Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

White Screen on Gateway Laptop M-6848 Model # SA1 [Solved]

Started by Nayshuemate , Jul 18 2014 06:49 PM
gateway laptop white screen

  • This topic is locked This topic is locked

#1
Nayshuemate
Posted 18 July 2014 - 06:49 PM

Nayshuemate

    New Member

  • Member
  • Pip
  • 6 posts

Hi everyone, I really hope someone can help me... I googled and saw a thread here that is identical to what is happening to my laptop, but when I followed the instructions in that thread, the problem did not go away.  I think HOPEFULLY that is because that fix was tailored specifically to the exact malware that the user had contracted on his computer maybe?  

On a scale of 1-10 I would say that I may be about a 6 or 7 in handling myself around a computer, if 5 is the average computer user.  That being said, I definitely wouldn't say that I am a pro or highly-skilled, but I can follow directions pretty well.  I hope that I am putting the correct computer info (Gateway M-6848 and the model #) here for you to help me.  I got it from the sticker on the bottom of the laptop.  Also, I am running Windows Vista Home Premium on it... not sure if there is a certain version, but it was the program that came with the laptop, and I purchased it brand new from Best Buy in 2008 or 2009 I believe, if that helps any. 

My problem:

A white screen is appearing on my laptop right after the windows boot and after I have put in my username and password to log in.

I cannot see anything nor can I do anything after this. I just see the white screen, BUT when I click ctrl, alt, del I am able to log off or restart.   As it is logging off, I am able to see my desktop for a short time before the system restarts, but cannot interact with it because it is shutting down. I tried to hook it up to an external monitor and the external monitor also showed the white screen and I still wasn't able to do anything. 

Whenever I try to boot the machine again, the white screen keeps coming up and I cant do anything.  I am trying to do anything possible to not have to format my disk and reinstall windows.  I have TONS of valuable programs and files that I REALLY would like to avoid losing if at all possible, as many others feel, I guess.  I understand that, like the user in the other thread, I probably have a backdoor hacker issue with some nasty malware messing up my system.  I understand the disclaimer that the other person who was helping that user told him, that in that case its most likely best to reformat, etc and that there is no guarantee of any of this fixing the problem... but I would sure like to try!

I downloaded the Farbar Recovery Scan Tool x64 from reading about it on the other post, copied it to my flashdrive and inserted the flashdrive into my laptop.  I ran the complete scan, and will copy and paste of the result of my scan below.  The other person who was helping the user said that after you get this scan result and then click "FIX" on the program, if you can boot the computer normally, to follow more instructions involving RogueKiller and OTL, etc etc but I didnt get that far.  My computer won't boot.  Still the white screen.  :( I hope I included everything in this post that you need... 

Here is the link to the other thread that I keep referring to.  http://www.geekstogo.com/forum/topic/326887-white-screen-of-death-on-gateway-laptop-closed/ 

Thank you ... I really hope you can help? :/  





Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by SYSTEM on MINWINPC on 18-07-2014 17:02:17
Running from e:\
Platform: Windows Vista ™ Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [IAAnotif] => C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1021488 2007-04-26] (Synaptics, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1460096 2007-02-05] (Microsoft Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Windows\sttray64.exe [425984 2007-09-06] (IDT, Inc.)
HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Gateway\traybar.exe [638976 2007-09-13] (Chicony)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG8_TRAY] => C:\Program Files (x86)\AVG\AVG8\avgtray.exe [2048352 2010-07-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [38768 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2009-02-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [104408 2009-10-14] (PC Tools)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [429392 2010-01-07] (Malwarebytes Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [142120 2010-04-28] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Runonce: [Launcher] - %WINDIR%\SMINST\launcher.exe [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$eb57cd9583c460645306a8cbc493a22c\n. ATTENTION! ====> ZeroAccess?
HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [ooVoo] => C\ooVoo.exe /minimized
HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [ooVoo] => C\ooVoo.exe /minimized
HKU\Mcx1\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Mcx1\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Mcx1\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [196608 2009-04-10] (Microsoft Corporation) <==== ATTENTION 
HKU\NaiomiP\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\NaiomiP\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [495616 2008-12-09] (Gadwin Systems, Inc)
HKU\NaiomiP\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\NaiomiP\...\Run: [AdobeBridge] => [X]
HKU\NaiomiP\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [22631608 2011-05-18] (ooVoo LLC)
HKU\NaiomiP\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1602984 2013-02-25] (Valve Corporation)
HKU\NaiomiP\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\NaiomiP\...\Run: [Adobe CSx Manager] => C:\Users\NaiomiP\AppData\Roaming\81a0c5a1-0c05-4d69-9328-74a80976c6fcad\acacdacfcad.exe [106496 2013-04-22] ()
HKU\NaiomiP\...\Winlogon: [Shell] C:\Users\NaiomiP\AppData\Roaming\mcafee.ini,explorer.exe <==== ATTENTION 
AppInit_DLLs: avgrssta.dll => C:\Windows\system32\avgrssta.dll [12464 2009-08-24] (AVG Technologies CZ, s.r.o.)
Startup: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
Startup: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for iPhone\PdaNetPC.exe ()
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} =>  No File
BootExecute: PDBoot.exeautocheck autochk * 
 
==================== Services (Whitelisted) =================
 
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
S3 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2010-09-13] (Amazon.com)
S2 avg8emc; C:\Program Files (x86)\AVG\AVG8\avgemc.exe [908056 2009-08-24] (AVG Technologies CZ, s.r.o.)
S2 avg8wd; C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe [297752 2009-08-24] (AVG Technologies CZ, s.r.o.)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [236368 2010-01-07] (Malwarebytes Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2009-10-14] (PC Tools)
S2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1476360 2009-08-23] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1471240 2009-08-23] (Raxco Software, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
S1 AvgLdx64; C:\Windows\System32\Drivers\avgldx64.sys [427016 2009-08-24] (AVG Technologies CZ, s.r.o.)
S1 AvgMfx64; C:\Windows\System32\Drivers\avgmfx64.sys [33416 2009-08-24] (AVG Technologies CZ, s.r.o.)
S0 AvgRkx64; C:\Windows\System32\Drivers\avgrkx64.sys [14856 2009-08-23] (AVG Technologies CZ, s.r.o.)
S1 AvgTdiA; C:\Windows\System32\Drivers\avgtdia.sys [133640 2009-08-23] (AVG Technologies CZ, s.r.o.)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [123392 2007-11-09] (Option NV)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2007-11-09] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-11-09] (Option N.V.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22104 2010-01-07] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2009-08-23] (Duplex Secure Ltd.)
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [29704 2008-10-11] ()
S3 SWNC8U80; C:\Windows\System32\DRIVERS\swnc8u80.sys [196608 2008-01-10] (Sierra Wireless Inc.)
S3 SWUMX80; C:\Windows\System32\DRIVERS\swumx80.sys [191744 2008-01-10] (Sierra Wireless Inc.)
S3 cpuz130; \??\C:\Users\NaiomiP\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
S1 SASKUTIL; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys [X]
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\drivers\acpi.sys 1965AAFFAB07E3FB03C77F81BEBA3547
C:\Windows\System32\Drivers\adfs.sys 2F0683FD2DF1D92E891CACA14B45A8C1
C:\Windows\system32\drivers\adp94xx.sys F14215E37CF124104575073F782111D2
C:\Windows\system32\drivers\adpahci.sys 7D05A75E3066861A6610F7EE04FF085C
C:\Windows\system32\drivers\adpu160m.sys 820A201FE08A0C345B3BEDBC30E1A77C
C:\Windows\system32\drivers\adpu320.sys 9B4AB6854559DC168FBB4C24FC52E794
C:\Windows\system32\drivers\afd.sys C4F6CE6087760AD70960C9EB130E7943
C:\Windows\System32\DRIVERS\agrsm64.sys 3627A62B10284FFBF862BFD49928EDF4
C:\Windows\system32\drivers\agp440.sys F6F6793B7F17B550ECFDBD3B229173F7
C:\Windows\system32\drivers\djsvs.sys 222CB641B4B8A1D1126F8033F9FD6A00
C:\Windows\system32\drivers\aliide.sys 157D0898D4B73F075CE9FA26B482DF98
C:\Windows\system32\drivers\amdide.sys 970FA5059E61E30D25307B99903E991E
C:\Windows\System32\DRIVERS\amdk8.sys CDC3632A3A5EA4DBB83E46076A3165A1
C:\Windows\system32\drivers\arc.sys BA8417D4765F3988FF921F30F630E303
C:\Windows\system32\drivers\arcsas.sys 9D41C435619733B34CC16A511E644B11
C:\Windows\System32\DRIVERS\asyncmac.sys 22D13FF3DAFEC2A80634752B1EAA2DE6
C:\Windows\System32\drivers\atapi.sys E68D9B3A3905619732F7FE039466A623
C:\Windows\System32\Drivers\avgldx64.sys 276C5B14336452C8CE547ED5D00E0E62
C:\Windows\System32\Drivers\avgmfx64.sys B9C21C3753DCBCCAC6B62E1A560EB6F7
C:\Windows\System32\Drivers\avgrkx64.sys 56000E9D0BFFA9887FF33150966A118E
C:\Windows\System32\Drivers\avgtdia.sys 86D08CF28005F7F626A84D512F84D6C2
C:\Windows\System32\DRIVERS\b57nd60a.sys 1777E5AC9FC74F7991B2ABA25EA34759
C:\Windows\System32\DRIVERS\bcmwl664.sys A2160C5D70F3517FC7356B689ABD6FCD
C:\Windows\system32\drivers\blbdrive.sys 79FEEB40056683F8F61398D81DDA65D2
C:\Windows\System32\DRIVERS\bowser.sys 2348447A80920B2493A9B582A23E81E1
C:\Windows\system32\drivers\brfiltlo.sys ==> MD5 is legit
C:\Windows\system32\drivers\brfiltup.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserid.sys F0F0BA4D815BE446AA6A4583CA3BCA9B
C:\Windows\system32\drivers\brserwdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbmdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbser.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys E0777B34E05F8A82A21856EFC900C29F
C:\Windows\System32\DRIVERS\cdfs.sys B4D787DB8D30793A4D4DF9FEED18F136
C:\Windows\System32\DRIVERS\cdrom.sys C025AA69BE3D0D25C7A2E746EF6F94FC
C:\Windows\system32\drivers\circlass.sys 02EA568D498BBDD4BA55BF3FCE34D456
C:\Windows\System32\CLFS.sys 3DCA9A18B204939CFB24BEA53E31EB48
C:\Windows\System32\DRIVERS\CmBatt.sys B52D9A14CE4101577900A364BA86F3DF
C:\Windows\system32\drivers\cmdide.sys E5D5499A1C50A54B5161296B6AFE6192
C:\Windows\System32\DRIVERS\compbatt.sys 7FB8AD01DB0EABE60C8A861531A8F431
C:\Windows\System32\drivers\crcdisk.sys A8585B6412253803CE8EFCBD6D6DC15C
C:\Windows\System32\Drivers\DefragFS.sys 4B5243361E9A85C27E88EF67D8916D3D
C:\Windows\System32\Drivers\dfsc.sys 8B722BA35205C71E7951CDC4CDBADE19
C:\Windows\System32\drivers\disk.sys B0107E40ECDB5FA692EBF832F295D905
C:\Windows\System32\DRIVERS\Dot4.sys 74C02B1717740C3B8039539E23E4B53F
C:\Windows\System32\DRIVERS\Dot4Prt.sys 08321D1860235BF42CF2854234337AEA
C:\Windows\System32\DRIVERS\dot4usb.sys 4ADCCF0124F2B6911D3786A5D0E779E5
C:\Windows\System32\drivers\drmkaud.sys F1A78A98CFC2EE02144C6BEC945447E6
C:\Windows\System32\drivers\dxgkrnl.sys B8E554E502D5123BC111F99D6A2181B4
C:\Windows\System32\DRIVERS\E1G6032E.sys 264CEE7B031A9D6C827F3D0CB031F2FE
C:\Windows\System32\drivers\ecache.sys 5F94962BE5A62DB6E447FF6470C4F48A
C:\Windows\system32\drivers\elxstor.sys C4636D6E10469404AB5308D9FD45ED07
C:\Windows\system32\DRIVERS\ENTECH64.sys 12C061D9F9621BE916D58191872EC281
C:\Windows\system32\drivers\errdev.sys BC3A58E938BB277E46BF4B3003B01ABD
C:\Windows\System32\Drivers\exfat.sys 486844F47B6636044A42454614ED4523
C:\Windows\System32\Drivers\fastfat.sys 1A4BEE34277784619DDAF0422C0C6E23
C:\Windows\System32\DRIVERS\fdc.sys 81B79B6DF71FA1D2C6D688D830616E39
C:\Windows\System32\drivers\fileinfo.sys 457B7D1D533E4BD62A99AED9C7BB4C59
C:\Windows\System32\drivers\filetrace.sys D421327FD6EFCCAF884A54C58E1B0D7F
C:\Windows\System32\DRIVERS\flpydisk.sys 230923EA2B80F79B0F88D90F87B87EBD
C:\Windows\System32\drivers\fltmgr.sys E3041BC26D6930D61F42AEDB79C91720
C:\Windows\System32\Drivers\Fs_Rec.sys 5779B86CD8B32519FBECB136394D946A
C:\Windows\system32\drivers\gagp30kx.sys C8E416668D3DC2BE3D4FE4C79224997F
C:\Windows\System32\Drivers\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Gt51Ip.sys 52B99DB6E15F2F1045EF3A41FBD19F39
C:\Windows\System32\DRIVERS\gt72ubus.sys 27CB1C36215DE1FC5171DC996C1DD46B
C:\Windows\System32\DRIVERS\gtptser.sys 261CD8A73E74B496C29007EA761CDA05
C:\Windows\System32\drivers\HdAudio.sys DF45F8142DC6DF9D18C39B3EFFBD0409
C:\Windows\System32\DRIVERS\HDAudBus.sys F942C5820205F2FB453243EDFEC82A3D
C:\Windows\system32\drivers\hidbth.sys B4881C84A180E75B8C25DC1D726C375F
C:\Windows\system32\drivers\hidir.sys 4E77A77E2C986E8F88F996BB3E1AD829
C:\Windows\System32\DRIVERS\hidusb.sys 443BDD2D30BB4F00795C797E2CF99EDF
C:\Windows\system32\drivers\hpcisss.sys D7109A1E6BD2DFDBCBA72A6BC626A13B
C:\Windows\System32\drivers\HTTP.sys 098F1E4E5C9CB5B0063A959063631610
C:\Windows\system32\drivers\i2omp.sys DA94C854CEA5FAC549D4E1F6E88349E8
C:\Windows\System32\DRIVERS\i8042prt.sys CBB597659A2713CE0C9CC20C88C7591F
C:\Windows\System32\DRIVERS\iaStor.sys CEB53BB804B41C52AB0782505C8E2994
C:\Windows\system32\drivers\iastorv.sys 3E3BF3627D886736D0B4E90054F929F6
C:\Windows\System32\DRIVERS\igdkmd64.sys F7AB8285BBECFAA5ED4050CCB89E073D
C:\Windows\system32\drivers\iirsp.sys 8C3951AD2FE886EF76C7B5027C3125D3
C:\Windows\System32\drivers\intelide.sys DF797A12176F11B2D301C5B234BB200E
C:\Windows\System32\DRIVERS\intelppm.sys BFD84AF32FA1BAD6231C4585CB469630
C:\Windows\System32\DRIVERS\ipfltdrv.sys D8AABC341311E4780D6FCE8C73C0AD81
C:\Windows\system32\drivers\ipmidrv.sys 9C2EE2E6E5A7203BFAE15C299475EC67
C:\Windows\System32\DRIVERS\ipnat.sys B7E6212F581EA5F6AB0C3A6CEEEB89BE
C:\Windows\System32\drivers\irenum.sys 8C42CA155343A2F11D29FECA67FAA88D
C:\Windows\system32\drivers\isapnp.sys 0672BFCEDC6FC468A2B0500D81437F4F
C:\Windows\System32\DRIVERS\msiscsi.sys E4FDF99599F27EC25D2CF6D754243520
C:\Windows\system32\drivers\iteatapi.sys 63C766CDC609FF8206CB447A65ABBA4A
C:\Windows\system32\drivers\iteraid.sys 1281FE73B17664631D12F643CBEA3F59
C:\Windows\System32\DRIVERS\kbdclass.sys 423696F3BA6472DD17699209B933BC26
C:\Windows\System32\DRIVERS\kbdhid.sys DBDF75D51464FBC47D0104EC3D572C05
C:\Windows\System32\Drivers\ksecdd.sys 88956AD9FA510848AD176777A6C6C1F5
C:\Windows\system32\drivers\ksthunk.sys 1D419CF43DB29396ECD7113D129D94EB
C:\Windows\System32\DRIVERS\lltdio.sys 96ECE2659B6654C10A0C310AE3A6D02C
C:\Windows\system32\drivers\lsi_fc.sys ACBE1AF32D3123E330A07BFBC5EC4A9B
C:\Windows\system32\drivers\lsi_sas.sys 799FFB2FC4729FA46D2157C0065B3525
C:\Windows\system32\drivers\lsi_scsi.sys F445FF1DAAD8A226366BFAF42551226B
C:\Windows\system32\drivers\luafv.sys 52F87B9CC8932C2A7375C3B2A9BE5E3E
C:\Windows\system32\drivers\mbam.sys 989D47E8BD1D7539EB3976D3902E223E
C:\Windows\system32\drivers\megasas.sys 5C5CD6AACED32FB26C3FB34B3DCF972F
C:\Windows\system32\drivers\megasr.sys 859BC2436B076C77C159ED694ACFE8F8
C:\Windows\System32\drivers\modem.sys 59848D5CC74606F0EE7557983BB73C2E
C:\Windows\System32\DRIVERS\monitor.sys C247CC2A57E0A0C8C6DCCF7807B3E9E5
C:\Windows\System32\DRIVERS\mouclass.sys 9367304E5E412B120CF5F4EA14E4E4F1
C:\Windows\System32\DRIVERS\mouhid.sys C2C2BD5C5CE5AAF786DDD74B75D2AC69
C:\Windows\System32\drivers\mountmgr.sys 11BC9B1E8801B01F7F6ADB9EAD30019B
C:\Windows\system32\drivers\mpio.sys F8276EB8698142884498A528DFEA8478
C:\Windows\System32\drivers\mpsdrv.sys C92B9ABDB65A5991E00C28F13491DBA2
C:\Windows\system32\drivers\mraid35x.sys 3C200630A89EF2C0864D515B7A75802E
C:\Windows\system32\drivers\mrxdav.sys 7C1DE4AA96DC0C071611F9E7DE02A68D
C:\Windows\System32\DRIVERS\mrxsmb.sys 1485811B320FF8C7EDAD1CAEBB1C6C2B
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3B929A60C833FC615FD97FBA82BC7632
C:\Windows\System32\DRIVERS\mrxsmb20.sys C64AB3E1F53B4F5B5BB6D796B2D7BEC3
C:\Windows\System32\drivers\msahci.sys 1AC860612B85D8E85EE257D372E39F4D
C:\Windows\system32\drivers\msdsm.sys 264BBB4AAF312A485F0E44B65A6B7202
C:\Windows\System32\Drivers\Msfs.sys 704F59BFC4512D2BB0146AEC31B10A7C
C:\Windows\System32\drivers\msisadrv.sys 00EBC952961664780D43DCA157E79B27
C:\Windows\System32\drivers\MSKSSRV.sys 0EA73E498F53B96D83DBFCA074AD4CF8
C:\Windows\System32\drivers\MSPCLOCK.sys 52E59B7E992A58E740AA63F57EDBAE8B
C:\Windows\System32\drivers\MSPQM.sys 49084A75BAE043AE02D5B44D02991BB2
C:\Windows\System32\Drivers\MsRPC.sys DC6CCF440CDEDE4293DB41C37A5060A5
C:\Windows\System32\DRIVERS\mssmbios.sys 855796E59DF77EA93AF46F20155BF55B
C:\Windows\System32\drivers\MSTEE.sys 86D632D75D05D5B7C7C043FA3564AE86
C:\Windows\System32\Drivers\mup.sys 0CC49F78D8ACA0877D885F149084E543
C:\Windows\System32\DRIVERS\nwifi.sys 2007B826C4ACD94AE32232B41F0842B9
C:\Windows\System32\drivers\ndis.sys 65950E07329FCEE8E6516B17C8D0ABB6
C:\Windows\System32\DRIVERS\ndistapi.sys 64DF698A425478E321981431AC171334
C:\Windows\System32\DRIVERS\ndisuio.sys 8BAA43196D7B5BB972C9A6B2BBF61A19
C:\Windows\System32\DRIVERS\ndiswan.sys F8158771905260982CE724076419EF19
C:\Windows\System32\Drivers\NDProxy.sys 9CB77ED7CB72850253E973A2D6AFDF49
C:\Windows\System32\DRIVERS\netbios.sys A499294F5029A7862ADC115BDA7371CE
C:\Windows\System32\DRIVERS\netbt.sys FC2C792EBDDC8E28DF939D6A92C83D61
C:\Windows\System32\DRIVERS\NETw4v64.sys 071FF34B560113790FE6E7EC0CEE67C5
C:\Windows\System32\DRIVERS\NETw5v64.sys 2BDCB7B7917380794C9D87AC2153CE33
C:\Windows\system32\drivers\nfrd960.sys 4AC08BD6AF2DF42E0C3196D826C8AEA7
C:\Windows\System32\Drivers\Npfs.sys B298874F8E0EA93F06EC40AA8D146478
C:\Windows\System32\drivers\nsiproxy.sys 1523AF19EE8B030BA682F7A53537EAEB
C:\Windows\System32\Drivers\Ntfs.sys BAC869DFB98E499BA4D9BB1FB43270E1
C:\Windows\System32\Drivers\Null.sys DD5D684975352B85B52E3FD5347C20CB
C:\Windows\system32\drivers\nvraid.sys 2C040B7ADA5B06F6FACADAC8514AA034
C:\Windows\system32\drivers\nvstor.sys F7EA0FE82842D05EDA3EFDD376DBFDBA
C:\Windows\system32\drivers\nv_agp.sys 19067CA93075EF4823E3938A686F532F
C:\Windows\System32\DRIVERS\ohci1394.sys 1B30103FDE512915A9214B108B6E7A9C
C:\Windows\system32\drivers\parport.sys AECD57F94C887F58919F307C35498EA0
C:\Windows\System32\drivers\partmgr.sys B43751085E2ABE389DA466BC62A4B987
C:\Windows\System32\drivers\pci.sys 47AB1E0FC9D0E12BB53BA246E3A0906D
C:\Windows\system32\drivers\pciide.sys 8D618C829034479985A9ED56106CC732
C:\Windows\system32\DRIVERS\pcmcia.sys A2D6B9C3F532BAA27CB0C158D8EF4DA6
C:\Windows\System32\drivers\peauth.sys 58865916F53592A61549B04941BFD80D
C:\Windows\System32\DRIVERS\pnetmdm64.sys 06841F5CD8410B6BDC0B5A631B8F8787
C:\Windows\System32\DRIVERS\point64k.sys 524AFD218390C4A8806B48CDFF54AD3A
C:\Windows\System32\DRIVERS\raspptp.sys 23386E9952025F5F21C368971E2E7301
C:\Windows\system32\drivers\processr.sys 5080E59ECEE0BC923F14018803AA7A01
C:\Windows\System32\DRIVERS\pacer.sys C5AB7F0809392D0DA027F4A2A81BFA31
C:\Windows\System32\Drivers\PxHlpa64.sys 901DBA98359966A62A6548596988E931
C:\Windows\system32\drivers\ql2300.sys 0B83F4E681062F3839BE2EC1D98FD94A
C:\Windows\system32\drivers\ql40xx.sys E1C80F8D4D1E39EF9595809C1369BF2A
C:\Windows\system32\drivers\qwavedrv.sys E8D76EDAB77EC9C634C27B8EAC33ADC5
C:\Windows\System32\DRIVERS\atikmdag.sys 2A09A6B271D1F50ADF5E33B37D460DE6
C:\Windows\System32\DRIVERS\rasacd.sys 1013B3B663A56D3DDD784F581C1BD005
C:\Windows\System32\DRIVERS\rasl2tp.sys AC7BC4D42A7E558718DFDEC599BBFC2C
C:\Windows\System32\DRIVERS\raspppoe.sys 4517FBF8B42524AFE4EDE1DE102AAE3E
C:\Windows\System32\DRIVERS\rassstp.sys C6A593B51F34C33E5474539544072527
C:\Windows\System32\DRIVERS\rdbss.sys 322DB5C6B55E8D8EE8D6F358B2AAABB1
C:\Windows\System32\DRIVERS\RDPCDD.sys 603900CC05F6BE65CCBF373800AF3716
C:\Windows\system32\drivers\rdpdr.sys C045D1FB111C28DF0D1BE8D4BDA22C06
C:\Windows\System32\drivers\rdpencdd.sys CAB9421DAF3D97B33D0D055858E2C3AB
C:\Windows\System32\Drivers\RDPWD.sys AE4BD9E1C33D351D8E607FC81F15160C
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 5790BCA445CC40DF8B38C2C48608AAC2
C:\Windows\System32\Drivers\RootMdm.sys 6A0CF73B019CBC9255E23C9192EC3702
C:\Windows\System32\DRIVERS\rspndr.sys 22A9CB08B1A6707C1550C6BF099AAE73
C:\Windows\System32\DRIVERS\Rtlh64.sys DFADCAE64AEBE2C67DA9CD2AE74CCDE5
C:\Windows\System32\drivers\RTSTOR64.SYS 4AD8464FECE8EBE276D4A7D75E418452
C:\Windows\system32\drivers\sbp2port.sys CD9C693589C60AD59BBBCFB0E524E01B
C:\Windows\System32\DRIVERS\sdbus.sys B42EE50F7D24F837F925332EB349ECA5
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys F71BFE7AC6C52273B7C82CBF1BB2A222
C:\Windows\system32\drivers\serial.sys E62FAC91EE288DB29A9696A9D279929C
C:\Windows\system32\drivers\sermouse.sys A842F04833684BCEEA7336211BE478DF
C:\Windows\system32\drivers\sffdisk.sys 14D4B4465193A87C127933978E8C4106
C:\Windows\system32\drivers\sffp_mmc.sys 7073AEE3F82F3D598E3825962AA98AB2
C:\Windows\system32\drivers\sffp_sd.sys 35E59EBE4A01A0532ED67975161C7B82
C:\Windows\system32\drivers\sfloppy.sys 6B7838C94135768BD455CBDC23E39E5F
C:\Windows\system32\drivers\sisraid2.sys 7A5DE502AEB719D4594C6471060A78B3
C:\Windows\system32\drivers\sisraid4.sys 3A2F769FAB9582BC720E11EA1DFB184D
C:\Windows\System32\DRIVERS\smb.sys 290B6F6A0EC4FCDFC90F5CB6D7020473
C:\Windows\System32\Drivers\spldr.sys 386C3C63F00A7040C7EC5E384217E89D
C:\Windows\System32\Drivers\sptd.sys 88E5162E58C8919CC873F5D8946197CF
C:\Windows\System32\DRIVERS\srv.sys 880A57FCCB571EBD063D4DD50E93E46D
C:\Windows\System32\DRIVERS\srv2.sys A1AD14A6D7A37891FFFECA35EBBB0730
C:\Windows\System32\DRIVERS\srvnet.sys 4BED62F4FA4D8300973F1151F4C4D8A7
C:\Windows\System32\drivers\stwrt64.sys 5467347266CF34C157341670E8D64E7F
C:\Windows\System32\DRIVERS\serscan.sys 14B4DB4381E4A55F570D8BB699B791D6
C:\Windows\System32\DRIVERS\swenum.sys 8A851CA908B8B974F89C50D2E18D4F0C
C:\Windows\System32\drivers\swmsflt.sys 1C4EBD3E6CCE53586D58473524D54E50
C:\Windows\System32\DRIVERS\swnc8u80.sys F3A32A000429988C208294418A095418
C:\Windows\System32\DRIVERS\swumx80.sys FA51C68EB2625C03DAD443F821D3397C
C:\Windows\system32\drivers\symc8xx.sys 2F26A2C6FC96B29BEFF5D8ED74E6625B
C:\Windows\system32\drivers\sym_hi.sys A909667976D3BCCD1DF813FED517D837
C:\Windows\system32\drivers\sym_u3.sys 36887B56EC2D98B9C362F6AE4DE5B7B0
C:\Windows\System32\DRIVERS\SynTP.sys D9B5FE44B394C587BCE3CF9FA369AC64
C:\Windows\System32\drivers\tcpip.sys 0E970F59D7FBB838316176B19A2ADB82
C:\Windows\System32\DRIVERS\tcpip.sys 0E970F59D7FBB838316176B19A2ADB82
C:\Windows\System32\drivers\tcpipreg.sys C7E72A4071EE0200E3C075DACFB2B334
C:\Windows\System32\drivers\tdpipe.sys 1D8BF4AAA5FB7A2761475781DC1195BC
C:\Windows\System32\drivers\tdtcp.sys 7F7E00CDF609DF657F4CDA02DD1C9BB1
C:\Windows\System32\DRIVERS\tdx.sys 458919C8C42E398DC4802178D5FFEE27
C:\Windows\System32\DRIVERS\termdd.sys 8C19678D22649EC002EF2282EAE92F98
C:\Windows\System32\DRIVERS\tssecsrv.sys 9E5409CD17C8BEF193AAD498F3BC2CB8
C:\Windows\System32\DRIVERS\tunmp.sys 89EC74A9E602D16A75A4170511029B3C
C:\Windows\System32\DRIVERS\tunnel.sys 30A9B3F45AD081BFFC3BCAA9C812B609
C:\Windows\system32\drivers\uagp35.sys FEC266EF401966311744BD0F359F7F56
C:\Windows\System32\DRIVERS\udfs.sys FAF2640A2A76ED03D449E443194C4C34
C:\Windows\system32\drivers\uliagpkx.sys 4EC9447AC3AB462647F60E547208CA00
C:\Windows\system32\drivers\uliahci.sys 697F0446134CDC8F99E69306184FBBB4
C:\Windows\system32\drivers\ulsata.sys 31707F09846056651EA2C37858F5DDB0
C:\Windows\system32\drivers\ulsata2.sys 85E5E43ED5B48C8376281BAB519271B7
C:\Windows\System32\DRIVERS\umbus.sys 46E9A994C4FED537DD951F60B86AD3F4
C:\Windows\System32\DRIVERS\umpass.sys 01ABE05C401E70795B43A8933B44831E
C:\Windows\System32\Drivers\usbaapl64.sys 5CF1EAD086176DD3348E920A40BED03D
C:\Windows\System32\drivers\usbaudio.sys C6BA890DE6E41857FBE84175519CAE7D
C:\Windows\System32\DRIVERS\usbccgp.sys 07E3498FC60834219D2356293DA0FECC
C:\Windows\system32\drivers\usbcir.sys 9247F7E0B65852C1F6631480984D6ED2
C:\Windows\System32\DRIVERS\usbehci.sys 827E44DE934A736EA31E91D353EB126F
C:\Windows\System32\DRIVERS\usbhub.sys BB35CD80A2ECECFADC73569B3D70C7D1
C:\Windows\System32\DRIVERS\usbohci.sys 540B622DA0949695C40CDC9D5D497A8B
C:\Windows\System32\DRIVERS\usbprint.sys 28B693B6D31E7B9332C1BDCEFEF228C1
C:\Windows\System32\DRIVERS\usbscan.sys EA0BF666868964FBE8CB10E50C97B9F1
C:\Windows\System32\DRIVERS\USBSTOR.SYS B854C1558FCA0C269A38663E8B59B581
C:\Windows\System32\DRIVERS\usbuhci.sys B2872CBF9F47316ABD0E0C74A1ABA507
C:\Windows\System32\Drivers\usbvideo.sys FC33099877790D51B0927B7039059855
C:\Windows\System32\Drivers\UVCFTR_S.SYS FA3CA291F80EE13A1AC210492A7DFBB9
C:\Windows\System32\DRIVERS\vgapnp.sys 916B94BCF1E09873FFF2D5FB11767BBC
C:\Windows\System32\drivers\vga.sys B83AB16B51FEDA65DD81B8C59D114D63
C:\Windows\system32\drivers\viaide.sys 8294B6C3FDB6C33F24E150DE647ECDAA
C:\Windows\System32\drivers\volmgr.sys 2B7E885ED951519A12C450D24535DFCA
C:\Windows\System32\drivers\volmgrx.sys CEC5AC15277D75D9E5DEC2E1C6EAF877
C:\Windows\System32\drivers\volsnap.sys 582F710097B46140F5A89A19A6573D4B
C:\Windows\system32\drivers\vsmraid.sys A68F455ED2673835209318DD61BFBB0E
C:\Windows\system32\drivers\wacompen.sys FEF8FE5923FEAD2CEE4DFABFCE3393A7
C:\Windows\System32\DRIVERS\wanarp.sys B8E7049622300D20BA6D8BE0C47C0CFD
C:\Windows\System32\DRIVERS\wanarp.sys B8E7049622300D20BA6D8BE0C47C0CFD
C:\Windows\system32\drivers\wd.sys 0C17A0816F65B89E362E682AD5E7266E
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wmiacpi.sys E18AEBAAA5A773FE11AA2C70F65320F5
C:\Windows\System32\DRIVERS\wpdusb.sys 5E2401B3FC1089C90E081291357371A9
C:\Windows\system32\drivers\ws2ifsl.sys 8A900348370E359B6BFF6A550E4649E1
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-18 16:51 - 2014-07-18 16:54 - 00000000 ____D () C:\FRST
 
==================== One Month Modified Files and Folders =======
 
2014-07-18 16:54 - 2014-07-18 16:51 - 00000000 ____D () C:\FRST
2014-07-18 15:59 - 2006-11-02 07:42 - 00032654 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-18 15:59 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-18 15:58 - 2013-02-15 21:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-18 15:58 - 2010-09-02 13:00 - 00000000 ____D () C:\Users\NaiomiP\AppData\Roaming\Dropbox
2014-07-18 15:56 - 2010-03-31 02:05 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-18 15:56 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-18 15:56 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-18 15:47 - 2011-02-12 15:28 - 00014257 _____ () C:\Windows\setupact.log
2014-07-18 15:43 - 2013-03-30 10:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-18 15:29 - 2006-11-02 04:46 - 00756164 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-18 15:17 - 2010-03-31 02:05 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini
 
ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$eb57cd9583c460645306a8cbc493a22c
 
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3094174547-28691812-3827549335-1000\$eb57cd9583c460645306a8cbc493a22c
 
Files to move or delete:
====================
C:\Users\NaiomiP\acrobat.exe
C:\Users\NaiomiP\AIO_CDB_Full_Network_enu_NB.exe
C:\Users\NaiomiP\BoxShot3DSetup.exe
C:\Users\NaiomiP\ctfmon.exe
C:\Users\NaiomiP\flashplayer.exe
C:\Users\NaiomiP\ie_noclick.js
C:\Users\Public\zbdjaw.exe
 
 
Some content of TEMP:
====================
C:\Users\NaiomiP\AppData\Local\Temp\.exe
C:\Users\NaiomiP\AppData\Local\Temp\ApnStub.exe
C:\Users\NaiomiP\AppData\Local\Temp\dotNetFx40_Web_Setup.exe
C:\Users\NaiomiP\AppData\Local\Temp\First15.exe
C:\Users\NaiomiP\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\NaiomiP\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\NaiomiP\AppData\Local\Temp\j0yuolxjqoftzpirw43pr.exe
C:\Users\NaiomiP\AppData\Local\Temp\ooVooTBing.exe
C:\Users\NaiomiP\AppData\Local\Temp\PreCheckAMAOL_010813233812.exe
C:\Users\NaiomiP\AppData\Local\Temp\setup__1304.exe
C:\Users\NaiomiP\AppData\Local\Temp\SkypeSetup.exe
C:\Users\NaiomiP\AppData\Local\Temp\uninst1.exe
C:\Users\NaiomiP\AppData\Local\Temp\UpdUninstall.exe
C:\Users\NaiomiP\AppData\Local\Temp\VP6Install.exe
C:\Users\NaiomiP\AppData\Local\Temp\VP6VFW.dll
C:\Users\NaiomiP\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\NaiomiP\AppData\Local\Temp\_is130D.exe
C:\Users\NaiomiP\AppData\Local\Temp\_is23DF.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
Restore point made on: 2013-05-06 23:00:06
Restore point made on: 2013-05-07 23:00:17
Restore point made on: 2013-05-08 23:00:22
Restore point made on: 2013-05-09 23:00:05
Restore point made on: 2013-05-10 22:02:56
Restore point made on: 2013-05-11 23:00:04
Restore point made on: 2013-05-12 23:00:19
Restore point made on: 2013-05-13 23:00:04
Restore point made on: 2013-05-14 23:00:18
Restore point made on: 2013-05-15 23:00:05
Restore point made on: 2013-05-17 14:02:00
Restore point made on: 2013-05-18 16:05:29
Restore point made on: 2013-05-19 23:00:07
Restore point made on: 2013-05-20 23:00:20
Restore point made on: 2013-05-21 23:00:06
Restore point made on: 2013-05-22 23:00:19
Restore point made on: 2013-05-23 23:00:06
Restore point made on: 2013-05-24 23:00:20
Restore point made on: 2013-05-25 23:00:05
Restore point made on: 2013-05-26 23:00:06
Restore point made on: 2013-05-27 23:00:06
Restore point made on: 2013-05-28 23:00:06
Restore point made on: 2013-05-29 23:00:05
Restore point made on: 2013-05-30 23:00:20
Restore point made on: 2013-05-31 23:00:06
Restore point made on: 2013-06-01 23:00:06
Restore point made on: 2013-06-02 23:00:06
Restore point made on: 2013-06-03 23:00:06
Restore point made on: 2013-06-04 23:00:06
Restore point made on: 2013-06-05 23:00:06
Restore point made on: 2013-06-06 23:00:06
Restore point made on: 2013-06-07 23:00:06
Restore point made on: 2013-06-08 23:00:06
Restore point made on: 2013-06-09 23:00:06
Restore point made on: 2013-11-09 01:59:09
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {eef02835-067f-11dd-9216-de94fb8b63e0}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=X:
path                    \windows\system32\boot\winload.exe
description             Recovery Manager
osdevice                partition=X:
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Microsoft Windows Vista
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {eef02835-067f-11dd-9216-de94fb8b63e0}
nx                      OptIn
 
Resume from Hibernate
---------------------
identifier              {eef02835-067f-11dd-9216-de94fb8b63e0}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
Windows Legacy OS Loader
------------------------
identifier              {ntldr}
device                  unknown
path                    \ntldr
description             Earlier Version of Windows
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 13%
Total physical RAM: 4085.63 MB
Available physical RAM: 3537.87 MB
Total Pagefile: 3953.52 MB
Available Pagefile: 3673.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
 
==================== Drives ================================
 
Drive c: (Partition_1) (Fixed) (Total:217.2 GB) (Free:2.36 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:14.53 GB) (Free:4.82 GB) FAT32
Drive x: (Recovery) (Fixed) (Total:15.69 GB) (Free:7.92 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 8BED7DCA)
Partition 1: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=217 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
 
 
LastRegBack: 2014-07-18 15:27
 
==================== End Of Log ============================

 

  • 0

Advertisements

#2
JSntgRvr
Posted 18 July 2014 - 09:49 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts

:welcome:

 

Please download the enclosed file. [attachment=71774:fixlist.txt]

 

Save it in the same location FRST is saved.

 

Run FRST, except that this time around, click on the Fix button and wait.

 

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.
 
Attempt to boot in Normal Mode and let me know the outcome.

  • 0

#3
Nayshuemate
Posted 19 July 2014 - 04:17 PM

Nayshuemate

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
I will do so now. Thank you. Please give me about ten minutes to get it done and I will return.
  • 0

#4
Nayshuemate
Posted 19 July 2014 - 04:33 PM

Nayshuemate

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Here is the log. WOW!!!! YOU DID IT!!!! Oh my goshhhhh I am so excited! :D :D :D Should I now do anything more, like follow the Rogue Killer instructions from the previous post I quoted, etc? WOW Thank you so much!
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-07-2014 01
Ran by SYSTEM at 2014-07-19 15:32:57 Run:3
Running from e:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
Start
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$eb57cd9583c460645306a8cbc493a22c\n. ATTENTION! ====> ZeroAccess?
HKU\Mcx1\...\Winlogon: [Shell] C:\Windows\eHome\McrMgr.exe [196608 2009-04-10] (Microsoft Corporation) <==== ATTENTION 
HKU\NaiomiP\...\Run: [AdobeBridge] => [X]
HKU\NaiomiP\...\Winlogon: [Shell] C:\Users\NaiomiP\AppData\Roaming\mcafee.ini,explorer.exe <==== ATTENTION 
Startup: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} =>  No File
BootExecute: PDBoot.exeautocheck autochk * 
C:\Windows\assembly\GAC_32\Desktop.ini
C:\$Recycle.Bin\S-1-5-18\$eb57cd9583c460645306a8cbc493a22c
C:\$Recycle.Bin\S-1-5-21-3094174547-28691812-3827549335-1000\$eb57cd9583c460645306a8cbc493a22c
C:\Users\NaiomiP\acrobat.exe
C:\Users\NaiomiP\AIO_CDB_Full_Network_enu_NB.exe
C:\Users\NaiomiP\BoxShot3DSetup.exe
C:\Users\NaiomiP\ctfmon.exe
C:\Users\NaiomiP\flashplayer.exe
C:\Users\NaiomiP\ie_noclick.js
C:\Users\Public\zbdjaw.exe
C:\Users\NaiomiP\AppData\Local\Temp\.exe
C:\Users\NaiomiP\AppData\Local\Temp\ApnStub.exe
C:\Users\NaiomiP\AppData\Local\Temp\dotNetFx40_Web_Setup.exe
C:\Users\NaiomiP\AppData\Local\Temp\First15.exe
C:\Users\NaiomiP\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\NaiomiP\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\NaiomiP\AppData\Local\Temp\j0yuolxjqoftzpirw43pr.exe
C:\Users\NaiomiP\AppData\Local\Temp\ooVooTBing.exe
C:\Users\NaiomiP\AppData\Local\Temp\PreCheckAMAOL_010813233812.exe
C:\Users\NaiomiP\AppData\Local\Temp\setup__1304.exe
C:\Users\NaiomiP\AppData\Local\Temp\SkypeSetup.exe
C:\Users\NaiomiP\AppData\Local\Temp\uninst1.exe
C:\Users\NaiomiP\AppData\Local\Temp\UpdUninstall.exe
C:\Users\NaiomiP\AppData\Local\Temp\VP6Install.exe
C:\Users\NaiomiP\AppData\Local\Temp\VP6VFW.dll
C:\Users\NaiomiP\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\NaiomiP\AppData\Local\Temp\_is130D.exe
C:\Users\NaiomiP\AppData\Local\Temp\_is23DF.exe
End
 
 
 
 
 
 
 
 
 
*****************
 
HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
HKU\Mcx1\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\NaiomiP\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\NaiomiP\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk => Moved successfully.
ShortcutTarget: Dropbox.lnk ->  (No File) not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}'=> Key not found.
HKLM\System\ControlSet001\Control\Session Manager\\BootExecute => Value was restored successfully.
C:\Windows\assembly\GAC_32\Desktop.ini => Moved successfully.
C:\$Recycle.Bin\S-1-5-18\$eb57cd9583c460645306a8cbc493a22c => Moved successfully.
C:\$Recycle.Bin\S-1-5-21-3094174547-28691812-3827549335-1000\$eb57cd9583c460645306a8cbc493a22c => Moved successfully.
C:\Users\NaiomiP\acrobat.exe => Moved successfully.
C:\Users\NaiomiP\AIO_CDB_Full_Network_enu_NB.exe => Moved successfully.
C:\Users\NaiomiP\BoxShot3DSetup.exe => Moved successfully.
C:\Users\NaiomiP\ctfmon.exe => Moved successfully.
C:\Users\NaiomiP\flashplayer.exe => Moved successfully.
C:\Users\NaiomiP\ie_noclick.js => Moved successfully.
C:\Users\Public\zbdjaw.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\ApnStub.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\dotNetFx40_Web_Setup.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\First15.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\FlashPlayerUpdate.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\InstallFlashPlayer.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\j0yuolxjqoftzpirw43pr.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\ooVooTBing.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\PreCheckAMAOL_010813233812.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\setup__1304.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\uninst1.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\UpdUninstall.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\VP6Install.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\VP6VFW.dll => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\YontooSetup-S.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\_is130D.exe => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\_is23DF.exe => Moved successfully.
 
==== End of Fixlog ====

  • 0

#5
JSntgRvr
Posted 19 July 2014 - 05:18 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts

Lets scan the computer.
 
Download TFC by OldTimer to your desktop
 

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.  Let it run uninterrupted to completion.

Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Download AdwCleaner from here or from here. Save the file to the desktop.
 
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
 
Close all open windows and browsers.XP users: Double click the AdwCleaner icon to start the program.

  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

AdwScan.jpg?
 

  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

adwcleaner_delete_restart.jpg
 

  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

bf_new.gif Please download Malwarebytes' Anti-Malware from Here
 
Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
 

  • Select the language and click OK.
  • Accept the agreement
  • Make sure a checkmark is placed next to Enable the Free Trial and Launch
  • Malwarebytes' Anti-Malware
  • , then click on finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Scan Now".
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quanrantee All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • Right click on your next reply and select Paste.

Submit your reply.

 
Extra Note:
 
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.
     

  • 0

#6
Nayshuemate
Posted 20 July 2014 - 03:36 AM

Nayshuemate

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Hi  Thank you.  Here is the AdwCleaner log:

 

# AdwCleaner v3.216 - Report created 20/07/2014 at 01:34:35
# Updated 17/07/2014 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : NaiomiP - NAYSNEWDREAM
# Running from : C:\Users\NaiomiP\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\Tarma Installer
[!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
[!] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
[!] Folder Deleted : C:\Program Files (x86)\fbphotozoom
[!] Folder Deleted : C:\Program Files (x86)\registry mechanic
[!] Folder Deleted : C:\Windows\BuzzSocialPointsChecker
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Local\PutLockerDownloader
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Local\SwvUpdater
[!] Folder Deleted : C:\Users\NaiomiP\AppData\LocalLow\Delta
[!] Folder Deleted : C:\Users\NaiomiP\AppData\LocalLow\Toolbar4
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Roaming\Babylon
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Roaming\Iminent
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Roaming\NCH Software
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\Extensions\[email protected]
[!] Folder Deleted : C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
File Deleted : C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\bProtector_extensions.rdf
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\searchplugins\delta.xml
File Deleted : C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\searchplugins\SearchTheWeb.xml
File Deleted : C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\user.js
File Deleted : C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\5a08fdfe669ee41
Key Deleted : HKLM\SOFTWARE\5a08fdfe669ee41
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16470

-\\ Mozilla Firefox v3.6.3 (en-US)

[ File : C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=16a6be20000000000000001f3c6bac68");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.iminent.com/?appId=31CB5F60-8FB1-4F21-8680-AD7AEED63466");
Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=16a6be20000000000000001f3c6bac68
Deleted [Homepage] : hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=16a6be20000000000000001f3c6bac68
Deleted [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl

*************************

AdwCleaner[R0].txt - [16466 octets] - [20/07/2014 01:26:41]
AdwCleaner[S0].txt - [11736 octets] - [20/07/2014 01:34:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11797 octets] ##########




Here is the Malwarebytes lst scan log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/20/2014
Scan Time: 2:06:51 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.20.02
Rootkit Database: v2014.07.17.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: NaiomiP

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356925
Time Elapsed: 15 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.FBPhotoZoom.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mpieaakhacmfleokhjcjnpcnmnmpfkid, Quarantined, [0fb3059c4c2f979fccc1a07e7a8a3cc4],
PUP.Optional.PricePeep.A, HKU\S-1-5-21-3094174547-28691812-3827549335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PricePeep, Quarantined, [249e3968abd0c571f95f4da0ee14fa06],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 9
Adware.HotBar.TVW, C:\Users\NaiomiP\AppData\Local\TeeveeWatchSA, Delete-on-Reboot, [586a3c65d4a7f046387690127092a858],
Adware.HotBar.TVW, C:\Users\NaiomiP\AppData\Local\TeeveeWatchSA\bin, Delete-on-Reboot, [586a3c65d4a7f046387690127092a858],
Adware.HotBar.TVW, C:\Users\NaiomiP\AppData\Local\TeeveeWatchSA\bin\1.0.8.0, Quarantined, [586a3c65d4a7f046387690127092a858],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid, Delete-on-Reboot, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0, Delete-on-Reboot, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\css, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\html, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],

Files: 21
Trojan.Agent.ED, C:\Users\NaiomiP\AppData\Roaming\mcafee.ini, Quarantined, [60620a977dfe42f42eae7d6944bc12ee],
Spyware.Zbot.ED, C:\Users\NaiomiP\Desktop\jkgc.tmp, Quarantined, [982a2879512a072f9749e00217e97e82],
Adware.HotBar.TVW, C:\Users\NaiomiP\AppData\Local\TeeveeWatchSA\bin\1.0.8.0\teeveewatchSAHook.dll, Quarantined, [586a3c65d4a7f046387690127092a858],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\manifest.json, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\css\style.css, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\html\background.html, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\back.png, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.128.png, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.16.png, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.48.png, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\icon.png, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\images\logo.png, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\background.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\cExtensionData.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Creative.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\delegate.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\EventLog.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\jquery-1.7.1.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Main.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\settings.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],
PUP.Optional.FBPhotoZoom, C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid\1.6_0\js\Storage.js, Quarantined, [a71ba0010675b87e6d9c8e29946e0df3],

Physical Sectors: 0
(No malicious items detected)

(end)




 


  • 0

#7
Nayshuemate
Posted 20 July 2014 - 03:50 AM

Nayshuemate

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Here is the FRST.TXT log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
Ran by NaiomiP (administrator) on NAYSNEWDREAM on 20-07-2014 02:40:16
Running from C:\Users\NaiomiP\Desktop
Platform: Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IDT, Inc.) C:\Windows\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Chicony) C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe
() C:\Program Files (x86)\PdaNet for iPhone\PdaNetPC.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
() C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe
(Twain Working Group) C:\Windows\twunk_32.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe
(Twain Working Group) C:\Windows\twunk_32.exe
(Twain Working Group) C:\Windows\twunk_32.exe
(Microsoft Corporation) C:\Windows\System32\RacAgent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (X86)\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1021488 2007-04-26] (Synaptics, Inc.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1460096 2007-02-05] (Microsoft Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] => sttray64.exe
HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Gateway\traybar.exe [638976 2007-09-13] (Chicony)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG8_TRAY] => C:\Program Files (x86)\AVG\AVG8\avgtray.exe [2048352 2010-07-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [38768 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2009-02-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [104408 2009-10-14] (PC Tools)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [429392 2010-01-07] (Malwarebytes Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-03-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [142120 2010-04-28] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Launcher] => %WINDIR%\SMINST\launcher.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [495616 2008-12-09] (Gadwin Systems, Inc)
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [22631608 2011-05-18] (ooVoo LLC)
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1602984 2013-02-25] (Valve Corporation)
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\Run: [Adobe CSx Manager] => C:\Users\NaiomiP\AppData\Roaming\81a0c5a1-0c05-4d69-9328-74a80976c6fcad\acacdacfcad.exe [106496 2013-04-22] ()
InvalidSubkeyName: [HKU\S-1-5-21-3094174547-28691812-3827549335-1000\Software\Microsoft\Windows\CurrentVersion\Run\410064006F00620065005500700064006100740065007200] <===== ATTENTION
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\MountPoints2: {208ab696-9720-11dd-a302-00e0b8fa1bf0} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\MountPoints2: {5cf55ac4-97cd-11dd-84be-00e0b8fa1bf0} - G:\WIN\setup.exe
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...\MountPoints2: {ec0058ed-09db-11e0-a71b-00e0b8fa1bf0} - G:\LapNetWizard.exe
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-3094174547-28691812-3827549335-1000\$eb57cd9583c460645306a8cbc493a22c\n. ATTENTION! ====> ZeroAccess?
AppInit_DLLs: avgrssta.dll => C:\Windows\system32\avgrssta.dll [12464 2009-08-24] (AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk
ShortcutTarget: Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk
ShortcutTarget: Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
Startup: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for iPhone\PdaNetPC.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6848
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x909E2AD90E72CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6848
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=PTB&M=M-6848
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...ys=PTB&M=M-6848
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} ->  No File
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} ->  No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {2EDF75C0-5ABD-49f9-BAB6-220476A32034} http://intel-drv-cdn...reqlab_srlx.cab
DPF: HKLM-x32 {304171C0-65EA-4B51-B5D9-93A311E26EB1} http://72.64.148.29:...b?dummy=5374821
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {87BE3784-6977-4E84-AA08-55A96B9CEAC5} http://druidphilip.v...m/bl_camera.cab
DPF: HKLM-x32 {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://webcam.modeem...sCamControl.cab
DPF: HKLM-x32 {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab
DPF: HKLM-x32 {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} https://remote-us.al...ble/iewiper.cab
DPF: HKLM-x32 {C32FE9F1-A857-48B0-B7BF-065B5792F28D} http://212.87.154.68...r/mpeg4_dec.cab
DPF: HKLM-x32 {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://www.yougamers...eminfo/FMSI.cab
DPF: HKLM-x32 {E008A543-CEFB-4559-912F-C27C2B89F13B} https://remote-us.al...intra/dwa7W.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.226

FireFox:
========
FF ProfilePath: C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default
FF NetworkProxy: "no_proxies_on", "*.local"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.1 - C:\Users\NaiomiP\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\NaiomiP\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-09]
FF Extension: AOL Toolbar - C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2013-02-10]
FF Extension: 1ClickMovieDownloader - C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\Extensions\[email protected] [2013-01-30]
FF Extension: FBPhotoZoom - C:\Users\NaiomiP\AppData\Roaming\Mozilla\Firefox\Profiles\l6hp1bs7.default\Extensions\[email protected] [2012-04-05]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-07-05]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-08-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-22]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=16a6be20000000000000001f3c6bac68"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\pdf.dll No File
CHR Plugin: (Iminent) - C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\4.43.0_0\npIminent.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Plugin) - C:\Users\NaiomiP\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
CHR Plugin: (Facebook Plugin) - C:\Users\NaiomiP\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-26]
CHR Extension: (Google Drive) - C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-26]
CHR Extension: (YouTube) - C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-26]
CHR Extension: (Google Search) - C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-26]
CHR Extension: (Search by Image (by Google)) - C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2013-01-26]
CHR Extension: (Gmail) - C:\Users\NaiomiP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-26]
CHR HKLM-x32\...\Chrome\Extension: [dhpigdnmefdjeemeldnnmbckmpogpbji] - C:\Program Files (x86)\1clickmoviedownloader.com\clickmoviedownloader10.crx [2013-01-26]

==================== Services (Whitelisted) =================

S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [284016 2008-08-15] (Adobe Systems Incorporated)
S3 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [25704 2010-09-13] (Amazon.com) [File not signed]
S2 avg8emc; C:\Program Files (x86)\AVG\AVG8\avgemc.exe [908056 2009-08-24] (AVG Technologies CZ, s.r.o.)
R2 avg8wd; C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe [297752 2009-08-24] (AVG Technologies CZ, s.r.o.)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
S4 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2009-10-14] (PC Tools)
R2 PDAgent; C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe [1476360 2009-08-23] (Raxco Software, Inc.)
S3 PDEngine; C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe [1471240 2009-08-23] (Raxco Software, Inc.)
S4 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

R1 AvgLdx64; C:\Windows\System32\Drivers\avgldx64.sys [427016 2009-08-24] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx64; C:\Windows\System32\Drivers\avgmfx64.sys [33416 2009-08-24] (AVG Technologies CZ, s.r.o.)
R0 AvgRkx64; C:\Windows\System32\Drivers\avgrkx64.sys [14856 2009-08-23] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiA; C:\Windows\System32\Drivers\avgtdia.sys [133640 2009-08-23] (AVG Technologies CZ, s.r.o.)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [123392 2007-11-09] (Option NV)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2007-11-09] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-11-09] (Option N.V.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2009-08-23] () [File not signed]
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [29704 2008-10-11] ()
S3 SWNC8U80; C:\Windows\System32\DRIVERS\swnc8u80.sys [196608 2008-01-10] (Sierra Wireless Inc.)
S3 SWUMX80; C:\Windows\System32\DRIVERS\swumx80.sys [191744 2008-01-10] (Sierra Wireless Inc.)
U3 a9omjbd1; C:\Windows\System32\Drivers\a9omjbd1.sys [0 ] (Microsoft Corporation)
S3 cpuz130; \??\C:\Users\NaiomiP\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X]
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [X]
S1 SASKUTIL; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\acpi.sys 1965AAFFAB07E3FB03C77F81BEBA3547
C:\Windows\System32\Drivers\adfs.sys 2F0683FD2DF1D92E891CACA14B45A8C1
C:\Windows\system32\drivers\adp94xx.sys F14215E37CF124104575073F782111D2
C:\Windows\system32\drivers\adpahci.sys 7D05A75E3066861A6610F7EE04FF085C
C:\Windows\system32\drivers\adpu160m.sys 820A201FE08A0C345B3BEDBC30E1A77C
C:\Windows\system32\drivers\adpu320.sys 9B4AB6854559DC168FBB4C24FC52E794
C:\Windows\system32\drivers\afd.sys C4F6CE6087760AD70960C9EB130E7943
C:\Windows\System32\DRIVERS\agrsm64.sys 3627A62B10284FFBF862BFD49928EDF4
C:\Windows\system32\drivers\agp440.sys F6F6793B7F17B550ECFDBD3B229173F7
C:\Windows\system32\drivers\djsvs.sys 222CB641B4B8A1D1126F8033F9FD6A00
C:\Windows\system32\drivers\aliide.sys 157D0898D4B73F075CE9FA26B482DF98
C:\Windows\system32\drivers\amdide.sys 970FA5059E61E30D25307B99903E991E
C:\Windows\System32\DRIVERS\amdk8.sys CDC3632A3A5EA4DBB83E46076A3165A1
C:\Windows\system32\drivers\arc.sys BA8417D4765F3988FF921F30F630E303
C:\Windows\system32\drivers\arcsas.sys 9D41C435619733B34CC16A511E644B11
C:\Windows\System32\DRIVERS\asyncmac.sys 22D13FF3DAFEC2A80634752B1EAA2DE6
C:\Windows\System32\drivers\atapi.sys E68D9B3A3905619732F7FE039466A623
C:\Windows\System32\Drivers\avgldx64.sys 276C5B14336452C8CE547ED5D00E0E62
C:\Windows\System32\Drivers\avgmfx64.sys B9C21C3753DCBCCAC6B62E1A560EB6F7
C:\Windows\System32\Drivers\avgrkx64.sys 56000E9D0BFFA9887FF33150966A118E
C:\Windows\System32\Drivers\avgtdia.sys 86D08CF28005F7F626A84D512F84D6C2
C:\Windows\System32\DRIVERS\b57nd60a.sys 1777E5AC9FC74F7991B2ABA25EA34759
C:\Windows\System32\DRIVERS\bcmwl664.sys A2160C5D70F3517FC7356B689ABD6FCD
C:\Windows\system32\drivers\blbdrive.sys 79FEEB40056683F8F61398D81DDA65D2
C:\Windows\System32\DRIVERS\bowser.sys 2348447A80920B2493A9B582A23E81E1
C:\Windows\system32\drivers\brfiltlo.sys ==> MD5 is legit
C:\Windows\system32\drivers\brfiltup.sys ==> MD5 is legit
C:\Windows\system32\drivers\brserid.sys F0F0BA4D815BE446AA6A4583CA3BCA9B
C:\Windows\system32\drivers\brserwdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbmdm.sys ==> MD5 is legit
C:\Windows\system32\drivers\brusbser.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys E0777B34E05F8A82A21856EFC900C29F
C:\Windows\System32\DRIVERS\cdfs.sys B4D787DB8D30793A4D4DF9FEED18F136
C:\Windows\System32\DRIVERS\cdrom.sys C025AA69BE3D0D25C7A2E746EF6F94FC
C:\Windows\system32\drivers\circlass.sys 02EA568D498BBDD4BA55BF3FCE34D456
C:\Windows\System32\CLFS.sys 3DCA9A18B204939CFB24BEA53E31EB48
C:\Windows\System32\DRIVERS\CmBatt.sys B52D9A14CE4101577900A364BA86F3DF
C:\Windows\system32\drivers\cmdide.sys E5D5499A1C50A54B5161296B6AFE6192
C:\Windows\System32\DRIVERS\compbatt.sys 7FB8AD01DB0EABE60C8A861531A8F431
C:\Windows\System32\drivers\crcdisk.sys A8585B6412253803CE8EFCBD6D6DC15C
C:\Windows\System32\Drivers\DefragFS.sys 4B5243361E9A85C27E88EF67D8916D3D
C:\Windows\System32\Drivers\dfsc.sys 8B722BA35205C71E7951CDC4CDBADE19
C:\Windows\System32\drivers\disk.sys B0107E40ECDB5FA692EBF832F295D905
C:\Windows\System32\DRIVERS\Dot4.sys 74C02B1717740C3B8039539E23E4B53F
C:\Windows\System32\DRIVERS\Dot4Prt.sys 08321D1860235BF42CF2854234337AEA
C:\Windows\System32\DRIVERS\dot4usb.sys 4ADCCF0124F2B6911D3786A5D0E779E5
C:\Windows\System32\drivers\drmkaud.sys F1A78A98CFC2EE02144C6BEC945447E6
C:\Windows\System32\drivers\dxgkrnl.sys B8E554E502D5123BC111F99D6A2181B4
C:\Windows\System32\DRIVERS\E1G6032E.sys 264CEE7B031A9D6C827F3D0CB031F2FE
C:\Windows\System32\drivers\ecache.sys 5F94962BE5A62DB6E447FF6470C4F48A
C:\Windows\system32\drivers\elxstor.sys C4636D6E10469404AB5308D9FD45ED07
C:\Windows\system32\DRIVERS\ENTECH64.sys 12C061D9F9621BE916D58191872EC281
C:\Windows\system32\drivers\errdev.sys BC3A58E938BB277E46BF4B3003B01ABD
C:\Windows\System32\Drivers\exfat.sys 486844F47B6636044A42454614ED4523
C:\Windows\System32\Drivers\fastfat.sys 1A4BEE34277784619DDAF0422C0C6E23
C:\Windows\System32\DRIVERS\fdc.sys 81B79B6DF71FA1D2C6D688D830616E39
C:\Windows\System32\drivers\fileinfo.sys 457B7D1D533E4BD62A99AED9C7BB4C59
C:\Windows\System32\drivers\filetrace.sys D421327FD6EFCCAF884A54C58E1B0D7F
C:\Windows\System32\DRIVERS\flpydisk.sys 230923EA2B80F79B0F88D90F87B87EBD
C:\Windows\System32\drivers\fltmgr.sys E3041BC26D6930D61F42AEDB79C91720
C:\Windows\System32\Drivers\Fs_Rec.sys 5779B86CD8B32519FBECB136394D946A
C:\Windows\system32\drivers\gagp30kx.sys C8E416668D3DC2BE3D4FE4C79224997F
C:\Windows\System32\Drivers\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Gt51Ip.sys 52B99DB6E15F2F1045EF3A41FBD19F39
C:\Windows\System32\DRIVERS\gt72ubus.sys 27CB1C36215DE1FC5171DC996C1DD46B
C:\Windows\System32\DRIVERS\gtptser.sys 261CD8A73E74B496C29007EA761CDA05
C:\Windows\System32\drivers\HdAudio.sys DF45F8142DC6DF9D18C39B3EFFBD0409
C:\Windows\System32\DRIVERS\HDAudBus.sys F942C5820205F2FB453243EDFEC82A3D
C:\Windows\system32\drivers\hidbth.sys B4881C84A180E75B8C25DC1D726C375F
C:\Windows\system32\drivers\hidir.sys 4E77A77E2C986E8F88F996BB3E1AD829
C:\Windows\System32\DRIVERS\hidusb.sys 443BDD2D30BB4F00795C797E2CF99EDF
C:\Windows\system32\drivers\hpcisss.sys D7109A1E6BD2DFDBCBA72A6BC626A13B
C:\Windows\System32\drivers\HTTP.sys 098F1E4E5C9CB5B0063A959063631610
C:\Windows\system32\drivers\i2omp.sys DA94C854CEA5FAC549D4E1F6E88349E8
C:\Windows\System32\DRIVERS\i8042prt.sys CBB597659A2713CE0C9CC20C88C7591F
C:\Windows\System32\DRIVERS\iaStor.sys CEB53BB804B41C52AB0782505C8E2994
C:\Windows\system32\drivers\iastorv.sys 3E3BF3627D886736D0B4E90054F929F6
C:\Windows\System32\DRIVERS\igdkmd64.sys F7AB8285BBECFAA5ED4050CCB89E073D
C:\Windows\system32\drivers\iirsp.sys 8C3951AD2FE886EF76C7B5027C3125D3
C:\Windows\System32\drivers\intelide.sys DF797A12176F11B2D301C5B234BB200E
C:\Windows\System32\DRIVERS\intelppm.sys BFD84AF32FA1BAD6231C4585CB469630
C:\Windows\System32\DRIVERS\ipfltdrv.sys D8AABC341311E4780D6FCE8C73C0AD81
C:\Windows\system32\drivers\ipmidrv.sys 9C2EE2E6E5A7203BFAE15C299475EC67
C:\Windows\System32\DRIVERS\ipnat.sys B7E6212F581EA5F6AB0C3A6CEEEB89BE
C:\Windows\System32\drivers\irenum.sys 8C42CA155343A2F11D29FECA67FAA88D
C:\Windows\system32\drivers\isapnp.sys 0672BFCEDC6FC468A2B0500D81437F4F
C:\Windows\System32\DRIVERS\msiscsi.sys E4FDF99599F27EC25D2CF6D754243520
C:\Windows\system32\drivers\iteatapi.sys 63C766CDC609FF8206CB447A65ABBA4A
C:\Windows\system32\drivers\iteraid.sys 1281FE73B17664631D12F643CBEA3F59
C:\Windows\System32\DRIVERS\kbdclass.sys 423696F3BA6472DD17699209B933BC26
C:\Windows\System32\DRIVERS\kbdhid.sys DBDF75D51464FBC47D0104EC3D572C05
C:\Windows\System32\Drivers\ksecdd.sys 88956AD9FA510848AD176777A6C6C1F5
C:\Windows\system32\drivers\ksthunk.sys 1D419CF43DB29396ECD7113D129D94EB
C:\Windows\System32\DRIVERS\lltdio.sys 96ECE2659B6654C10A0C310AE3A6D02C
C:\Windows\system32\drivers\lsi_fc.sys ACBE1AF32D3123E330A07BFBC5EC4A9B
C:\Windows\system32\drivers\lsi_sas.sys 799FFB2FC4729FA46D2157C0065B3525
C:\Windows\system32\drivers\lsi_scsi.sys F445FF1DAAD8A226366BFAF42551226B
C:\Windows\system32\drivers\luafv.sys 52F87B9CC8932C2A7375C3B2A9BE5E3E
C:\Windows\system32\drivers\mbam.sys F92B0E478C0FAA6D6661E6E977247E60
C:\Windows\system32\drivers\mwac.sys 3C88AB26DEDCD50396240CA37D5085AF
C:\Windows\system32\drivers\megasas.sys 5C5CD6AACED32FB26C3FB34B3DCF972F
C:\Windows\system32\drivers\megasr.sys 859BC2436B076C77C159ED694ACFE8F8
C:\Windows\System32\drivers\modem.sys 59848D5CC74606F0EE7557983BB73C2E
C:\Windows\System32\DRIVERS\monitor.sys C247CC2A57E0A0C8C6DCCF7807B3E9E5
C:\Windows\System32\DRIVERS\mouclass.sys 9367304E5E412B120CF5F4EA14E4E4F1
C:\Windows\System32\DRIVERS\mouhid.sys C2C2BD5C5CE5AAF786DDD74B75D2AC69
C:\Windows\System32\drivers\mountmgr.sys 11BC9B1E8801B01F7F6ADB9EAD30019B
C:\Windows\system32\drivers\mpio.sys F8276EB8698142884498A528DFEA8478
C:\Windows\System32\drivers\mpsdrv.sys C92B9ABDB65A5991E00C28F13491DBA2
C:\Windows\system32\drivers\mraid35x.sys 3C200630A89EF2C0864D515B7A75802E
C:\Windows\system32\drivers\mrxdav.sys 7C1DE4AA96DC0C071611F9E7DE02A68D
C:\Windows\System32\DRIVERS\mrxsmb.sys 1485811B320FF8C7EDAD1CAEBB1C6C2B
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3B929A60C833FC615FD97FBA82BC7632
C:\Windows\System32\DRIVERS\mrxsmb20.sys C64AB3E1F53B4F5B5BB6D796B2D7BEC3
C:\Windows\System32\drivers\msahci.sys 1AC860612B85D8E85EE257D372E39F4D
C:\Windows\system32\drivers\msdsm.sys 264BBB4AAF312A485F0E44B65A6B7202
C:\Windows\System32\Drivers\Msfs.sys 704F59BFC4512D2BB0146AEC31B10A7C
C:\Windows\System32\drivers\msisadrv.sys 00EBC952961664780D43DCA157E79B27
C:\Windows\System32\drivers\MSKSSRV.sys 0EA73E498F53B96D83DBFCA074AD4CF8
C:\Windows\System32\drivers\MSPCLOCK.sys 52E59B7E992A58E740AA63F57EDBAE8B
C:\Windows\System32\drivers\MSPQM.sys 49084A75BAE043AE02D5B44D02991BB2
C:\Windows\System32\Drivers\MsRPC.sys DC6CCF440CDEDE4293DB41C37A5060A5
C:\Windows\System32\DRIVERS\mssmbios.sys 855796E59DF77EA93AF46F20155BF55B
C:\Windows\System32\drivers\MSTEE.sys 86D632D75D05D5B7C7C043FA3564AE86
C:\Windows\System32\Drivers\mup.sys 0CC49F78D8ACA0877D885F149084E543
C:\Windows\System32\DRIVERS\nwifi.sys 2007B826C4ACD94AE32232B41F0842B9
C:\Windows\System32\drivers\ndis.sys 65950E07329FCEE8E6516B17C8D0ABB6
C:\Windows\System32\DRIVERS\ndistapi.sys 64DF698A425478E321981431AC171334
C:\Windows\System32\DRIVERS\ndisuio.sys 8BAA43196D7B5BB972C9A6B2BBF61A19
C:\Windows\System32\DRIVERS\ndiswan.sys F8158771905260982CE724076419EF19
C:\Windows\System32\Drivers\NDProxy.sys 9CB77ED7CB72850253E973A2D6AFDF49
C:\Windows\System32\DRIVERS\netbios.sys A499294F5029A7862ADC115BDA7371CE
C:\Windows\System32\DRIVERS\netbt.sys FC2C792EBDDC8E28DF939D6A92C83D61
C:\Windows\System32\DRIVERS\NETw4v64.sys 071FF34B560113790FE6E7EC0CEE67C5
C:\Windows\System32\DRIVERS\NETw5v64.sys 2BDCB7B7917380794C9D87AC2153CE33
C:\Windows\system32\drivers\nfrd960.sys 4AC08BD6AF2DF42E0C3196D826C8AEA7
C:\Windows\System32\Drivers\Npfs.sys B298874F8E0EA93F06EC40AA8D146478
C:\Windows\System32\drivers\nsiproxy.sys 1523AF19EE8B030BA682F7A53537EAEB
C:\Windows\System32\Drivers\Ntfs.sys BAC869DFB98E499BA4D9BB1FB43270E1
C:\Windows\System32\Drivers\Null.sys DD5D684975352B85B52E3FD5347C20CB
C:\Windows\system32\drivers\nvraid.sys 2C040B7ADA5B06F6FACADAC8514AA034
C:\Windows\system32\drivers\nvstor.sys F7EA0FE82842D05EDA3EFDD376DBFDBA
C:\Windows\system32\drivers\nv_agp.sys 19067CA93075EF4823E3938A686F532F
C:\Windows\System32\DRIVERS\ohci1394.sys 1B30103FDE512915A9214B108B6E7A9C
C:\Windows\system32\drivers\parport.sys AECD57F94C887F58919F307C35498EA0
C:\Windows\System32\drivers\partmgr.sys B43751085E2ABE389DA466BC62A4B987
C:\Windows\System32\drivers\pci.sys 47AB1E0FC9D0E12BB53BA246E3A0906D
C:\Windows\system32\drivers\pciide.sys 8D618C829034479985A9ED56106CC732
C:\Windows\system32\DRIVERS\pcmcia.sys A2D6B9C3F532BAA27CB0C158D8EF4DA6
C:\Windows\System32\drivers\peauth.sys 58865916F53592A61549B04941BFD80D
C:\Windows\System32\DRIVERS\pnetmdm64.sys 06841F5CD8410B6BDC0B5A631B8F8787
C:\Windows\System32\DRIVERS\point64k.sys 524AFD218390C4A8806B48CDFF54AD3A
C:\Windows\System32\DRIVERS\raspptp.sys 23386E9952025F5F21C368971E2E7301
C:\Windows\system32\drivers\processr.sys 5080E59ECEE0BC923F14018803AA7A01
C:\Windows\System32\DRIVERS\pacer.sys C5AB7F0809392D0DA027F4A2A81BFA31
C:\Windows\System32\Drivers\PxHlpa64.sys 901DBA98359966A62A6548596988E931
C:\Windows\system32\drivers\ql2300.sys 0B83F4E681062F3839BE2EC1D98FD94A
C:\Windows\system32\drivers\ql40xx.sys E1C80F8D4D1E39EF9595809C1369BF2A
C:\Windows\system32\drivers\qwavedrv.sys E8D76EDAB77EC9C634C27B8EAC33ADC5
C:\Windows\System32\DRIVERS\atikmdag.sys 2A09A6B271D1F50ADF5E33B37D460DE6
C:\Windows\System32\DRIVERS\rasacd.sys 1013B3B663A56D3DDD784F581C1BD005
C:\Windows\System32\DRIVERS\rasl2tp.sys AC7BC4D42A7E558718DFDEC599BBFC2C
C:\Windows\System32\DRIVERS\raspppoe.sys 4517FBF8B42524AFE4EDE1DE102AAE3E
C:\Windows\System32\DRIVERS\rassstp.sys C6A593B51F34C33E5474539544072527
C:\Windows\System32\DRIVERS\rdbss.sys 322DB5C6B55E8D8EE8D6F358B2AAABB1
C:\Windows\System32\DRIVERS\RDPCDD.sys 603900CC05F6BE65CCBF373800AF3716
C:\Windows\system32\drivers\rdpdr.sys C045D1FB111C28DF0D1BE8D4BDA22C06
C:\Windows\System32\drivers\rdpencdd.sys CAB9421DAF3D97B33D0D055858E2C3AB
C:\Windows\System32\Drivers\RDPWD.sys AE4BD9E1C33D351D8E607FC81F15160C
C:\Windows\System32\Drivers\RimUsb_AMD64.sys 5790BCA445CC40DF8B38C2C48608AAC2
C:\Windows\System32\Drivers\RootMdm.sys 6A0CF73B019CBC9255E23C9192EC3702
C:\Windows\System32\DRIVERS\rspndr.sys 22A9CB08B1A6707C1550C6BF099AAE73
C:\Windows\System32\DRIVERS\Rtlh64.sys DFADCAE64AEBE2C67DA9CD2AE74CCDE5
C:\Windows\System32\drivers\RTSTOR64.SYS 4AD8464FECE8EBE276D4A7D75E418452
C:\Windows\system32\drivers\sbp2port.sys CD9C693589C60AD59BBBCFB0E524E01B
C:\Windows\System32\DRIVERS\sdbus.sys B42EE50F7D24F837F925332EB349ECA5
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys F71BFE7AC6C52273B7C82CBF1BB2A222
C:\Windows\system32\drivers\serial.sys E62FAC91EE288DB29A9696A9D279929C
C:\Windows\system32\drivers\sermouse.sys A842F04833684BCEEA7336211BE478DF
C:\Windows\system32\drivers\sffdisk.sys 14D4B4465193A87C127933978E8C4106
C:\Windows\system32\drivers\sffp_mmc.sys 7073AEE3F82F3D598E3825962AA98AB2
C:\Windows\system32\drivers\sffp_sd.sys 35E59EBE4A01A0532ED67975161C7B82
C:\Windows\system32\drivers\sfloppy.sys 6B7838C94135768BD455CBDC23E39E5F
C:\Windows\system32\drivers\sisraid2.sys 7A5DE502AEB719D4594C6471060A78B3
C:\Windows\system32\drivers\sisraid4.sys 3A2F769FAB9582BC720E11EA1DFB184D
C:\Windows\System32\DRIVERS\smb.sys 290B6F6A0EC4FCDFC90F5CB6D7020473
C:\Windows\System32\Drivers\spldr.sys 386C3C63F00A7040C7EC5E384217E89D
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 880A57FCCB571EBD063D4DD50E93E46D
C:\Windows\System32\DRIVERS\srv2.sys A1AD14A6D7A37891FFFECA35EBBB0730
C:\Windows\System32\DRIVERS\srvnet.sys 4BED62F4FA4D8300973F1151F4C4D8A7
C:\Windows\System32\drivers\stwrt64.sys 5467347266CF34C157341670E8D64E7F
C:\Windows\System32\DRIVERS\serscan.sys 14B4DB4381E4A55F570D8BB699B791D6
C:\Windows\System32\DRIVERS\swenum.sys 8A851CA908B8B974F89C50D2E18D4F0C
C:\Windows\System32\drivers\swmsflt.sys 1C4EBD3E6CCE53586D58473524D54E50
C:\Windows\System32\DRIVERS\swnc8u80.sys F3A32A000429988C208294418A095418
C:\Windows\System32\DRIVERS\swumx80.sys FA51C68EB2625C03DAD443F821D3397C
C:\Windows\system32\drivers\symc8xx.sys 2F26A2C6FC96B29BEFF5D8ED74E6625B
C:\Windows\system32\drivers\sym_hi.sys A909667976D3BCCD1DF813FED517D837
C:\Windows\system32\drivers\sym_u3.sys 36887B56EC2D98B9C362F6AE4DE5B7B0
C:\Windows\System32\DRIVERS\SynTP.sys D9B5FE44B394C587BCE3CF9FA369AC64
C:\Windows\System32\drivers\tcpip.sys 0E970F59D7FBB838316176B19A2ADB82
C:\Windows\System32\DRIVERS\tcpip.sys 0E970F59D7FBB838316176B19A2ADB82
C:\Windows\System32\drivers\tcpipreg.sys C7E72A4071EE0200E3C075DACFB2B334
C:\Windows\System32\drivers\tdpipe.sys 1D8BF4AAA5FB7A2761475781DC1195BC
C:\Windows\System32\drivers\tdtcp.sys 7F7E00CDF609DF657F4CDA02DD1C9BB1
C:\Windows\System32\DRIVERS\tdx.sys 458919C8C42E398DC4802178D5FFEE27
C:\Windows\System32\DRIVERS\termdd.sys 8C19678D22649EC002EF2282EAE92F98
C:\Windows\System32\DRIVERS\tssecsrv.sys 9E5409CD17C8BEF193AAD498F3BC2CB8
C:\Windows\System32\DRIVERS\tunmp.sys 89EC74A9E602D16A75A4170511029B3C
C:\Windows\System32\DRIVERS\tunnel.sys 30A9B3F45AD081BFFC3BCAA9C812B609
C:\Windows\system32\drivers\uagp35.sys FEC266EF401966311744BD0F359F7F56
C:\Windows\System32\DRIVERS\udfs.sys FAF2640A2A76ED03D449E443194C4C34
C:\Windows\system32\drivers\uliagpkx.sys 4EC9447AC3AB462647F60E547208CA00
C:\Windows\system32\drivers\uliahci.sys 697F0446134CDC8F99E69306184FBBB4
C:\Windows\system32\drivers\ulsata.sys 31707F09846056651EA2C37858F5DDB0
C:\Windows\system32\drivers\ulsata2.sys 85E5E43ED5B48C8376281BAB519271B7
C:\Windows\System32\DRIVERS\umbus.sys 46E9A994C4FED537DD951F60B86AD3F4
C:\Windows\System32\DRIVERS\umpass.sys 01ABE05C401E70795B43A8933B44831E
C:\Windows\System32\Drivers\usbaapl64.sys 5CF1EAD086176DD3348E920A40BED03D
C:\Windows\System32\drivers\usbaudio.sys C6BA890DE6E41857FBE84175519CAE7D
C:\Windows\System32\DRIVERS\usbccgp.sys 07E3498FC60834219D2356293DA0FECC
C:\Windows\system32\drivers\usbcir.sys 9247F7E0B65852C1F6631480984D6ED2
C:\Windows\System32\DRIVERS\usbehci.sys 827E44DE934A736EA31E91D353EB126F
C:\Windows\System32\DRIVERS\usbhub.sys BB35CD80A2ECECFADC73569B3D70C7D1
C:\Windows\System32\DRIVERS\usbohci.sys 540B622DA0949695C40CDC9D5D497A8B
C:\Windows\System32\DRIVERS\usbprint.sys 28B693B6D31E7B9332C1BDCEFEF228C1
C:\Windows\System32\DRIVERS\usbscan.sys EA0BF666868964FBE8CB10E50C97B9F1
C:\Windows\System32\DRIVERS\USBSTOR.SYS B854C1558FCA0C269A38663E8B59B581
C:\Windows\System32\DRIVERS\usbuhci.sys B2872CBF9F47316ABD0E0C74A1ABA507
C:\Windows\System32\Drivers\usbvideo.sys FC33099877790D51B0927B7039059855
C:\Windows\System32\Drivers\UVCFTR_S.SYS FA3CA291F80EE13A1AC210492A7DFBB9
C:\Windows\System32\DRIVERS\vgapnp.sys 916B94BCF1E09873FFF2D5FB11767BBC
C:\Windows\System32\drivers\vga.sys B83AB16B51FEDA65DD81B8C59D114D63
C:\Windows\system32\drivers\viaide.sys 8294B6C3FDB6C33F24E150DE647ECDAA
C:\Windows\System32\drivers\volmgr.sys 2B7E885ED951519A12C450D24535DFCA
C:\Windows\System32\drivers\volmgrx.sys CEC5AC15277D75D9E5DEC2E1C6EAF877
C:\Windows\System32\drivers\volsnap.sys 582F710097B46140F5A89A19A6573D4B
C:\Windows\system32\drivers\vsmraid.sys A68F455ED2673835209318DD61BFBB0E
C:\Windows\system32\drivers\wacompen.sys FEF8FE5923FEAD2CEE4DFABFCE3393A7
C:\Windows\System32\DRIVERS\wanarp.sys B8E7049622300D20BA6D8BE0C47C0CFD
C:\Windows\System32\DRIVERS\wanarp.sys B8E7049622300D20BA6D8BE0C47C0CFD
C:\Windows\system32\drivers\wd.sys 0C17A0816F65B89E362E682AD5E7266E
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wmiacpi.sys E18AEBAAA5A773FE11AA2C70F65320F5
C:\Windows\System32\DRIVERS\wpdusb.sys 5E2401B3FC1089C90E081291357371A9
C:\Windows\system32\drivers\ws2ifsl.sys 8A900348370E359B6BFF6A550E4649E1
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\a9omjbd1.sys

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-20 02:40 - 2014-07-20 02:41 - 00047671 _____ () C:\Users\NaiomiP\Desktop\FRST.txt
2014-07-20 02:39 - 2014-07-20 02:39 - 02089984 _____ (Farbar) C:\Users\NaiomiP\Desktop\FRST64.exe
2014-07-20 02:06 - 2014-07-20 02:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 02:06 - 2014-07-20 02:06 - 00000912 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-20 02:06 - 2014-07-20 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 02:06 - 2014-07-20 02:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-20 02:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-20 02:06 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-20 02:04 - 2014-07-20 02:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\NaiomiP\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-20 01:27 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-20 01:26 - 2014-07-20 01:34 - 00000000 ____D () C:\AdwCleaner
2014-07-20 01:24 - 2014-07-20 01:24 - 01354223 _____ () C:\Users\NaiomiP\Desktop\AdwCleaner.exe
2014-07-19 17:18 - 2014-07-19 17:18 - 00448512 _____ (OldTimer Tools) C:\Users\NaiomiP\Desktop\TFC.exe
2014-07-18 17:51 - 2014-07-20 02:40 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

2014-07-20 02:41 - 2014-07-20 02:40 - 00047671 _____ () C:\Users\NaiomiP\Desktop\FRST.txt
2014-07-20 02:40 - 2014-07-18 17:51 - 00000000 ____D () C:\FRST
2014-07-20 02:39 - 2014-07-20 02:39 - 02089984 _____ (Farbar) C:\Users\NaiomiP\Desktop\FRST64.exe
2014-07-20 02:34 - 2014-07-20 02:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 02:32 - 2006-11-02 05:46 - 00756164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 02:30 - 2013-02-15 22:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 02:28 - 2010-03-31 03:05 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 02:25 - 2006-11-02 08:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 02:25 - 2006-11-02 08:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 02:25 - 2006-11-02 08:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 02:24 - 2008-01-20 20:26 - 00411938 _____ () C:\Windows\PFRO.log
2014-07-20 02:24 - 2006-11-02 06:34 - 00000000 ___RD () C:\Windows\Web
2014-07-20 02:23 - 2006-11-02 08:42 - 00032654 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 02:15 - 2008-05-25 23:21 - 01913627 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 02:06 - 2014-07-20 02:06 - 00000912 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-20 02:06 - 2014-07-20 02:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 02:06 - 2014-07-20 02:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-20 02:06 - 2010-01-16 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 02:04 - 2014-07-20 02:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\NaiomiP\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-20 01:52 - 2010-03-31 03:05 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 01:43 - 2013-03-30 11:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 01:34 - 2014-07-20 01:26 - 00000000 ____D () C:\AdwCleaner
2014-07-20 01:24 - 2014-07-20 01:24 - 01354223 _____ () C:\Users\NaiomiP\Desktop\AdwCleaner.exe
2014-07-19 17:31 - 2012-05-08 16:33 - 00003710 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{195CC4C3-F76E-4B66-8C94-3DD7836DD814}
2014-07-19 17:18 - 2014-07-19 17:18 - 00448512 _____ (OldTimer Tools) C:\Users\NaiomiP\Desktop\TFC.exe
2014-07-19 16:33 - 2008-10-07 22:53 - 00000000 ____D () C:\Users\NaiomiP
2014-07-19 15:53 - 2013-01-26 21:52 - 00001996 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-19 15:47 - 2010-03-31 03:05 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-19 15:47 - 2010-03-31 03:05 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-18 17:11 - 2010-09-02 14:00 - 00000000 ____D () C:\Users\NaiomiP\AppData\Roaming\Dropbox
2014-07-18 16:47 - 2011-02-12 16:28 - 00014257 _____ () C:\Windows\setupact.log

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

Some content of TEMP:
====================
C:\Users\NaiomiP\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {eef02835-067f-11dd-9216-de94fb8b63e0}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
resume                  No

Windows Boot Loader
-------------------
identifier              {572bcd55-ffa7-11d9-aae2-0007e994107d}
device                  partition=D:
path                    \windows\system32\boot\winload.exe
description             Recovery Manager
osdevice                partition=D:
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Microsoft Windows Vista
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {572bcd55-ffa7-11d9-aae2-0007e994107d}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {eef02835-067f-11dd-9216-de94fb8b63e0}
nx                      OptIn

Resume from Hibernate
---------------------
identifier              {eef02835-067f-11dd-9216-de94fb8b63e0}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

Windows Legacy OS Loader
------------------------
identifier              {ntldr}
device                  unknown
path                    \ntldr
description             Earlier Version of Windows

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

 

LastRegBack: 2014-07-20 02:33

==================== End Of Log ============================


Here is the ADDITION.TXT log:


 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2014
Ran by NaiomiP at 2014-07-20 02:41:54
Running from C:\Users\NaiomiP\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG Anti-Virus (Disabled - Up to date) {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
AS: AVG Anti-Virus (Disabled - Up to date) {B7F27160-B86D-C455-D0D1-307E04E5E53F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKLM-x32\...\uTorrent) (Version: 1.8.4 - )
2570 (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
2570_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
2570Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{6D8D64BE-F500-55B6-705D-DFD08AFE0624}) (Version: 1.7.186 - Adobe Systems Incorporated)
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.1.3 - Adobe Systems) Hidden
Adobe Acrobat 9.1.3 - CPSID_49522 (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000004}_913) (Version:  - Adobe Systems Incorporated)
Adobe After Effects CS3 (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Presets (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.1.8210 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.1.8210 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe Captivate 3 (HKLM-x32\...\{2E7B6B00-5ECD-49A1-8FD4-4B647C5D8027}) (Version: 3.0.0.0 - Adobe Systems, Inc.)
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS3 (x32 Version: 4.1 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS4 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_b2d6abde968e6f277ddbfd501383e02) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CS4 American English Speech Analysis Models (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS3 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 Codecs (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI en (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-en (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Video Encoder (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS4 (x32 Version: 14.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe OnLocation CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Functional Content (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.3 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe SGM CS4 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (x32 Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe SING CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS4 Codecs (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS4 Server (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP DVA Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advanced PDF to IMAGE converter 1.9.9.34 (HKLM-x32\...\Advanced PDF to IMAGE converter_is1) (Version: 1.9.9.34 - IntraPDF)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Alive HD Video Converter (version 1.2.6.8) (HKLM-x32\...\Alive HD Video Converter_is1) (Version:  - AliveMedia, Inc.)
Amazon Unbox Video (HKLM-x32\...\InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}) (Version: 2.1.0.126 - Amazon.com)
Amazon Unbox Video (x32 Version: 2.1.0.126 - Amazon.com) Hidden
Amnesia: The Dark Descent Demo  (HKLM-x32\...\Steam App 57310) (Version:  - )
Apple Application Support (HKLM-x32\...\{553255F3-78FD-40F1-A6F8-6882140265FE}) (Version: 1.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{404BB1FF-A84F-432F-B77B-301E88E8D1C7}) (Version: 3.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
Are You Smarter than a 5th Grader? (HKLM-x32\...\Steam App 12550) (Version:  - ValuSoft)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 4759644.48.2130567168.4759644 - Audible, Inc.)
Avery Wizard 3.1 (HKLM-x32\...\{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}) (Version: 3.1.5 - Avery)
AVG 8.5 (HKLM-x32\...\AVG8Uninstall) (Version:  - AVG Technologies)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bonjour (HKLM\...\{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}) (Version: 2.0.1.2 - Apple Inc.)
BookCoverPro (remove only) (HKLM-x32\...\BookCoverPro) (Version:  - )
Box Shot 3D (HKLM-x32\...\Box Shot 3D) (Version: 2.12 - www.BoxShot3D.com)
BufferChm (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Camera Assistant Software for Gateway (HKLM-x32\...\{39098402-3F7A-4257-A4AE-FC1181D1B40B}) (Version: 1.7.050.1029 - Chicony Electronics Co.,Ltd.)
Camtasia Studio 6 (HKLM-x32\...\{A589DA26-51BD-475D-8C32-E19E34145842}) (Version: 6.0.3 - TechSmith Corporation)
CoffeeCup Direct FTP (HKLM-x32\...\CoffeeCup Direct FTP 6.6.3) (Version: 6.6.3 - CoffeeCup Software, Inc.)
ComicRack v0.9.125 (HKLM\...\ComicRack) (Version: v0.9.125 - cYo Soft)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Copy (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.0.3925 - CyberLink Corp.)
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Demigod (HKLM-x32\...\Demigod) (Version:  - Stardock Entertainment, Inc.)
Demigod (x32 Version: 1.00 - Stardock Entertainment, Inc.) Hidden
DesignPro 5 eMedia  (HKLM-x32\...\InstallShield_{AD29A697-E023-48D4-B46E-2D58BAC7C063}) (Version: 5.2.1201 - Avery Dennison)
DesignPro 5 eMedia  (x32 Version: 5.2.1201 - Avery Dennison) Hidden
Destinations (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Driver Installer (HKLM\...\{4C00EC96-D644-41AD-91D3-A9CE4382C80E}) (Version: 2.2.0.536 - Option NV)
Dropbox (HKCU\...\Dropbox) (Version: 0.7.110 - )
Emicsoft MTS Converter (HKLM-x32\...\Emicsoft MTS Converter_is1) (Version:  - )
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Facebook Plug-In (HKCU\...\Facebook Plug-In) (Version:  - Facebook, Inc.)
Fax (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server US) (Version: 2.0.1.13 - MAGIX AG)
FOREXTrader (HKCU\...\998502f2522abe8d) (Version: 2.0.1.446 - FOREXTrader)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.17.0.1 - Futuremark Corporation)
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.4 - Gadwin Systems, Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.50 - WildTangent)
Gateway Recovery Center Installer (HKLM-x32\...\{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}) (Version: 1.01.044 - Gateway)
GearDrvs (x32 Version: 1.00.0000 - GEAR Software) Hidden
GIMP 2.6.7 (HKLM-x32\...\WinGimp-2.0_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 4.0.0.320 (HKCU\...\GoToMeeting) (Version:  - )
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photosmart Essential (HKLM-x32\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Update (HKLM-x32\...\{8C6027FD-53DC-446D-BB75-CACD7028A134}) (Version: 4.000.005.006 - Hewlett-Packard)
HPProductAssistant (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}) (Version: 2.1.3.0000 - Hewlett Packard Development Company L.P.)
I-Doser Premium (HKLM-x32\...\I-Doser) (Version: 5.0 - I-Doser.com)
IDT Audio (HKLM-x32\...\{07D8511D-C9FE-4A93-933F-EAA5C8F20095}) (Version: 5.10.5303.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{9E5A03E3-6246-4920-9630-0527D5DA9B07}) (Version: 009.000.0002 - Vantage Linguistics)
iTunes (HKLM\...\{96D5EB02-DE18-4DCD-A713-929B4461CA8D}) (Version: 9.1.1.12 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.230 - Sun Microsystems, Inc.)
Java™ 6 Update 5 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160050}) (Version: 1.6.0.50 - Sun Microsystems, Inc.)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.0.2212 - CyberLink Corp.)
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
MAGIX Music Maker 14 Producer Edition Download version 13.0.2.1 (US) (HKLM-x32\...\MAGIX Music Maker 14 Producer Edition Download version US) (Version: 13.0.2.1 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (US) (HKLM-x32\...\MAGIX Screenshare US) (Version: 4.3.6.1987 - MAGIX AG)
Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version:  - Malwarebytes Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 82.0.174.000 - Hewlett-Packard) Hidden
Media Lab SiteGrinder 2 (Basic & Pro) (HKLM-x32\...\SiteGrinder2) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.1.54.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 6.1 (HKLM\...\{AD5BAA95-657F-4D81-8E07-D0882C2E8985}) (Version: 6.10.156.0 - Microsoft)
Microsoft Money Essentials (HKLM-x32\...\Money2007b) (Version: 16 - Microsoft)
Microsoft Money Shared Libraries (x32 Version: 16.0.0.705 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft UI Engine (x32 Version: 4.0.0318.1 - Microsoft Corporation) Hidden
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Motorola Driver Installation (HKLM\...\{19E74155-1CA2-4807-9BF5-1AAB4F876E1A}) (Version: 2.8.0 - Motorola Inc.)
Mozilla Firefox (3.6.3) (HKLM-x32\...\Mozilla Firefox (3.6.3)) (Version: 3.6.3 (en-US) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NewsLeecher v4.0 Final (HKLM-x32\...\NewsLeecher_is1) (Version:  - )
Nokia Connectivity Adapter Cable DKU-5 (HKLM-x32\...\{F1BA3CD5-89DC-4273-8603-A75F33E9B335}) (Version:  - )
office Convert Pdf to Jpg Jpeg Tiff Free 4.9 (HKLM-x32\...\office Convert Pdf to Jpg Jpeg Tiff Free_is1) (Version:  - Officeconvert Software, Inc.)
OmniFormat (HKLM-x32\...\OmniFormat) (Version:  - )
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.0.4039 - ooVoo LLC.)
PdaNet Desktop (64 bit) for iPhone 1.54 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )
PerfectDisk 10 Professional (HKLM\...\{7B738CD9-D107-48C7-8E65-2E6639A39C8D}) (Version: 10.0.93 - Raxco Software Inc.)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 4.1.0.11 - Nitro PDF Software)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
QuickTime (HKLM-x32\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
Registry Mechanic 9.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 9.0 - PC Tools)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Scan (x32 Version: 8.1.0.0 - Hewlett-Packard) Hidden
Scrabble® 2003 Edition (HKLM-x32\...\Scrabble® 2003 Edition) (Version:  - Ubi Soft)
Scrabble™ Interactive 2009 Edition (HKLM-x32\...\Scrabble™ Interactive 2009 Edition_is1) (Version:  - )
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Snagit 10 (HKLM-x32\...\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}) (Version: 10.0.0 - TechSmith Corporation)
SolutionCenter (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
SONAR 8 Producer Edition Trial x64 (HKLM-x32\...\SONAR8Producerx64Trial_is1) (Version: 17.0 - Cakewalk Music Software)
Status (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPER © Version 2009.bld.36 (June 10, 2009) (HKLM-x32\...\SUPER ©) (Version: Version 2009.bld.36 (June 10, 2009) - eRightSoft)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version:  - NCH Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.2.3.0 - Synaptics)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
TEAC P-55 Drivers (HKLM-x32\...\TEAC P-55 Drivers) (Version:  - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Journey Down: Chapter One (HKLM-x32\...\Steam App 220090) (Version:  - )
The Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )
Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - )
TrayApp (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
Turbo Tax Audit Support Center 3.0 (HKLM-x32\...\{E371C150-A9F1-49CE-ACC1-51AEFD01C1D4}_is1) (Version:  - Turbo Tax)
TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version:  - Intuit, Inc)
TurboTax 2009 WinPerFedFormset (x32 Version: 009.000.1925 - Intuit Inc.) Hidden
TurboTax 2009 WinPerReleaseEngine (x32 Version: 009.000.0316 - Intuit Inc.) Hidden
TurboTax 2009 WinPerTaxSupport (x32 Version: 009.000.0234 - Intuit Inc.) Hidden
TurboTax 2009 wlaiper (x32 Version: 009.000.0675 - Intuit Inc.) Hidden
TurboTax 2009 wrapper (x32 Version: 009.000.0145 - Intuit Inc.) Hidden
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.4012 - Intuit Inc.) Hidden
TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0457 - Intuit Inc.) Hidden
TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0213 - Intuit Inc.) Hidden
TurboTax 2010 wlaiper (x32 Version: 010.000.1231 - Intuit Inc.) Hidden
TurboTax 2010 wneiper (x32 Version: 010.000.1183 - Intuit Inc.) Hidden
TurboTax 2010 wrapper (x32 Version: 010.000.0157 - Intuit Inc.) Hidden
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2011 WinPerFedFormset (x32 Version: 011.000.2999 - Intuit Inc.) Hidden
TurboTax 2011 WinPerReleaseEngine (x32 Version: 011.000.0474 - Intuit Inc.) Hidden
TurboTax 2011 WinPerTaxSupport (x32 Version: 011.000.0214 - Intuit Inc.) Hidden
TurboTax 2011 wrapper (x32 Version: 011.000.0121 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version:  - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2013 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179 - Intuit Inc.) Hidden
TurboTax 2012 wlaiper (x32 Version: 012.000.1351 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{525A4A44-8940-40AD-ABA0-14501199D2F0}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F5F9C863-59A7-40CA-8D86-E27D6B1D2617}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Ustream Producer (HKLM-x32\...\{D4E1337F-E914-45B1-8B45-8D0FEEB8221F}) (Version: 1.0.0018 - Ustream)
Virtual Hypnotist 5.8 (HKLM-x32\...\Virtual Hypnotist) (Version: 5.8 - FollowTheWatch Software)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.)
WebReg (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Messenger (HKLM-x32\...\{571700F0-DB9D-4B3A-B03D-35A14BB5939F}) (Version: 8.1.0178.00 - Microsoft Corporation)
WinFF 1.2 (HKLM-x32\...\WinFF_is1) (Version:  - WinFF.org)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
Xilisoft DVD Creator 6 (HKLM-x32\...\Xilisoft DVD Creator 6) (Version: 6.1.1.0610 - Xilisoft)
Xilisoft HD Video Converter (HKLM-x32\...\Xilisoft HD Video Converter) (Version: 5.1.17.1114 - Xilisoft)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zumas Revenge! - Adventure (HKLM-x32\...\Zumas Revenge! - Adventure_is1) (Version:  - )

==================== Restore Points  =========================

==================== Hosts content: ==========================

2009-09-12 09:10 - 2009-10-06 20:05 - 00000798 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1       activate.adobe.com
127.0.0.1 update.adobe.com

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0BAABFA6-B371-4395-B349-3A51BB343EC5} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - NaiomiP => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {0BF6E3E8-2551-41BE-818E-CEC2B93B1E16} - System32\Tasks\{8B9D4F02-EA98-40D0-8F9E-A6DB2E4691E4} => Iexplore.exe http://ui.skype.com/...led;madedefault
Task: {145946CD-C4B6-4E42-8C24-3E59CC23F266} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-31] (Google Inc.)
Task: {17A09D24-AEDE-444C-AFF4-CAD15BCC292B} - System32\Tasks\4866 => Wscript.exe C:\Users\NaiomiP\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1D059C7B-3FAC-4E29-8122-8F8E869A9F39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-31] (Google Inc.)
Task: {1F71EFFB-D324-4B63-95C6-048EEFDB599E} - System32\Tasks\{CCD25E0D-82E6-40DF-9626-80CBB5277932} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {2CA3FDFC-8A11-437D-B784-5D66B583E236} - System32\Tasks\{0C6D4613-3397-4D81-BC0C-56585C5F3235} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {47562A88-C51C-4FD7-9DE1-E369959B0282} - System32\Tasks\RunAsStdUser Task => C:\Users\NaiomiP\AppData\Local\teeveewatchSA\bin\1.0.8.0\TeeveeWatchSA.exe
Task: {4CF78256-F7F3-4C93-8231-69965780DE61} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {7D347B47-7B15-46FD-B3BB-1D7D8CA9E1F6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {A999AF39-D029-465A-86B8-9AAD6C0AC752} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-11] (Adobe Systems Incorporated)
Task: {B150C832-77B7-4EBB-8E00-5E884D39444F} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {CA98A957-508B-45FC-813D-F4278ABCF225} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2007-02-05] (Microsoft Corporation)
Task: {D51F323C-92BE-48EE-B671-4BAD135EE5B0} - System32\Tasks\{9A282CAF-EC34-454B-95A6-14B483FA253D} => Iexplore.exe http://ui.skype.com/...;toolbaroffered
Task: {E09F8399-DAC8-4C0E-B9BA-CBDFD029F2C0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {E63A7DD8-918F-4B57-8B6E-8EBDC0F4F869} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-09-18 10:05 - 2006-10-19 19:44 - 00047616 _____ () C:\Windows\System32\pdf995mon64.dll
2009-08-12 10:37 - 2009-04-23 20:19 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2010-06-08 02:06 - 2010-04-08 14:03 - 00214480 _____ () C:\Program Files (x86)\PdaNet for iPhone\PdaNetPC.exe
2008-05-25 23:32 - 2007-09-27 16:27 - 04839936 _____ () C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
2010-02-05 13:02 - 2010-02-05 13:02 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-02-05 13:02 - 2010-02-05 13:02 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2011-04-03 14:25 - 2011-04-03 14:25 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2010-03-15 14:57 - 2010-03-15 14:57 - 00067872 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2014 02:29:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/20/2014 02:26:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/20/2014 01:34:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/20/2014 01:14:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2014 05:26:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\NAIOMIP\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\5V0XX1JE\IMG_4717[1].JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (07/19/2014 05:26:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\NAIOMIP\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\A95N9VUU\IMG_5063[1].JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (07/19/2014 05:26:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\NAIOMIP\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\A95N9VUU\IMG_5061[1].JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (07/19/2014 05:26:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\NAIOMIP\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\AUCS3IU1\IMG_0761[1].JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (07/19/2014 05:26:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\NAIOMIP\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\CH7U7IKO\IMG_4729[1].JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (07/19/2014 05:26:59 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\NAIOMIP\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\CTVPNU6H\IMG_5679[1].JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

System errors:
=============
Error: (07/20/2014 02:34:43 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: MBAMWebAccessControlBFE

Error: (07/20/2014 02:34:43 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: MBAMWebAccessControlBFE

Error: (07/20/2014 02:26:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: SASKUTIL

Error: (07/20/2014 02:26:19 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: IPsec Policy AgentBFE

Error: (07/20/2014 02:26:19 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Error: (07/20/2014 02:26:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Computer Browser%%1060

Error: (07/20/2014 02:23:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/20/2014 01:34:09 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: SASKUTIL

Error: (07/20/2014 01:34:09 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: IPsec Policy AgentBFE

Error: (07/20/2014 01:34:09 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE

Microsoft Office Sessions:
=========================
Error: (05/18/2010 06:08:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2491 seconds with 600 seconds of active time.  This session ended with a crash.

Error: (05/18/2010 01:50:58 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 62 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (05/14/2010 00:44:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8123 seconds with 960 seconds of active time.  This session ended with a crash.

Error: (05/13/2010 06:24:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 52771 seconds with 7560 seconds of active time.  This session ended with a crash.

Error: (05/13/2010 01:17:57 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/13/2010 01:17:21 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 74533 seconds with 4020 seconds of active time.  This session ended with a crash.

Error: (05/12/2010 01:38:55 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 375 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (03/20/2010 03:27:21 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2920 seconds with 660 seconds of active time.  This session ended with a crash.

Error: (10/15/2009 01:56:51 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1601 seconds with 0 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2014-07-20 02:41:45.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:45.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:45.154
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:44.920
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:44.530
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:44.296
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:44.047
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:43.766
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:09.555
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-20 02:41:09.274
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 4085.5 MB
Available physical RAM: 2293.54 MB
Total Pagefile: 8348.27 MB
Available Pagefile: 6519.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Partition_1) (Fixed) (Total:217.2 GB) (Free:43.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:15.69 GB) (Free:7.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 8BED7DCA)
Partition 1: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=217 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Here is the SHORTCUTS.TXT log:

 

Users shortcut scan result (x64) Version: 19-07-2014
Ran by NaiomiP at 2014-07-20 02:43:06
Running from C:\Users\NaiomiP\Desktop
Boot Mode: Normal
==================== Shortcuts =============================

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\SUPER ©.lnk -> C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk -> C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\HDConverter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk -> C:\Program Files (x86)\HP\Digital Imaging\DocProc\regipe.exe (I.R.I.S. SA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Money Essentials.lnk -> C:\Program Files (x86)\Microsoft Money 2007\MNYCoreFiles\msmoney.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk -> C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works Task Launcher.lnk -> C:\Program Files (x86)\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero Internet.lnk -> C:\Program Files (x86)\NetZero\NetZeroHSSetup.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectDisk 10.lnk -> C:\Windows\Installer\{7B738CD9-D107-48C7-8E65-2E6639A39C8D}\MenuStartPD10_7B738CD9D10748C78E652E6639A39C8D.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER ©.lnk -> C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk -> C:\Program Files\Windows Calendar\WinCal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk -> C:\Program Files\Windows Collaboration\WinCollab.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk -> C:\Program Files (x86)\Windows Mail\wab.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\Movie Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Windows\Installer\{571700F0-DB9D-4B3A-B03D-35A14BB5939F}\MsblIco.Exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk -> C:\Program Files\Movie Maker\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk -> C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Check for Updates.lnk -> C:\Program Files (x86)\Xvid\autoupdate-windows.exe (Xvid Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Release Notes.lnk -> C:\Program Files (x86)\Xvid\releasenotes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Uninstall Xvid Video Codec.lnk -> C:\Program Files (x86)\Xvid\uninstall.exe (Xvid Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Xvid MiniConvert.lnk -> C:\Program Files (x86)\Xvid\MiniConvert.exe (Xvid Solutions)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's FourCC Changer.lnk -> C:\Program Files (x86)\Xvid\AviC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Nic's MiniCalc.lnk -> C:\Program Files (x86)\Xvid\MiniCalc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\Some Quantization Matrices.lnk -> C:\Program Files (x86)\Xvid\Xvid_Quant_Matrices.zip ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader 2.1.lnk -> C:\Program Files (x86)\Xvid\StatsReader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\StatsReader Notes.lnk -> C:\Program Files (x86)\Xvid\statsreader.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Uninstall WinFF.lnk -> C:\Program Files (x86)\WinFF\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\WinFF.lnk -> C:\Program Files (x86)\WinFF\winff.exe (WinFF.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\Change Log.lnk -> C:\Program Files (x86)\WinFF\Docs\changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\Docs - Catalan.lnk -> C:\Program Files (x86)\WinFF\Docs\WinFF.ca.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\Docs - Dutch.lnk -> C:\Program Files (x86)\WinFF\Docs\WinFF.nl.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\Docs - English.lnk -> C:\Program Files (x86)\WinFF\Docs\WinFF.en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\Docs - French.lnk -> C:\Program Files (x86)\WinFF\Docs\WinFF.fr.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\Docs - Spanish.lnk -> C:\Program Files (x86)\WinFF\Docs\WinFF.es.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\FFmpeg Documentation.lnk -> C:\Program Files (x86)\WinFF\Docs\ffmpeg-doc.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\FFPlay Documentation.lnk -> C:\Program Files (x86)\WinFF\Docs\ffplay-doc.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\License.lnk -> C:\Program Files (x86)\WinFF\Docs\License.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\README FFmpeg.lnk -> C:\Program Files (x86)\WinFF\Docs\README-FFmpeg.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\README Presets.lnk -> C:\Program Files (x86)\WinFF\Docs\README-Presets.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFF\Docs\README.lnk -> C:\Program Files (x86)\WinFF\Docs\README.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Hypnotist\ColorTunnel.lnk -> C:\Program Files (x86)\Virtual Hypnotist\colortunnel\ColorTunnel.exe (FollowTheWatch Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Hypnotist\Package Installer.lnk -> C:\Program Files (x86)\Virtual Hypnotist\VHPack.exe (FollowTheWatch Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Hypnotist\Release Notes.lnk -> C:\Program Files (x86)\Virtual Hypnotist\readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Hypnotist\Uninstall.lnk -> C:\Program Files (x86)\Virtual Hypnotist\uninst.exe (FollowTheWatch Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Hypnotist\Users Guide.lnk -> C:\Program Files (x86)\Virtual Hypnotist\vh.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Hypnotist\Virtual Hypnotist.lnk -> C:\Program Files (x86)\Virtual Hypnotist\VH.exe (FollowTheWatch Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Hypnotist\Website.lnk -> C:\Program Files (x86)\Virtual Hypnotist\Virtual Hypnotist.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ustream\Ustream Producer\Ustream Producer.lnk -> C:\Windows\Installer\{D4E1337F-E914-45B1-8B45-8D0FEEB8221F}\_5CFF691DDD1CDDBE8A0933.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Scrabble 2003 Edition\Read Me.lnk -> C:\Program Files (x86)\Ubi Soft\Scrabble 2003 Edition\Read Me\eng\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Scrabble 2003 Edition\ubi.com.lnk -> C:\Program Files (x86)\Ubi Soft\Scrabble 2003 Edition\ubi.com.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Scrabble 2003 Edition\Uninstall Scrabble® 2003 Edition.lnk -> C:\Program Files (x86)\Ubi Soft\Scrabble 2003 Edition\UNWISE.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2012\TurboTax 2012.lnk -> C:\Windows\Installer\{F014B696-28C5-4554-802F-A15380418F53}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2011\TurboTax 2011.lnk -> C:\Windows\Installer\{E463E171-4082-4744-A466-F7CBE8502789}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2010\TurboTax 2010.lnk -> C:\Windows\Installer\{A525E00B-6609-442E-9DCD-64453C233E8D}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2009\TurboTax 2009.lnk -> C:\Windows\Installer\{38975F50-EAA2-012B-ADB4-000000000000}\TurboTax.exe (Intuit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbo Tax Audit Support Center\Turbo Tax Audit Support Center.lnk -> C:\Program Files (x86)\Turbo Tax Audit Support Center\Turbo Tax Audit Support Center.exe (Turbo Tax                           )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter\Switch Sound File Converter Help.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\Help\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switch Sound File Converter\Switch Sound File Converter.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © Version 2009.bld.36 (June 10, 2009)\SUPER ©.lnk -> C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.lnk -> C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientSystemTray.exe (Amazon.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software995\OmniFormat.lnk -> C:\Program Files (x86)\omniformat\OmniFormat.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software995\Pdf995 Readme.lnk -> C:\Program Files (x86)\pdf995\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 10\Snagit 10 Editor.lnk -> C:\Windows\Installer\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}\Icon0E6ED660.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 10\Snagit 10.lnk -> C:\Windows\Installer\{5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}\Icon0E6ED660.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek USB 2.0 Card Reader Software\Uninstall Realtek USB 2.0 Card Reader Software.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe (Macrovision Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\QuickPar.lnk -> C:\Program Files (x86)\QuickPar\QuickPar.exe (Peter B Clements)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\Uninstall.lnk -> C:\Program Files (x86)\QuickPar\uninst.exe (Peter B Clements)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar\Website.lnk -> C:\Program Files (x86)\QuickPar\QuickPar.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for iPhone\PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for iPhone\PdaNetPC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PdaNet for iPhone\Uninstall PdaNet.lnk -> C:\Program Files (x86)\PdaNet for iPhone\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo\ooVoo.lnk -> C:\Program Files (x86)\ooVoo\ooVoo.exe (ooVoo LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\office Convert Pdf to Jpg Jpeg Tiff Free\License Agreement.lnk -> C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free\LICENSE.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\office Convert Pdf to Jpg Jpeg Tiff Free\office Convert Pdf to Jpg Jpeg Tiff Free on the Web.lnk -> C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free\Convert.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\office Convert Pdf to Jpg Jpeg Tiff Free\office Convert Pdf to Jpg Jpeg Tiff Free.lnk -> C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free\Converter.exe (officeconvert)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\office Convert Pdf to Jpg Jpeg Tiff Free\Order.lnk -> C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free\Order.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\office Convert Pdf to Jpg Jpeg Tiff Free\Uninstall office Convert Pdf to Jpg Jpeg Tiff Free.lnk -> C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher\NewsLeecher.lnk -> C:\Program Files (x86)\NewsLeecher\newsLeecher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Switch Sound File Converter.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multimedia\Xilisoft\DVD Creator 6\Uninstall.lnk -> C:\Program Files (x86)\Xilisoft\DVD Creator 6\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multimedia\Xilisoft\DVD Creator 6\Xilisoft DVD Creator 6 Help.lnk -> C:\Program Files (x86)\Xilisoft\DVD Creator 6\help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multimedia\Xilisoft\DVD Creator 6\Xilisoft DVD Creator 6.lnk -> C:\Program Files (x86)\Xilisoft\DVD Creator 6\SplashScreen.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Driver Installer\Motorola Driver Installer.exe.lnk -> C:\Windows\Installer\{19E74155-1CA2-4807-9BF5-1AAB4F876E1A}\_4FE187E713AFAEE4626B39.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Driver Installer\Motorola License Agreement.rtf.lnk -> C:\Windows\Installer\{19E74155-1CA2-4807-9BF5-1AAB4F876E1A}\_41D03530D182E4D5717F48.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Driver Installer\Utilities\USB Serial Numbers Ignore.lnk -> C:\Windows\Installer\{19E74155-1CA2-4807-9BF5-1AAB4F876E1A}\_55D45F7FFC7975F19FE63B.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Driver Installer\Utilities\usblan_ifconfig.exe.lnk -> C:\Windows\Installer\{19E74155-1CA2-4807-9BF5-1AAB4F876E1A}\_4F692ACF57544712E78D04.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Driver Installer\Release Notes\Motorola Driver Installer Release Notes.doc.lnk -> C:\Windows\Installer\{19E74155-1CA2-4807-9BF5-1AAB4F876E1A}\_8DDF21EEEA6EF762D13023.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Getting Started.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\gtngstrtd.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Calendar.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Database.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Portfolio.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Spreadsheet.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Task Launcher.lnk -> C:\Program Files (x86)\Microsoft Works\MSWorks.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works\Microsoft Works Word Processor.lnk -> C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe (Microsoft® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office - 60 Day Trial.lnk -> C:\Program Files (x86)\Microsoft Office Suite Activation Assistant\OAA.exe (Digital River Inc. )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Rise of Nations Gold\Rise of Nations Gold Readme.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\ReadmeX.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Rise of Nations Gold\Rise of Nations Gold.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe (Big Huge Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware Help.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes' Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Uninstall Malwarebytes' Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Problem Reports and Solutions.lnk -> C:\Windows\System32\wercon.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\MAGIX Screenshare.lnk -> C:\Program Files (x86)\MAGIX\PCVisit\Screenshare.exe (pcvisit software ag)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\Service and Support\MAGIX Online Services.lnk -> C:\ProgramData\MAGIX\Common\Online Services Info\index_0409.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\Service and Support\support.lnk -> C:\Program Files (x86)\MAGIX\PCVisit\support.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Screenshare\Service and Support\uninstall MAGIX Screenshare.lnk -> C:\Program Files (x86)\MAGIX\PCVisit\unwise.exe (MAGIX AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\MAGIX Music Editor 2.0.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\musiceditor\MusicEditor.exe (MAGIX AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\MAGIX Music Maker 14 Producer Edition Download version.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\MusicMaker.exe (MAGIX AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Service and Support\license conditions.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Service and Support\MAGIX Online Services.lnk -> C:\ProgramData\MAGIX\Common\Online Services Info\index_0409.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Service and Support\register.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\register.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Service and Support\support.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\support.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Service and Support\uninstall MAGIX Music Maker 14 Producer Edition Download version.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\unwise.exe (MAGIX AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Order\order.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\order.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Documentation\MAGIX Music Editor 2.0 help.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\musiceditor\musiceditor.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Documentation\MAGIX Music Maker 14 Producer Edition Download version help.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\MusicMaker.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Documentation\MAGIX Music Maker 14 Producer Edition Download version manual.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\Manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Windows\Installer\{96D5EB02-DE18-4DCD-A713-929B4461CA8D}\iTunesIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntraPDF\Advanced PDF to IMAGE converter\Help .lnk -> C:\Program Files (x86)\Advanced PDF to IMAGE converter\pdf2image.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntraPDF\Advanced PDF to IMAGE converter\PDF to IMAGE.lnk -> C:\Program Files (x86)\Advanced PDF to IMAGE converter\pdf2image.exe (IntraPDF)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IntraPDF\Advanced PDF to IMAGE converter\Purchase.lnk -> C:\Program Files (x86)\Advanced PDF to IMAGE converter\Register.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager\Help.lnk -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Shell_ENU.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager\Intel Matrix Storage Console.lnk -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Shell.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager\Readme.lnk -> C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager\Uninstall.lnk -> C:\Windows\System32\Imsmudlg.exe (Intel® Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I-Doser Premium\I-Doser Premium.lnk -> C:\Program Files (x86)\I-Doser Premium\IDoser.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I-Doser Premium\Uninstall I-Doser Premium.lnk -> C:\Program Files (x86)\I-Doser Premium\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\HP_IZE.exe (Hewlett-Packard, Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Product Assistant.lnk -> C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbui.exe (Hewlett-Packard Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\HP\HP Software Update\HPWUCli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\Shop for HP Supplies.lnk -> C:\Program Files (x86)\HP\hpqSSupply.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential\Enable HP Product Improvement Data Collection.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\UserTrackUtility.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential\HP Photosmart Essential.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\HP_IZE.exe (Hewlett-Packard, Co.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 2570 series\Help.lnk -> C:\Program Files (x86)\HP\Digital Imaging\Help\aio23.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 2570 series\Product Support Website.lnk -> C:\Program Files (x86)\HP\Digital Imaging\hp photosmart 2570 series\help\HP Product Support Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 2570 series\Readme.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP\GIMP 2.lnk -> C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP\Uninstall.lnk -> C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Recovery Center\Gateway Recovery Center.lnk -> C:\Windows\SMINST\Grc_Vista.exe (SoftThinks)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Documentation\Hardware Reference.lnk -> C:\Documents\Hardware Reference.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Documentation\User Guide.lnk -> C:\Documents\User Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade\Uninstall GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\UNWISE.EXE ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Chess.lnk -> C:\Program Files\Microsoft Games\Chess\Chess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\FreeCell.lnk -> C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Hearts.lnk -> C:\Program Files\Microsoft Games\Hearts\Hearts.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\InkBall.lnk -> C:\Program Files\Microsoft Games\inkball\inkball.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Mahjong.lnk -> C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Minesweeper.lnk -> C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\PurblePlace.lnk -> C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Solitaire.lnk -> C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Spider Solitaire.lnk -> C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zumas Revenge! - Adventure\Uninstall Zumas Revenge! - Adventure.lnk -> C:\Program Files (x86)\Zumas Revenge! - Adventure\ReflexiveArcade\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zumas Revenge! - Adventure\ Zumas Revenge! - Adventure.lnk -> C:\Program Files (x86)\Zumas Revenge! - Adventure\ZumasRevengeAdventure.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin Systems\PrintScreen\Documentation.lnk -> C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin Systems\PrintScreen\Gadwin on Web.lnk -> C:\Program Files (x86)\Gadwin Systems\PrintScreen\Gadwin on Web.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin Systems\PrintScreen\PrintScreen.lnk -> C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgrade.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emicsoft\Emicsoft MTS Converter\Emicsoft MTS Converter On the Web.lnk -> C:\Program Files (x86)\Emicsoft Studio\Emicsoft MTS Converter\sys\soft\Emicsoft MTS Converter\On the Web.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emicsoft\Emicsoft MTS Converter\Emicsoft MTS Converter User Help.lnk -> C:\Program Files (x86)\Emicsoft Studio\Emicsoft MTS Converter\sys\soft\Emicsoft MTS Converter\help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emicsoft\Emicsoft MTS Converter\Emicsoft MTS Converter.lnk -> C:\Program Files (x86)\Emicsoft Studio\Emicsoft MTS Converter\Emicsoft MTS Converter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emicsoft\Emicsoft MTS Converter\Uninstall.lnk -> C:\Program Files (x86)\Emicsoft Studio\Emicsoft MTS Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\The Sims 2\Read Me.lnk -> C:\Program Files (x86)\EA GAMES\The Sims 2\Support\en-uk\readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\The Sims 2\The Sims 2 Body Shop.lnk -> C:\Program Files (x86)\EA GAMES\The Sims 2\CSBin\TS2BodyShop.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\The Sims 2\The Sims 2.lnk -> C:\Program Files (x86)\EA GAMES\The Sims 2\TSBin\Sims2.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES\The Sims 2\Uninstall The Sims 2.lnk -> C:\Program Files (x86)\EA GAMES\The Sims 2\eauninstall.exe (Electronic Arts Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugmode\Wax 2.0\Samples Folder.lnk -> C:\Program Files (x86)\DebugMode\Wax 2.0\Samples ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugmode\Wax 2.0\Uninstall.lnk -> C:\Program Files (x86)\DebugMode\Wax 2.0\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugmode\Wax 2.0\Wax 2.0.lnk -> C:\Program Files (x86)\DebugMode\Wax 2.0\WaxInvoker.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugmode\Wax 2.0\Wax User Guide.lnk -> C:\Program Files (x86)\DebugMode\Wax 2.0\Help\User Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\Uninstall.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe (DT Soft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go\Power2Go Express.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go\Power2Go Online Help.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go\Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe (Cyberlink)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go\Readme.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack\ComicRack.lnk -> C:\Program Files\ComicRack\ComicRack.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack\Release Notes.lnk -> C:\Program Files\ComicRack\ReadMe.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack\Version History.lnk -> C:\Program Files\ComicRack\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack\Website.lnk -> C:\Program Files\ComicRack\ComicRack.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software\CoffeeCup Direct FTP.lnk -> C:\Program Files (x86)\CoffeeCup Software\Direct FTP\DirectFTP.exe (CoffeeCup Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 6\Camtasia Studio.lnk -> C:\Windows\Installer\{A589DA26-51BD-475D-8C32-E19E34145842}\IconEF5C48881.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 6\Applications\Camtasia MenuMaker.lnk -> C:\Windows\Installer\{A589DA26-51BD-475D-8C32-E19E34145842}\IconEF5C48881.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 6\Applications\Camtasia Player.lnk -> C:\Windows\Installer\{A589DA26-51BD-475D-8C32-E19E34145842}\IconEF5C48881.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 6\Applications\Camtasia Recorder.lnk -> C:\Windows\Installer\{A589DA26-51BD-475D-8C32-E19E34145842}\IconEF5C48883.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 6\Applications\Camtasia Theater.lnk -> C:\Windows\Installer\{A589DA26-51BD-475D-8C32-E19E34145842}\IconEF5C48883.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Assistant Software\Camera Assistant Software.lnk -> C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR 8 Producer Edition Trial\Cakewalk Audio Finder (x64).lnk -> C:\Program Files\Cakewalk\Shared Utilities\cwaftool.exe (Twelve Tone Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR 8 Producer Edition Trial\SONAR 8 Producer Edition Trial Help(x64).lnk -> C:\Program Files\Cakewalk\SONAR 8 Producer Edition Trial\SONAR.CHM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR 8 Producer Edition Trial\SONAR 8 Producer Edition Trial Readme(x64).lnk -> C:\ProgramData\Cakewalk\SONAR 8 Producer Edition Trial\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR 8 Producer Edition Trial\SONAR 8 Producer Edition Trial(x64).lnk -> C:\Program Files\Cakewalk\SONAR 8 Producer Edition Trial\SONARPDR.exe (Cakewalk, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR 8 Producer Edition Trial\Uninstall SONAR 8 Producer Edition Trial(x64).lnk -> C:\Program Files\Cakewalk\SONAR 8 Producer Edition Trial\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Shot 3D\Box Shot 3D Help.lnk -> C:\Program Files (x86)\BoxShot3D\BoxShot3D.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Shot 3D\Box Shot 3D.lnk -> C:\Program Files (x86)\BoxShot3D\BoxShot3D.exe (BoxShot3D.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Shot 3D\Visit Web Site.lnk -> C:\Program Files (x86)\BoxShot3D\BoxShot3D.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BookCoverPro\BookCoverPro LM.lnk -> C:\Program Files (x86)\PlanetIcon\BookCoverPro\BookCoverPro500.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BookCoverPro\BookCoverPro.lnk -> C:\Program Files (x86)\PlanetIcon\BookCoverPro\BookCoverPro.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BookCoverPro\Uninstall.lnk -> C:\Program Files (x86)\PlanetIcon\BookCoverPro\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 8.5\AVG Tray Icon.lnk -> C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 8.5\AVG User Interface.lnk -> C:\Program Files (x86)\AVG\AVG8\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avery Dennison\DesignPro 5 eMedia.lnk -> C:\Program Files (x86)\Avery Dennison\DesignPro 5 eMedia\labeler.exe (Avery Dennison Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Converter.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager\Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager\AudibleManager.lnk -> C:\Program Files (x86)\Audible\Bin\Manager.exe (Audible Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon\Amazon Unbox Video\Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientApp.exe (Amazon.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\Alive HD Video Converter.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\HDConverter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\FAQ.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\FAQ.HTM ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\Help.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\HDConverter.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\How to registry.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\Registry.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\License Agreement.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\LICENSE.TXT ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\Readme.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\Tutorial.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\Tutorial.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive HD Video Converter\Uninstall Alive HD Video Converter.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Acrobat Distiller 9.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Acrobat 9 Pro.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe After Effects CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\AfterFX.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Bridge CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Contribute CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Contribute CS4\Contribute.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Device Central CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Device Central CS4\DeviceCentral.exe (Adobe Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Dreamweaver CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Drive CS4.lnk -> C:\Program Files (x86)\Common Files\Adobe\Adobe Drive CS4\ConnectUI\Adobe Drive CS4.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Encore CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Encore CS4\Adobe Encore.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe ExtendScript Toolkit CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities\ExtendScript Toolkit CS4\ExtendScript Toolkit.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Extension Manager CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS4\Adobe Extension Manager CS4.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Fireworks CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Fireworks CS4\Fireworks.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Flash CS4 Professional.lnk -> C:\Program Files (x86)\Adobe\Adobe Flash CS4\Flash.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Illustrator CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Illustrator CS4\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe InDesign CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe InDesign CS4\InDesign.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe LiveCycle Designer ES 8.2.lnk -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Media Encoder CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Media Encoder CS4\Adobe Media Encoder.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe OnLocation CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe OnLocation CS4\Adobe OnLocation.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Photoshop CS4 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Photoshop CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Pixel Bender Toolkit.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities\Pixel Bender Toolkit\pixel_bender_toolkit.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Premiere Pro CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS4\Adobe Premiere Pro.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Adobe Soundbooth CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Soundbooth CS4\Adobe Soundbooth CS4.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4\Mocha for After Effects CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe After Effects CS4\Mocha\bin\Mocha For After Effects.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe After Effects CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe (Adobe Systems Incorporated )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Bridge CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Bridge CS3\Bridge.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Contribute CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Contribute CS3\Contribute.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Device Central CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Device Central CS3\DeviceCentral.exe (Adobe Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Dreamweaver CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Encore CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Encore CS3\Adobe Encore.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe ExtendScript Toolkit 2.lnk -> C:\Program Files (x86)\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Extension Manager CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Extension Manager\Extension Manager.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Fireworks CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Fireworks CS3\Fireworks.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Flash CS3 Professional.lnk -> C:\Program Files (x86)\Adobe\Adobe Flash CS3\Flash.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Flash CS3 Video Encoder.lnk -> C:\Program Files (x86)\Adobe\Adobe Flash CS3 Video Encoder\Flash Video Encoder.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Illustrator CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Illustrator CS3\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe InDesign CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe InDesign CS3\InDesign.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Photoshop CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Premiere Pro CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Premiere Pro CS3\Adobe Premiere Pro.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Soundbooth CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Soundbooth CS3\Adobe Soundbooth CS3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3\Adobe Stock Photos CS3.lnk -> C:\Program Files (x86)\Adobe\Adobe Stock Photos CS3\Adobe Stock Photos CS3.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Captivate 3.lnk -> C:\Windows\Installer\{2E7B6B00-5ECD-49A1-8FD4-4B647C5D8027}\Captivate.exe_3BF78B0388DD41678E00421AAA3FD411.exe (InstallShield Software Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Player.lnk -> C:\Program Files (x86)\Adobe Media Player\Adobe Media Player.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Backup.lnk -> C:\Windows\System32\sdclt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\SysWOW64\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\migwiz.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Covers Extreme\3D Covers Extreme.lnk -> C:\Program Files (x86)\3D Covers Extreme\3DCoversExtreme.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Covers Extreme\Help.lnk -> C:\Program Files (x86)\3D Covers Extreme\3DCoversExtreme.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Covers Extreme\Uninstall.lnk -> C:\Program Files (x86)\3D Covers Extreme\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Covers Extreme\Website.lnk -> C:\Program Files (x86)\3D Covers Extreme\3D Covers Extreme.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{E91579C0-4EA9-4a2a-A9B2-04BEF1D6DC29}\PlayTasks\0\Minesweeper.lnk -> C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{D1A7F7E0-D4E9-49e8-BF2C-CEAA01D2E670}\PlayTasks\0\Hearts.lnk -> C:\Program Files\Microsoft Games\Hearts\Hearts.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BAA3FBF2-201A-4CE6-9D94-C0305F1DD14B}\PlayTasks\4\Readme.lnk -> C:\Program Files (x86)\Ubisoft\Scrabble2009\Manual\Readme-en.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BAA3FBF2-201A-4CE6-9D94-C0305F1DD14B}\PlayTasks\3\Manual.lnk -> C:\Program Files (x86)\Ubisoft\Scrabble2009\Manual\Manual-en.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BAA3FBF2-201A-4CE6-9D94-C0305F1DD14B}\PlayTasks\2\Configure.lnk -> C:\Program Files (x86)\Ubisoft\Scrabble2009\ScrabbleConfiguration.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BAA3FBF2-201A-4CE6-9D94-C0305F1DD14B}\PlayTasks\1\Register Scrabble™ Interactive 2009 Edition.lnk -> C:\Program Files (x86)\Ubisoft\Scrabble2009\Register\Register-en.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{BAA3FBF2-201A-4CE6-9D94-C0305F1DD14B}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\Ubisoft\Scrabble2009\gu.exe (Ubisoft)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{AFA7FF39-1DDF-4f70-A2D5-23FCFFF02E5F}\PlayTasks\0\Spider Solitaire.lnk -> C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{AF698A5B-24D6-4f78-AE95-204B09EDC7B6}\PlayTasks\0\Mahjong.lnk -> C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{AA06F18D-32E6-44A2-8C53-01620EFAB159}\PlayTasks\0\Play.lnk -> C:\Games\Stardock Games\Demigod\bin\Demigod.exe (Gas Powered Games)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{91CA4D38-EA2B-4f3c-94DE-36C1386182FC}\PlayTasks\0\Purble Place.lnk -> C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{6C815596-821F-40b3-8A84-643B73A8EB16}\PlayTasks\0\FreeCell.lnk -> C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{48DE2B25-A3A2-4121-808D-5DD991D9FEBB}\PlayTasks\0\InkBall.lnk -> C:\Program Files\Microsoft Games\inkball\inkball.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{46AC8A67-39C8-4C83-88BC-BCBE2B4B021A}\PlayTasks\0\Play.lnk -> C:\Games\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Civilization4.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{34E472B7-B548-4BB0-9C92-765D7B7E00BD}\PlayTasks\0\Play.lnk -> C:\Games\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Warlords\Civ4Warlords.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{255037D5-70FB-46A5-91CF-96AE00B21EE4}\PlayTasks\3\Manual.lnk -> C:\Games\Ubisoft\Chessmaster Grandmaster Edition\Chessmaster® Grandmaster Edition Manual.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{255037D5-70FB-46A5-91CF-96AE00B21EE4}\PlayTasks\2\Register.lnk -> C:\Games\Ubisoft\Chessmaster Grandmaster Edition\Register\RegistrationReminder.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{255037D5-70FB-46A5-91CF-96AE00B21EE4}\PlayTasks\1\ReadMe.lnk -> C:\Games\Ubisoft\Chessmaster Grandmaster Edition\ReadMe.txt (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{255037D5-70FB-46A5-91CF-96AE00B21EE4}\PlayTasks\0\Play.lnk -> C:\Games\Ubisoft\Chessmaster Grandmaster Edition\gu.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{205286E5-F5F2-4306-BDB1-864245E33227}\PlayTasks\0\Chess.lnk -> C:\Program Files\Microsoft Games\Chess\Chess.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{1A92C425-423A-437D-8A8A-922319D7108F}\PlayTasks\0\Play.lnk -> C:\Games\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{00D8862B-6453-4957-A821-3D98D74C76BE}\PlayTasks\0\Solitaire.lnk -> C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\LabelPrint Online Help.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\LabelPrint.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\Readme.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\Readme.htm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1\Desktop\Audible Manager.lnk -> C:\Program Files (x86)\Audible\Bin\Manager.exe (Audible Inc.)
Shortcut: C:\Users\Mcx1\Desktop\GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\Users\Mcx1\Desktop\QuickPar.lnk -> C:\Program Files (x86)\QuickPar\QuickPar.exe (Peter B Clements)
Shortcut: C:\Users\Mcx1\Desktop\µpdater.lnk -> C:\Users\NaiomiP\AppData\Roaming\uTorrent\IP filter µpdater.bat ()
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\LabelPrint Online Help.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\LabelPrint.chm ()
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe ()
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\Readme.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\Readme.htm ()
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\Users\NaiomiP\Pictures - Shortcut.lnk -> C:\Users\NaiomiP\Pictures ()
Shortcut: C:\Users\NaiomiP\SUPER ©.lnk -> C:\Program Files (x86)\eRightSoft\SUPER\SUPER.exe ()
Shortcut: C:\Users\NaiomiP\Videos\Amazon Unbox.lnk -> C:\Users\Public\Videos\Amazon Unbox ()
Shortcut: C:\Users\NaiomiP\Videos\Sample Videos.lnk -> C:\Users\Public\Videos\Sample Videos ()
Shortcut: C:\Users\NaiomiP\Pictures\Pictures.lnk -> C:\Users\NaiomiP\Pictures ()
Shortcut: C:\Users\NaiomiP\Pictures\Sample Pictures.lnk -> C:\Users\Public\Pictures\Sample Pictures ()
Shortcut: C:\Users\NaiomiP\Music\Sample Music.lnk -> C:\Users\Public\Music\Sample Music ()
Shortcut: C:\Users\NaiomiP\Links\Documents.lnk -> C:\Users\NaiomiP\Documents ()
Shortcut: C:\Users\NaiomiP\Links\Dropbox.lnk -> C:\Users\NaiomiP\Documents\My Dropbox (No File)
Shortcut: C:\Users\NaiomiP\Links\Music.lnk -> C:\Users\NaiomiP\Music ()
Shortcut: C:\Users\NaiomiP\Links\Pictures.lnk -> C:\Users\NaiomiP\Pictures ()
Shortcut: C:\Users\NaiomiP\Links\Public.lnk -> C:\Users\Public ()
Shortcut: C:\Users\NaiomiP\Links\Recently Changed.lnk -> C:\Users\NaiomiP\Searches\Recently Changed.search-ms ()
Shortcut: C:\Users\NaiomiP\Links\Searches.lnk -> C:\Users\NaiomiP\Searches ()
Shortcut: C:\Users\NaiomiP\Links\Videos.lnk -> C:\Users\NaiomiP\Videos ()
Shortcut: C:\Users\NaiomiP\Links\Voice Over.lnk -> C:\Users\NaiomiP\Documents\IMOIAN PRESS PROJECTS\Voice Over ()
Shortcut: C:\Users\NaiomiP\Documents\Documents.lnk -> C:\Users\NaiomiP\Documents ()
Shortcut: C:\Users\NaiomiP\Documents\GURU PROJECTS\Documents.lnk -> C:\Users\NaiomiP\Documents ()
Shortcut: C:\Users\NaiomiP\Documents\Camtasia Studio\Documents.lnk -> C:\Users\NaiomiP\Documents ()
Shortcut: C:\Users\NaiomiP\Documents\Audible\Downloads.lnk -> C:\Users\Public\Documents\Audible\Downloads ()
Shortcut: C:\Users\NaiomiP\Desktop\Adobe Dreamweaver CS4.lnk -> C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe (Adobe Systems, Inc.)
Shortcut: C:\Users\NaiomiP\Desktop\Adobe Photoshop CS4 (64 Bit).lnk -> C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\Users\NaiomiP\Desktop\Alive HD Video Converter.lnk -> C:\Program Files (x86)\AliveMedia\HD Video Converter\HDConverter.exe ()
Shortcut: C:\Users\NaiomiP\Desktop\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe ()
Shortcut: C:\Users\NaiomiP\Desktop\Audible Manager.lnk -> C:\Program Files (x86)\Audible\Bin\Manager.exe (Audible Inc.)
Shortcut: C:\Users\NaiomiP\Desktop\ColorTunnel.lnk -> C:\Program Files (x86)\Virtual Hypnotist\colortunnel\ColorTunnel.exe (FollowTheWatch Software)
Shortcut: C:\Users\NaiomiP\Desktop\Download Turbo_Tax_Deluxe_2011[1].lnk -> C:\Users\NaiomiP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6LBHG3GR\Turbo_Tax_Deluxe_2011[1].exe (No File)
Shortcut: C:\Users\NaiomiP\Desktop\Emicsoft MTS Converter.lnk -> C:\Program Files (x86)\Emicsoft Studio\Emicsoft MTS Converter\Emicsoft MTS Converter.exe ()
Shortcut: C:\Users\NaiomiP\Desktop\Fall from Heaven 2.lnk -> C:\Games\2K Games\Firaxis Games\Sid Meier's Civilization 4 Complete\Beyond the Sword\Civ4BeyondSword.exe (No File)
Shortcut: C:\Users\NaiomiP\Desktop\Gadwin PrintScreen.lnk -> C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)
Shortcut: C:\Users\NaiomiP\Desktop\GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\Users\NaiomiP\Desktop\IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\NaiomiP\Desktop\MovieDownloader.lnk -> C:\Program Files (x86)\1clickmoviedownloader.com\MovieDownloader.exe (No File)
Shortcut: C:\Users\NaiomiP\Desktop\NewsLeecher.lnk -> C:\Program Files (x86)\NewsLeecher\newsLeecher.exe ()
Shortcut: C:\Users\NaiomiP\Desktop\office Convert Pdf to Jpg Jpeg Tiff Free.lnk -> C:\Program Files (x86)\office Convert Pdf to Jpg Jpeg Tiff Free\Converter.exe (officeconvert)
Shortcut: C:\Users\NaiomiP\Desktop\QuickPar.lnk -> C:\Program Files (x86)\QuickPar\QuickPar.exe (Peter B Clements)
Shortcut: C:\Users\NaiomiP\Desktop\Rampart Street.aiff - Shortcut.lnk -> C:\Guru Projects\Voice Over\New Orleans Project\Anne 41 Descriptions\Rampart Street.aiff (No File)
Shortcut: C:\Users\NaiomiP\Desktop\Sacred Heart Academy.aiff - Shortcut.lnk -> C:\Guru Projects\Voice Over\New Orleans Project\Anne 41 Descriptions\Sacred Heart Academy.aiff (No File)
Shortcut: C:\Users\NaiomiP\Desktop\SiteGrinder 2 Readme.lnk -> C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Plug-Ins\Media Lab SiteGrinder 2\support\readme.html ()
Shortcut: C:\Users\NaiomiP\Desktop\St. Elizabeth's Orphanage.aiff - Shortcut.lnk -> C:\Guru Projects\Voice Over\New Orleans Project\Anne 41 Descriptions\St. Elizabeth's Orphanage.aiff (No File)
Shortcut: C:\Users\NaiomiP\Desktop\St. Mary's Assumption Church.aiff - Shortcut.lnk -> C:\Guru Projects\Voice Over\New Orleans Project\Anne 41 Descriptions\St. Mary's Assumption Church.aiff (No File)
Shortcut: C:\Users\NaiomiP\Desktop\St.Louis Cathedral.aiff - Shortcut.lnk -> C:\Guru Projects\Voice Over\New Orleans Project\Anne 41 Descriptions\St.Louis Cathedral.aiff (No File)
Shortcut: C:\Users\NaiomiP\Desktop\Ubi Soft Product Registration.lnk -> C:\Program Files (x86)\Ubi Soft\Register\register.exe (Ubi Soft)
Shortcut: C:\Users\NaiomiP\Desktop\Virtual Hypnotist.lnk -> C:\Program Files (x86)\Virtual Hypnotist\VH.exe (FollowTheWatch Software)
Shortcut: C:\Users\NaiomiP\Desktop\Xilisoft HD Video Converter.lnk -> C:\Program Files (x86)\Xilisoft\HD Video Converter\vc5.exe ()
Shortcut: C:\Users\NaiomiP\Desktop\Zumas Revenge! - Adventure.lnk -> C:\Program Files (x86)\Zumas Revenge! - Adventure\ZumasRevengeAdventure.exe ()
Shortcut: C:\Users\NaiomiP\Desktop\µpdater.lnk -> C:\Users\NaiomiP\AppData\Roaming\uTorrent\IP filter µpdater.bat ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk -> C:\Program Files\Windows Mail\WinMail.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft\HD Video Converter\Uninstall.lnk -> C:\Program Files (x86)\Xilisoft\HD Video Converter\Uninstall.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft\HD Video Converter\Xilisoft HD Video Converter Help.lnk -> C:\Program Files (x86)\Xilisoft\HD Video Converter\vc5.chm ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft\HD Video Converter\Xilisoft HD Video Converter.lnk -> C:\Program Files (x86)\Xilisoft\HD Video Converter\vc5.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for iPhone\PdaNetPC.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_about.txt ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files (x86)\IrfanView\i_languages.txt ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files (x86)\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files (x86)\IrfanView\i_options.txt ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.25.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files (x86)\IrfanView\i_view32.chm ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Uninstall IrfanView.lnk -> C:\Program Files (x86)\IrfanView\iv_uninstall.exe (Irfan Skiljan, IrfanView)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files (x86)\IrfanView\i_changes.txt ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.lnk -> C:\Users\NaiomiP\AppData\Roaming\Dropbox\bin\Dropbox.URL ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall.lnk -> C:\Users\NaiomiP\AppData\Roaming\Dropbox\bin\Uninstall.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\LabelPrint Online Help.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\LabelPrint.chm ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\LabelPrint.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\Readme.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\Language\Enu\Readme.htm ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CoffeeCup Direct FTP.lnk -> C:\Program Files (x86)\CoffeeCup Software\Direct FTP\DirectFTP.exe (CoffeeCup Software, Inc.)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GameSpy Arcade.lnk -> C:\Program Files (x86)\GameSpy Arcade\Aphex.exe (GameSpy Industries, Inc.)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Amazon Unbox Video.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientApp.exe (Amazon.com)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk -> C:\Program Files (x86)\NewsLeecher\newsLeecher.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xilisoft DVD Creator 6.lnk -> C:\Program Files (x86)\Xilisoft\DVD Creator 6\SplashScreen.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xilisoft HD Video Converter.lnk -> C:\Program Files (x86)\Xilisoft\HD Video Converter\vc5.exe ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Adobe\Workflow\working.lnk -> C:\Users\NaiomiP\Documents\Version Cue ()
Shortcut: C:\Users\NaiomiP\AppData\Roaming\Adobe\Workflow\workinghidden.lnk -> C:\Users\NaiomiP\Documents\Version Cue\myprojectshidden ()
Shortcut: C:\Users\NaiomiP\AppData\Local\Microsoft\Windows\GameExplorer\{E6B74445-4071-4B0A-B687-6755FE997659}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\EA GAMES\The Sims 2\TSBin\Sims2.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\Users\NaiomiP\AppData\Local\Microsoft\Windows\GameExplorer\{255037D5-70FB-46A5-91CF-96AE00B21EE4}\PlayTasks\3\Manual.lnk -> C:\Games\Ubisoft\Chessmaster Grandmaster Edition\Chessmaster® Grandmaster Edition Manual.pdf (No File)
Shortcut: C:\Users\NaiomiP\AppData\Local\Microsoft\Windows\GameExplorer\{0AC14D3F-1EB4-4F6C-A68C-BF6AD37E992E}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe (Big Huge Games, Inc.)
Shortcut: C:\Users\Public\Recovery (D) - Shortcut.lnk -> D:\ ()
Shortcut: C:\Users\Public\Desktop\Acrobat.com.lnk -> C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe ()
Shortcut: C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Adobe Captivate 3.lnk -> C:\Windows\Installer\{2E7B6B00-5ECD-49A1-8FD4-4B647C5D8027}\Captivate.exe1_3BF78B0388DD41678E00421AAA3FD411.exe (InstallShield Software Corp.)
Shortcut: C:\Users\Public\Desktop\Adobe Reader 9.lnk -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Amazon Unbox.lnk -> C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientApp.exe (Amazon.com)
Shortcut: C:\Users\Public\Desktop\AVG 8.5.lnk -> C:\Program Files (x86)\AVG\AVG8\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\BookCoverPro.lnk -> C:\Program Files (x86)\PlanetIcon\BookCoverPro\BookCoverPro.exe ()
Shortcut: C:\Users\Public\Desktop\Box Shot 3D.lnk -> C:\Program Files (x86)\BoxShot3D\BoxShot3D.exe (BoxShot3D.com)
Shortcut: C:\Users\Public\Desktop\Camtasia Studio 6.lnk -> C:\Program Files (x86)\TechSmith\Camtasia Studio 6\CamtasiaStudio.exe (TechSmith Corporation)
Shortcut: C:\Users\Public\Desktop\CoffeeCup Direct FTP.lnk -> C:\Program Files (x86)\CoffeeCup Software\Direct FTP\DirectFTP.exe (CoffeeCup Software, Inc.)
Shortcut: C:\Users\Public\Desktop\ComicRack.lnk -> C:\Program Files\ComicRack\ComicRack.exe ()
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
Shortcut: C:\Users\Public\Desktop\GIMP 2.lnk -> C:\Program Files (x86)\GIMP-2.0\bin\gimp-2.6.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\HP Photosmart Essential.lnk -> C:\Program Files (x86)\HP\Photosmart Essential\HP_IZE.exe (Hewlett-Packard, Co.)
Shortcut: C:\Users\Public\Desktop\HP Solution Center.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqdirec.exe (Hewlett-Packard Company)
Shortcut: C:\Users\Public\Desktop\I-Doser Premium.lnk -> C:\Program Files (x86)\I-Doser Premium\IDoser.exe ()
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Windows\Installer\{96D5EB02-DE18-4DCD-A713-929B4461CA8D}\iTunesIco.exe ()
Shortcut: C:\Users\Public\Desktop\MAGIX Music Maker 14 Producer Edition Download version.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\MusicMaker.exe (MAGIX AG)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Microsoft Office - 60 Day Trial.lnk -> C:\Program Files (x86)\Microsoft Office Suite Activation Assistant\OAA.exe (Digital River Inc. )
Shortcut: C:\Users\Public\Desktop\ooVoo.lnk -> C:\Program Files (x86)\ooVoo\ooVoo.exe (ooVoo LLC)
Shortcut: C:\Users\Public\Desktop\PerfectDisk 10.lnk -> C:\Program Files\Raxco\PerfectDisk10\PerfectDisk.exe (Raxco Software, Inc.)
Shortcut: C:\Users\Public\Desktop\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Registry Mechanic.lnk -> C:\Program Files (x86)\Registry Mechanic\RegMech.exe (No File)
Shortcut: C:\Users\Public\Desktop\Rise of Nations Gold.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe (Big Huge Games, Inc.)
Shortcut: C:\Users\Public\Desktop\Shop for HP Supplies.lnk -> C:\Program Files (x86)\HP\hpqSSupply.exe ()
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Snagit 10 Editor.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitEditor.exe (TechSmith Corporation)
Shortcut: C:\Users\Public\Desktop\Snagit 10.lnk -> C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe (TechSmith Corporation)
Shortcut: C:\Users\Public\Desktop\SONAR 8 Producer Edition Trial(x64).lnk -> C:\Program Files\Cakewalk\SONAR 8 Producer Edition Trial\SONARPDR.exe (Cakewalk, Inc.)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\Switch Sound File Converter.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software)
Shortcut: C:\Users\Public\Desktop\The Sims 2.lnk -> C:\Program Files (x86)\EA GAMES\The Sims 2\TSBin\Sims2.exe (Maxis, a division of Electronic Arts Inc.)
Shortcut: C:\Users\Public\Desktop\Turbo Tax Audit Support Center.lnk -> C:\Program Files (x86)\Turbo Tax Audit Support Center\Turbo Tax Audit Support Center.exe (Turbo Tax                           )
Shortcut: C:\Users\Public\Desktop\TurboTax 2009.lnk -> C:\Windows\Installer\{38975F50-EAA2-012B-ADB4-000000000000}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2010.lnk -> C:\Windows\Installer\{A525E00B-6609-442E-9DCD-64453C233E8D}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2011.lnk -> C:\Windows\Installer\{E463E171-4082-4744-A466-F7CBE8502789}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\TurboTax 2012.lnk -> C:\Windows\Installer\{F014B696-28C5-4554-802F-A15380418F53}\TurboTax.exe (Intuit)
Shortcut: C:\Users\Public\Desktop\WinFF.lnk -> C:\Program Files (x86)\WinFF\winff.exe (WinFF.org)
Shortcut: C:\Users\Public\Desktop\Xilisoft DVD Creator 6.lnk -> C:\Program Files (x86)\Xilisoft\DVD Creator 6\SplashScreen.exe ()
Shortcut: C:\Users\Public\Desktop\µTorrent.lnk -> C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Music Maker 14 Producer Edition Download version\Service and Support\register online.lnk -> C:\Program Files (x86)\MAGIX\MusicMaker14PE_Download_version\explore.exe () -> hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=mm2008dlx_e-version&VARCHARGE=13.0.2.1&VARREGISTER=onlineregister&VARLAND=US

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation) -> -settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © Uninstall.lnk -> C:\Program Files (x86)\eRightSoft\SUPER\Setup.exe (eRightSoft   ) -> /remove
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Decoder.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> xvid.ax,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Configure Encoder.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> xvidvfw.dll,Configure
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid\Advanced\xvid_encraw.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k ""C:\Program Files (x86)\Xvid\xvid_encraw.exe"" -h
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Scrabble 2003 Edition\Register.lnk -> C:\Program Files (x86)\Ubi Soft\Scrabble 2003 Edition\UNWISE.EXE () -> /W1 "C:\Program Files (x86)\Ubi Soft\Scrabble 2003 Edition\INSTALL.LOG"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft\Scrabble 2003 Edition\Scrabble® 2003 Edition.lnk -> C:\Program Files (x86)\Ubi Soft\Scrabble 2003 Edition\Scrabble2003Edition.exe () -> 0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © Version 2009.bld.36 (June 10, 2009)\SUPER © Uninstall.lnk -> C:\Program Files (x86)\eRightSoft\SUPER\Setup.exe (eRightSoft   ) -> /remove
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Burn CD, DVD or Blu-Ray.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind ExpressBurn
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Dictate Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Express
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Rip CD Ripper.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Rip
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Express Talk Softphone.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Talk
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Golden Records LP Converter.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Golden
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\IVM Telephone Answering Attendant.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind IVM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\MixPad MultiTrack Mixer.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind MixPad
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\Prism Video File Format Converter.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Prism
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\RecordPad Sound Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind RecordPad
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\SoundTap Streaming Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind SoundTap
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\VRS Sound Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind VRS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite\WavePad Sound Editor.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind WavePad
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multimedia\Xilisoft\DVD Creator 6\Buy.lnk -> C:\Program Files (x86)\Xilisoft\DVD Creator 6\dvdcreator.exe () -> -buyurl
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> -safe-mode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse\Microsoft Mouse.lnk -> C:\Program Files\Microsoft IntelliPoint\dplaunch.exe (Microsoft Corporation) -> mouse cpl
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse\Mouse Healthy Computing Guide.lnk -> C:\Program Files\Microsoft IntelliPoint\dplaunch.exe (Microsoft Corporation) -> mouse hcg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse\Mouse Help.lnk -> C:\Program Files\Microsoft IntelliPoint\dplaunch.exe (Microsoft Corporation) -> mouse help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Rise of Nations Gold\Uninstall Rise of Nations Gold.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\Uninstal.exe (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestoreCenter
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart Essential\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {EB21A812-671B-4D08-B974-2A347F0D8F70}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 2570 series\Product Registration.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe (Hewlett-Packard Co.) -> "Photosmart 2570 series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photosmart 2570 series\Uninstall.lnk -> C:\Program Files (x86)\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr40.exe (Hewlett-Packard) -> -datfile hposcr19.dat -onestop
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {34B32B70-8081-11E2-89AF-B8AC6F98CCE3} FEEDBACK=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\-  Gateway Game Console  -.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsole-wt.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Battlestar Galactica.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Battlestar Galactica\BSG-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Bejeweled 2 Deluxe\WinBej2-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Chuzzle Deluxe.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Chuzzle Deluxe\Chuzzle-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\FATE.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\FATE\Fate-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\JoJo's Fashion Show.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\JoJo's Fashion Show\JojosFashionShow-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Mystery P.I. - The Lottery Ticket.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Mystery P.I. - The Lottery Ticket\MysteryPI-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Penguins!.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Penguins!\penguins-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Polar Bowler.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Polar Bowler\Polar-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Polar Golfer.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Polar Golfer\golf-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gateway Games\Virtual Villagers - A New Home.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Virtual Villagers - A New Home\VirtualVillagers-WT.exe" /src startmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\-  Gateway Game Console  -.lnk -> C:\Program Files (x86)\Gateway Games\onplay\onplay.exe ( ) -> "C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsole-wt.exe" /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zumas Revenge! - Adventure\Other Games.lnk -> C:\Program Files (x86)\Zumas Revenge! - Adventure\ZumasRevengeAdventure.exe () -> -GCSShowOtherGames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugmode\Wax 2.0\Wax 2.0 Preferences.lnk -> C:\Program Files (x86)\DebugMode\Wax 2.0\WaxInvoker.exe () -> /prefs
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go\Uninstall Power2Go.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe"  -uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR 8 Producer Edition Trial\Burn Audio CD.lnk -> C:\Program Files\Cakewalk\SONAR 8 Producer Edition Trial\CakewalkPublisher.exe (Twelve Tone Systems, Inc.) -> -cd
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk\SONAR 8 Producer Edition Trial\Cakewalk Publisher.lnk -> C:\Program Files\Cakewalk\SONAR 8 Producer Edition Trial\CakewalkPublisher.exe (Twelve Tone Systems, Inc.) -> -web
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 8.5\Uninstall AVG.lnk -> C:\Program Files (x86)\AVG\AVG8\setup.exe (AVG Technologies CZ, s.r.o.) -> /UNINSTALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\CD Audio Burn Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind ExpressBurn
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\CD Audio Rip Extractor.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Rip
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Dictation Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Express
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\DJ Mixing Software.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Zulu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Multichannel Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind VRS
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Multitrack Mixer.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind MixPad
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Record to CD or Mp3 Wizard.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Golden
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Editor.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind WavePad
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Sound File Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind RecordPad
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Streaming Audio Recorder.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind SoundTap
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Streaming Audio Server.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind BroadWave
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs\Text-to-Speech Reader.lnk -> C:\Program Files (x86)\NCH Swift Sound\Switch\switch.exe (NCH Software) -> -extfind Verbose
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager\Uninstall AudibleManager.lnk -> C:\Program Files (x86)\Audible\Bin\Upgrade.exe (Audible Inc.) -> /Uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Reliability and Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.WelcomeCenter
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\OnLine Registration.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\OLRSubmission.exe () -> /LANG:ENU
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\Uninstall LabelPrint.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\OnLine Registration.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\OLRSubmission.exe () -> /LANG:ENU
ShortcutWithArgument: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\Uninstall LabelPrint.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
ShortcutWithArgument: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\NaiomiP\Desktop\Dropbox.lnk -> C:\Users\NaiomiP\AppData\Roaming\Dropbox\bin\Dropbox.exe () -> /home
ShortcutWithArgument: C:\Users\NaiomiP\Desktop\IrfanView Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\NaiomiP\Desktop\Scrabble 2003 Edition.lnk -> C:\Program Files (x86)\Ubi Soft\Scrabble 2003 Edition\Scrabble2003Edition.exe () -> 0
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilisoft\HD Video Converter\Buy.lnk -> C:\Program Files (x86)\Xilisoft\HD Video Converter\vc5.exe () -> -buyurl
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\NaiomiP\AppData\Roaming\Dropbox\bin\Dropbox.exe () -> /home
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\OnLine Registration.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\OLRSubmission.exe () -> /LANG:ENU
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint\Uninstall LabelPrint.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\NaiomiP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Public\Desktop\Gateway Games.lnk -> C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsole.exe (WildTangent, Inc.) -> /src desktopfreoem
ShortcutWithArgument: C:\Users\Public\Desktop\Microsoft Mouse.lnk -> C:\Program Files\Microsoft IntelliPoint\dplaunch.exe (Microsoft Corporation) -> mouse cpl

 

==================== End of log =============================


Edited by Nayshuemate, 20 July 2014 - 04:01 AM.

  • 0

#8
JSntgRvr
Posted 20 July 2014 - 09:26 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts

Please download the enclosed file. [attachment=71818:fixlist.txt]

 

Save it in the same location FRST is saved.

 

Run FRST, except that this time around, click on the Fix button and wait.

 

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.
 
How is the computer doing?

  • 0

#9
Nayshuemate
Posted 21 July 2014 - 10:53 PM

Nayshuemate

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Thank you, I am not noticing any problems with the computer! :) And here is the Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-07-2014
Ran by NaiomiP at 2014-07-21 21:48:39 Run:4
Running from C:\Users\NaiomiP\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
InvalidSubkeyName: [HKU\S-1-5-21-3094174547-28691812-3827549335-1000\Software\Microsoft\Windows\CurrentVersion\Run\410064006F00620065005500700064006100740065007200] <===== ATTENTION
HKU\S-1-5-21-3094174547-28691812-3827549335-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-3094174547-28691812-3827549335-1000\$eb57cd9583c460645306a8cbc493a22c\n. ATTENTION! ====> ZeroAccess?
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (No File)
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} ->  No File
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} ->  No File
BHO-x32: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} ->  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
C:\Windows\assembly\GAC_64\Desktop.ini
C:\Users\NaiomiP\AppData\Local\Temp\Quarantine.exe
Task: {17A09D24-AEDE-444C-AFF4-CAD15BCC292B} - System32\Tasks\4866 => Wscript.exe C:\Users\NaiomiP\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {4CF78256-F7F3-4C93-8231-69965780DE61} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {B150C832-77B7-4EBB-8E00-5E884D39444F} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
End
*****************

[HKU\S-1-5-21-3094174547-28691812-3827549335-1000\Software\Microsoft\Windows\CurrentVersion\Run\410064006F00620065005500700064006100740065007200] => No subkey with invalid name found.
'HKU\S-1-5-21-3094174547-28691812-3827549335-1000\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}' => Key deleted successfully.
C:\Program Files\CrashPlan\CrashPlanTray.exe not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}' => Key deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
'HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}'=> Key not found.
'HKCR\PROTOCOLS\Handler\linkscanner' => Key deleted successfully.
'HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}'=> Key not found.
C:\Windows\assembly\GAC_64\Desktop.ini => Moved successfully.
C:\Users\NaiomiP\AppData\Local\Temp\Quarantine.exe => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17A09D24-AEDE-444C-AFF4-CAD15BCC292B}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17A09D24-AEDE-444C-AFF4-CAD15BCC292B}' => Key deleted successfully.
C:\Windows\System32\Tasks\4866 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4866' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CF78256-F7F3-4C93-8231-69965780DE61}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CF78256-F7F3-4C93-8231-69965780DE61}' => Key deleted successfully.
C:\Windows\System32\Tasks\BuzzSocialPoints_DNS_Checker => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BuzzSocialPoints_DNS_Checker' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B150C832-77B7-4EBB-8E00-5E884D39444F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B150C832-77B7-4EBB-8E00-5E884D39444F}' => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0' => Key deleted successfully.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll

==== End of Fixlog ====


 


  • 0

#10
JSntgRvr
Posted 22 July 2014 - 06:38 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts

Congratulations. :)
 
We need to remove the tools we've used during cleaning your machine

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply
 

Here are some suggestions.

  • Always keep your JAVA updated. Older versions will make your computer vulnerable.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft.  To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

 
Best wishes! icon_hello.gif


  • 0

#11
JSntgRvr
Posted 23 August 2014 - 05:20 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,591 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP