sharethenetwork.com/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Reset VOL Password.url -> hxxp://netservices.verizon.net/portal/link/main/forgotpassword
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Speed Optimization.url -> hxxp://www2.verizon.net/help/fios_settings/optimizer/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon Gaming Site.url -> hxxp://games.verizon.com/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon In Home Agent.url -> hxxp://www.verizon.com/connect
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon Speedtest.url -> hxxp://www2.verizon.net/micro/speedtest/java/
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon Store Locator.url -> hxxps://www22.verizon.com/Residential/Templates/sas/sas_StoreLocator_results.aspx?State=MD&SName=Maryland
InternetURL: C:\Users\WAYNE\Favorites\Verizon Supported Websites\Verizon WiFi.url -> hxxp://www.verizon.com/wifi
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Autos.url -> hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Entertainment.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN Sports.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\WAYNE\Favorites\MSN Websites\MSNBC News.url -> hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\IE Add-on site.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\Microsoft At Home.url -> hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\Microsoft At Work.url -> hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\WAYNE\Favorites\Microsoft Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\WAYNE\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\WAYNE\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\WAYNE\Favorites\Links\Ebay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=ebay&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\Links\HP - See What's Hot.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=webslice&tp=iefavbar&pf=cndt&locale=en_us&bd=pavilion&c=104
InternetURL: C:\Users\WAYNE\Favorites\Links\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=myhpgames&tp=iefavbar&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\Links\Suggested Sites (2).url -> hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\WAYNE\Favorites\Links\Suggested Sites.url -> 0
InternetURL: C:\Users\WAYNE\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\WAYNE\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Activity Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Digital Entertainment.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=digitalentm&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Download Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_softwarestore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Home.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hphome&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\PC Discovery Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpclub&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\PC Security.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=pcsecurity&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Photo Central.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ephoto&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eReaders\HP Barnes & Noble Desktop eReader.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=barnes_n_noble&tp=iefavs&pf=cndt&locale=en_us&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eReaders\Kobo.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=kobo&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104
InternetURL: C:\Users\WAYNE\Favorites\HP\eReaders\Zinio Reader 4.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=zinio&tp=iefavs&pf=cndt&locale=en_US&bd=all&c=104

==================== End of Shortcut.txt =============================
 


  • 0

Advertisements


#26
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

What should I select? And should I disable real time protection for Avast while this runs?

 

Thanks.

Attached Thumbnails

  • Capture.PNG

  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 24,598 posts
  • MVP

Enable


  • 0

#28
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Update Init
Update Download
Update Finalize
Updated modules version: 27444
 

 

 

C:\Users\WAYNE\AppData\Roaming\uTorrent\uTorrent.exe.9699.tmp    a variant of Win32/AdkDLLWrapper.A potentially unwanted application    cleaned by deleting - quarantined
 


  • 0

#29
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

I'll do bitdefender quickscan tomorrow. Thanks. Happy New Year!


  • 0

#30
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

C:\Users\WAYNE\AppData\Roaming\uTorrent\uTorrent.exe.9699.tmp    a variant of Win32/AdkDLLWrapper.A potentially unwanted application    cleaned by deleting - quarantined
 

------------------------------------

 

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Update Init
Update Download
Update Finalize
Updated modules version: 27444

 

-----------------------------------------

 

You’re Good To Go! No Active Viruses Found.
Keep your computer clean with Bitdefender Internet Security!

----------------------

Happy New Year, Ron, and thanks for all your help so far. :)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP