Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ads by BBrroawseri Shhopa


  • This topic is locked This topic is locked
48 replies to this topic

#1 shellfish101

shellfish101

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 31 July 2014 - 11:53 PM

I just got a new computer.  It is a Dell with Windows 8.  I have only downloaded onto it: gimp, malewarebytes, and a photo editing program called photoin (i believe).  

 

When I perform a google search, about 20 ads show up, above the search results.  It says "Ads by BBrroawseri Shhopa"  Also when I click links, about 30% of the time, rather than the link opening, a random page opens, which also says "Ads by BBrroawseri Shhopa".  

 

I ran malware bytes and it found 42 pups.  I have quarantined them, and restarted, but the same think keeps happening.  

 
  1.  


BC AdBot (Login to Remove)

 


#2 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 01 August 2014 - 12:04 AM

This is the Malwarebytes log

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/1/2014
Scan Time: 12:06:33 AM
Logfile: scan log 8.1.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.01.01
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Shelly
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 306521
Time Elapsed: 11 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 1
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\PC_Booster.exe, 3440, Delete-on-Reboot, [4124caf72259ad8998924f0be81aec14]
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 35
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-493389286, Quarantined, [4124caf72259ad8998924f0be81aec14], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\Adblocker.Adblocker, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\Adblocker.Adblocker.1.0, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Adblocker.Adblocker, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Adblocker.Adblocker.1.0, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}\INPROCSERVER32, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\pricechhOp.pricechhOp, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\pricechhOp.pricechhOp.3.9, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pricechhOp.pricechhOp, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pricechhOp.pricechhOp.3.9, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}\INPROCSERVER32, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Quarantined, [7ee7f9c8780374c282916932a55c6898], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}, Quarantined, [ec799829bcbfcb6bda39376450b12bd5], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}, Quarantined, [a3c2a21f1764c86ed2cc03d1897931cf], 
Trojan.SProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\248642B4, Quarantined, [6401447d7ffc54e232d2834aa161b14f], 
 
Registry Values: 1
Trojan.SProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\248642B4|ImagePath, "C:\Windows\system32\rundll32.exe" "c:\progra~2\pc_boo~1\AssistantSvc.dll",service, Quarantined, [6401447d7ffc54e232d2834aa161b14f]
 
Registry Data: 7
Trojan.SProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~2\pc_boo~1\assist~1.dll, Good: (), Bad: (c:\progra~2\pc_boo~1\assist~1.dll),Replaced,[511417aabbc0bd79faf18ed5778a5ca4]
Trojan.SProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs,  C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL, Good: (), Bad: (C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL),Replaced,[e085863b9dde270f9882fea580814fb1]
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~2\pc_boo~1\assist~1.dll, Good: (), Bad: (c:\progra~2\pc_boo~1\assist~1.dll),Replaced,[f174a0218fecaf870cce2ba637cbd030]
PUP.Optional.Booster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs,  C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL, Good: (), Bad: (C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL),Replaced,[dd889928f9826acc45953d948082f30d]
PUP.Optional.EasyLife.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchy.easylifeapp.com/, Good: (www.google.com), Bad: (http://searchy.easylifeapp.com/),Replaced,[c0a5a8195b20e650967aa01b3fc5cf31]
PUP.Optional.EasyLife.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchy.easylifeapp.com/, Good: (www.google.com), Bad: (http://searchy.easylifeapp.com/),Replaced,[0f56b9087506fe3849c7c8f34bb937c9]
PUP.Optional.EasyLife.A, HKU\S-1-5-21-3139656502-3334905310-4129259759-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchy.easylifeapp.com/, Good: (www.google.com), Bad: (http://searchy.easylifeapp.com/),Replaced,[c89d249d0a71af87f21f97245da78e72]
 
Folders: 3
PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster, Delete-on-Reboot, [cd98477a750657df2f0c5a6af210758b], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\493389286, Quarantined, [cd98477a750657df2f0c5a6af210758b], 
 
Files: 26
Trojan.SProtector, C:\Program Files (x86)\PC_Booster\AssistantSvc.dll, Delete-on-Reboot, [392cb20f2b50e05612da075c1ce5b44c], 
Trojan.SProtector, C:\Program Files (x86)\PC_Booster\Assistant.dll, Delete-on-Reboot, [511417aabbc0bd79faf18ed5778a5ca4], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\PC_Booster.exe, Delete-on-Reboot, [4124caf72259ad8998924f0be81aec14], 
Trojan.SProtector, C:\Program Files (x86)\PC_Booster\Assistant_x64.dll, Quarantined, [e085863b9dde270f9882fea580814fb1], 
PUP.Optional.Preload, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.x64.dll, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.dll, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, C:\Program Files (x86)\pricechOpe\VhkC.x64.dll, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, C:\Program Files (x86)\pricechOpe\VhkC.dll, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.MultiPlug, C:\ProgramData\Adblocker\lvBPXtveEeg.exe, Quarantined, [7ee7f9c8780374c282916932a55c6898], 
PUP.Optional.MultiPlug, C:\ProgramData\pricechOpe\RcRgI.exe, Quarantined, [ec799829bcbfcb6bda39376450b12bd5], 
PUP.Optional.MultiPlug, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\extIE_setup.exe, Quarantined, [6302d1f07a01af871c24376d629fe61a], 
Trojan.SProtector, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\putfu.exe, Quarantined, [9dc8ccf503788aaccfc81940b1501ae6], 
PUP.Optional.MultiPlug, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\setupytb.exe, Quarantined, [f76e3b861c5f32041c24dec610f1629e], 
PUP.Optional.Booster.A, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\usetup.exe, Quarantined, [77ee754c374438feb872f565af53a957], 
PUP.Optional.InstallRex, C:\Users\Shelly\Downloads\SLIDE 2014 Caravan.mp4.exe, Quarantined, [1d482a9792e98bab7912fd50837d1ee2], 
PUP.Optional.Booster.A, C:\Program Files (x86)\PC_Booster\Assistant.dll, Delete-on-Reboot, [f174a0218fecaf870cce2ba637cbd030], 
PUP.Optional.Booster.A, C:\Program Files (x86)\PC_Booster\AssistantSvc.dll, Delete-on-Reboot, [d88db40d0a717eb814c6894806fced13], 
PUP.Optional.Booster.A, C:\Program Files (x86)\PC_Booster\Assistant_x64.dll, Quarantined, [dd889928f9826acc45953d948082f30d], 
PUP.Optional.Booster.A, C:\Windows\Tasks\PC_Booster-S-493389286.job, Quarantined, [cd98695897e4cf67be3f08c93cc6ea16], 
PUP.Optional.Booster.A, C:\Windows\System32\Tasks\PC_Booster-S-493389286, Quarantined, [1b4ab20f93e88fa7a05e2aa7e51d758b], 
PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.tlb, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.dat, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.Superfish.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [66ffc4fd403b70c6a767da0757ab3ec2], 
PUP.Optional.Superfish.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [db8a2899abd0b97dbd51bb26976b28d8], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\493389286.ini, Quarantined, [cd98477a750657df2f0c5a6af210758b], 
PUP.Optional.EasyLife.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://sketchport.com/", "http://facebook.com/", "https://www.yahoo.com/", "http://volrac.com/", "http://ratemydrawings.com/", "http://happify.com/", "http://luminosity.com/", "http://searchy.easylifeapp.com/" ],), Replaced,[73f20cb5c0bbca6c2442ce1e7f852fd1]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/1/2014
Scan Time: 12:06:33 AM
Logfile: scan log 8.1.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.01.01
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Shelly
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 306521
Time Elapsed: 11 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 1
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\PC_Booster.exe, 3440, Delete-on-Reboot, [4124caf72259ad8998924f0be81aec14]
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 35
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-493389286, Quarantined, [4124caf72259ad8998924f0be81aec14], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\Adblocker.Adblocker, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\Adblocker.Adblocker.1.0, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Adblocker.Adblocker, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Adblocker.Adblocker.1.0, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{7A82AABF-0628-D879-C4BB-B4DD8FC40AC9}\INPROCSERVER32, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\pricechhOp.pricechhOp, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\pricechhOp.pricechhOp.3.9, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pricechhOp.pricechhOp, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\pricechhOp.pricechhOp.3.9, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, HKLM\SOFTWARE\CLASSES\CLSID\{D1FB955D-EE6D-90E2-7FF9-62E5F14DB9AF}\INPROCSERVER32, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}, Quarantined, [7ee7f9c8780374c282916932a55c6898], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}, Quarantined, [ec799829bcbfcb6bda39376450b12bd5], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}, Quarantined, [a3c2a21f1764c86ed2cc03d1897931cf], 
Trojan.SProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\248642B4, Quarantined, [6401447d7ffc54e232d2834aa161b14f], 
 
Registry Values: 1
Trojan.SProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\248642B4|ImagePath, "C:\Windows\system32\rundll32.exe" "c:\progra~2\pc_boo~1\AssistantSvc.dll",service, Quarantined, [6401447d7ffc54e232d2834aa161b14f]
 
Registry Data: 7
Trojan.SProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~2\pc_boo~1\assist~1.dll, Good: (), Bad: (c:\progra~2\pc_boo~1\assist~1.dll),Replaced,[511417aabbc0bd79faf18ed5778a5ca4]
Trojan.SProtector, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs,  C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL, Good: (), Bad: (C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL),Replaced,[e085863b9dde270f9882fea580814fb1]
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, c:\progra~2\pc_boo~1\assist~1.dll, Good: (), Bad: (c:\progra~2\pc_boo~1\assist~1.dll),Replaced,[f174a0218fecaf870cce2ba637cbd030]
PUP.Optional.Booster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs,  C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL, Good: (), Bad: (C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL),Replaced,[dd889928f9826acc45953d948082f30d]
PUP.Optional.EasyLife.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchy.easylifeapp.com/, Good: (www.google.com), Bad: (http://searchy.easylifeapp.com/),Replaced,[c0a5a8195b20e650967aa01b3fc5cf31]
PUP.Optional.EasyLife.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchy.easylifeapp.com/, Good: (www.google.com), Bad: (http://searchy.easylifeapp.com/),Replaced,[0f56b9087506fe3849c7c8f34bb937c9]
PUP.Optional.EasyLife.A, HKU\S-1-5-21-3139656502-3334905310-4129259759-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://searchy.easylifeapp.com/, Good: (www.google.com), Bad: (http://searchy.easylifeapp.com/),Replaced,[c89d249d0a71af87f21f97245da78e72]
 
Folders: 3
PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster, Delete-on-Reboot, [cd98477a750657df2f0c5a6af210758b], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\493389286, Quarantined, [cd98477a750657df2f0c5a6af210758b], 
 
Files: 26
Trojan.SProtector, C:\Program Files (x86)\PC_Booster\AssistantSvc.dll, Delete-on-Reboot, [392cb20f2b50e05612da075c1ce5b44c], 
Trojan.SProtector, C:\Program Files (x86)\PC_Booster\Assistant.dll, Delete-on-Reboot, [511417aabbc0bd79faf18ed5778a5ca4], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\PC_Booster.exe, Delete-on-Reboot, [4124caf72259ad8998924f0be81aec14], 
Trojan.SProtector, C:\Program Files (x86)\PC_Booster\Assistant_x64.dll, Quarantined, [e085863b9dde270f9882fea580814fb1], 
PUP.Optional.Preload, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.x64.dll, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.dll, Quarantined, [63025f621863b97d8b39fe9e54ad5ba5], 
PUP.Optional.Preload, C:\Program Files (x86)\pricechOpe\VhkC.x64.dll, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.Preload, C:\Program Files (x86)\pricechOpe\VhkC.dll, Quarantined, [85e03091601bcd69dde76339ab5614ec], 
PUP.Optional.MultiPlug, C:\ProgramData\Adblocker\lvBPXtveEeg.exe, Quarantined, [7ee7f9c8780374c282916932a55c6898], 
PUP.Optional.MultiPlug, C:\ProgramData\pricechOpe\RcRgI.exe, Quarantined, [ec799829bcbfcb6bda39376450b12bd5], 
PUP.Optional.MultiPlug, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\extIE_setup.exe, Quarantined, [6302d1f07a01af871c24376d629fe61a], 
Trojan.SProtector, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\putfu.exe, Quarantined, [9dc8ccf503788aaccfc81940b1501ae6], 
PUP.Optional.MultiPlug, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\setupytb.exe, Quarantined, [f76e3b861c5f32041c24dec610f1629e], 
PUP.Optional.Booster.A, C:\Users\Shelly\AppData\Local\Temp\73e14eb7\temp\usetup.exe, Quarantined, [77ee754c374438feb872f565af53a957], 
PUP.Optional.InstallRex, C:\Users\Shelly\Downloads\SLIDE 2014 Caravan.mp4.exe, Quarantined, [1d482a9792e98bab7912fd50837d1ee2], 
PUP.Optional.Booster.A, C:\Program Files (x86)\PC_Booster\Assistant.dll, Delete-on-Reboot, [f174a0218fecaf870cce2ba637cbd030], 
PUP.Optional.Booster.A, C:\Program Files (x86)\PC_Booster\AssistantSvc.dll, Delete-on-Reboot, [d88db40d0a717eb814c6894806fced13], 
PUP.Optional.Booster.A, C:\Program Files (x86)\PC_Booster\Assistant_x64.dll, Quarantined, [dd889928f9826acc45953d948082f30d], 
PUP.Optional.Booster.A, C:\Windows\Tasks\PC_Booster-S-493389286.job, Quarantined, [cd98695897e4cf67be3f08c93cc6ea16], 
PUP.Optional.Booster.A, C:\Windows\System32\Tasks\PC_Booster-S-493389286, Quarantined, [1b4ab20f93e88fa7a05e2aa7e51d758b], 
PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.tlb, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker\yNLCPUKZeZ.dat, Quarantined, [71f40db42655053129b9d0074eb434cc], 
PUP.Optional.Superfish.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [66ffc4fd403b70c6a767da0757ab3ec2], 
PUP.Optional.Superfish.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [db8a2899abd0b97dbd51bb26976b28d8], 
PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\PC_Booster\493389286.ini, Quarantined, [cd98477a750657df2f0c5a6af210758b], 
PUP.Optional.EasyLife.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://sketchport.com/", "http://facebook.com/", "https://www.yahoo.com/", "http://volrac.com/", "http://ratemydrawings.com/", "http://happify.com/", "http://luminosity.com/", "http://searchy.easylifeapp.com/" ],), Replaced,[73f20cb5c0bbca6c2442ce1e7f852fd1]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#3 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 01 August 2014 - 05:18 PM

apparently it has also infected my email.  spam email is being sent out from my yahoo email address.
 








below is what is being sent
 
Shelly <mark@doolittlephoto.com>
Date: Fri, Aug 1, 2014 at 12:31 AM
Subject: from Shelly
E-mail addresses removed.[/url]


Shelly

Edited by nasdaq, 05 August 2014 - 09:21 AM.


#4 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 02 August 2014 - 10:47 AM

Malwarebytes ran an automatic scan last night and this was the results.  3 more unwanted items and I have downloaded nothing new :(

 

 Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 8/2/2014
Scan Time: 2:19:07 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.02.02
Rootkit Database: v2014.08.01.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Shelly
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307384
Time Elapsed: 12 min, 23 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
PUP.Optional.Superfish.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [6b5ff5cc93e81521b33603df748e8878], 
PUP.Optional.Superfish.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [8941348d384341f582675e84976bfa06], 
PUP.Optional.EasyLife.A, C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://sketchport.com/", "http://facebook.com/", "https://www.yahoo.com/", "http://volrac.com/", "http://ratemydrawings.com/", "http://happify.com/", "http://luminosity.com/", "http://searchy.easylifeapp.com/" ],), Replaced,[f4d6ffc21962e94d3c59ba34ba4a8779]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#5 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 02 August 2014 - 05:42 PM

Sorry to keep adding to this, but i keep finding more suspicious things.  there is an extension on chrome, that keeps activating itself called "pricecuhhoP"  when it is enabled, is when i keep getting all these random pages opening and ads on google search.  every time i open chrome, i delete this extension, but the next time i open chrome, it is back.



#6 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 03 August 2014 - 10:31 AM

and antispyware just ran an autoscan and found this: 

SUPERAntiSpyware Scan Log
 
Generated 08/03/2014 at 02:18 AM
 
Application Version : 6.0.1102
Database Version : 11415
 
Scan type       : Complete Scan
Total Scan Time : 00:18:23
 
Operating System Information
Windows 8.1 64-bit (Build 6.03.9200)
UAC On - Limited User
 
Memory items scanned      : 814
Memory threats detected   : 0
Registry items scanned    : 59527
Registry threats detected : 0
File items scanned        : 25753
File threats detected     : 7
 
Adware.Tracking Cookie
.2o7.net [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.track.ubuildnetworks.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.shaltrack.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.care2.112.2o7.net [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 
============================================
 Scheduled Scan - Automatic Removal Results 
============================================
 
Items scheduled for automatic removal:
.2o7.net [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.track.ubuildnetworks.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.shaltrack.com [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.care2.112.2o7.net [ C:\USERS\SHELLY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 
============
 End of Log 
============


#7 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 03 August 2014 - 10:41 AM

dds will not run on my computer.  when i try to run it, it says. "the program will not run in compatibility mode.  the program will now exit"  



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:37 AM

Posted 05 August 2014 - 09:23 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Let me know what problem persists.

#9 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 05 August 2014 - 03:08 PM

I can't open the adware download.  YHHgBS4.png



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:37 AM

Posted 06 August 2014 - 07:56 AM

Right click on the .exe file and run as an Administrator.

#11 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 06 August 2014 - 09:22 AM

I just tried that and I got the exact same warning.



#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:37 AM

Posted 06 August 2014 - 12:24 PM

Can you download and run the Farbar tool also suggested?

#13 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 06 August 2014 - 02:55 PM

Users shortcut scan result (x64) Version: 05-08-2014
Ran by Shelly at 2014-08-06 15:54:13
Running from C:\Users\Shelly\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
 
 
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe (Amazon)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk -> C:\Windows\System32\GfxUIEx.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom\Wacom Preference File Utility.lnk -> C:\Program Files\Tablet\Pen\32\PrefUtil.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom\Wacom Preferences.lnk -> C:\Program Files\Tablet\Pen\Consumer_CPL.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Uninstall Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® HD Graphics Control Panel.lnk -> C:\Windows\System32\igfxstarter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Photos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Backup and Recovery.lnk -> C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe (SoftThinks - Dell)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Digital Delivery.lnk -> C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe (Dell Products, LP)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Update.lnk -> C:\Program Files (x86)\Dell Update\DellUpTray.exe (Dell Products, LP)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Media Suite Essentials.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\CMSLauncher.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDVD 12\CyberLink PowerDVD 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDirector 10\PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\CyberLink Power2Go 8.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink LabelPrint 2.5\CyberLink LabelPrint 2.5.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Shelly\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Shelly\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Shelly\Pictures\shelly\contract preschool.jpg - Shortcut.lnk -> C:\Users\Shelly\Pictures\contract preschool.jpg (No File)
Shortcut: C:\Users\Shelly\Links\Desktop.lnk -> C:\Users\Shelly\Desktop ()
Shortcut: C:\Users\Shelly\Links\Downloads.lnk -> C:\Users\Shelly\Downloads ()
Shortcut: C:\Users\Shelly\Links\Dropbox.lnk -> C:\Users\Shelly\Dropbox ()
Shortcut: C:\Users\Shelly\Dropbox\shelly\contract preschool.jpg - Shortcut.lnk -> C:\Users\Shelly\Pictures\contract preschool.jpg (No File)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Shelly\Documents ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Shelly\Pictures ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Learn More.lnk -> C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\5.1.4.6\learnmore.url ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Lightshot .lnk -> C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Uninstall LightShot.lnk -> C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\unins000.exe ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Shelly\Dropbox ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SUPERAntiSpyware Free Edition Setup.lnk -> C:\Users\Shelly\Downloads\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) ->  /register
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Reminders.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Register My Device.lnk -> C:\Program Files (x86)\Dell Product Registration\prodreg.exe (Aviata Inc) -> /LSRC=StartMenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\My Dell.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -lloc dsc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\PC Checkup.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -startingpage pccheckup -lloc pccheckup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Shelly\Desktop\Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Word\Mid-Term%20Exam%20BEC%20152%20Students303868972385466381\Mid-Term%20Exam%20BEC%20152%20Students.docx.lnk -> C:\Users\Shelly\Downloads\Mid-Term Exam BEC 152 Students.docx () -> 0
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Excel\Answer%20Sheet%20Mid-Term%20BEC152303868953130795385\Answer%20Sheet%20Mid-Term%20BEC152.xls.lnk -> C:\Users\Shelly\Downloads\Answer Sheet Mid-Term BEC152.xls () -> 55
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
 
 
InternetURL: C:\Users\Default\Desktop\eBay.url -> hxxp://rover.ebay.com/rover/1/711-86042-13409-8/4
InternetURL: C:\Users\Shelly\Pictures\daniel\daniel\Already tagged.url -> https://www.facebook.com/photo.php?fbid=180535921960903&set=a.180535881960907.49443.100000134901007&type=3
InternetURL: C:\Users\Shelly\Pictures\daniel\daniel\photo.php.url -> https://www.facebook.com/photo.php?fbid=3257722810790&set=t.100000134901007&type=3
InternetURL: C:\Users\Shelly\OneDrive\Documents\shelly's Notebook.url -> https://skydrive.live.com/redir.aspx?cid=0032dcf43e47c3d0&resid=32DCF43E47C3D0!239&type=3
InternetURL: C:\Users\Shelly\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Shelly\Favorites\Links\HP - See What's Hot.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=webslice&tp=iefavbar&pf=cndt&locale=en_us&bd=HP&c=133
InternetURL: C:\Users\Shelly\Favorites\Links\Novell WebAccess (Michelle Sute).url -> hxxp://10.83.8.4/gw/webacc
InternetURL: C:\Users\Shelly\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=131
InternetURL: C:\Users\Shelly\Favorites\HP\HP Blog-TheNextBench.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_blog&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\HP Creative Studio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\rara Music.url -> hxxp://redirect.hp.com/svs/rdr?locale=en_us&bd=pavilion&tp=iefavs&pf=cndt&c=124&s=RaRa&TYPE=4
InternetURL: C:\Users\Shelly\Favorites\HP\Saving Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=savingscenter&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\Snapfish.url -> hxxp://www.snapfish.com/hp_desktop_desktopicon_2013_us
InternetURL: C:\Users\Shelly\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\Try HP MyRoom Free.url -> hxxp://redirect.hp.com/svs/rdr?bd=all&tp=iefavs&locale=en_ww&pf=cndt&c=132&s=hp_myroom&TYPE=4
InternetURL: C:\Users\Shelly\Favorites\Dell\Dell Auction.url -> hxxp://www.dellauction.com/
InternetURL: C:\Users\Shelly\Favorites\Dell\Dell Internet Security.url -> hxxp://support.dell.com/support/topics/global.aspx/support/security/security?c=us&cs=19&l=en&s=dhs
InternetURL: C:\Users\Shelly\Favorites\Dell\Dell.url -> hxxp://www.dell.com/
InternetURL: C:\Users\Shelly\Favorites\Dell\Support.Dell.Com.url -> hxxp://support.dell.com/support/index.aspx?c=us&l=en&s=gen
InternetURL: C:\Users\Shelly\Dropbox\daniel\daniel\Already tagged.url -> https://www.facebook.com/photo.php?fbid=180535921960903&set=a.180535881960907.49443.100000134901007&type=3
InternetURL: C:\Users\Shelly\Dropbox\daniel\daniel\photo.php.url -> https://www.facebook.com/photo.php?fbid=3257722810790&set=t.100000134901007&type=3
InternetURL: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
InternetURL: C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\5.1.4.6\learnmore.url -> hxxp://app.prntscr.com/learnmore.html
InternetURL: C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\5.1.4.6\learnmore_ru.url -> hxxp://app.prntscr.com/ru/learnmore.html
 
==================== End of log =============================
Users shortcut scan result (x64) Version: 05-08-2014
Ran by Shelly at 2014-08-06 15:54:13
Running from C:\Users\Shelly\Downloads
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
 
 
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.lnk -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe (Amazon)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk -> C:\Windows\System32\GfxUIEx.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom\Wacom Preference File Utility.lnk -> C:\Program Files\Tablet\Pen\32\PrefUtil.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom\Wacom Preferences.lnk -> C:\Program Files\Tablet\Pen\Consumer_CPL.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Uninstall Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Program Files\Microsoft Office 15\root\office15\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\About iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.Resources\en.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® HD Graphics Control Panel.lnk -> C:\Windows\System32\igfxstarter.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud Photos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Backup and Recovery.lnk -> C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe (SoftThinks - Dell)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Digital Delivery.lnk -> C:\Program Files (x86)\Dell Digital Delivery\DeliveryTray.exe (Dell Products, LP)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Dell Update.lnk -> C:\Program Files (x86)\Dell Update\DellUpTray.exe (Dell Products, LP)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Media Suite Essentials.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\CMSLauncher.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDVD 12\CyberLink PowerDVD 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink PowerDirector 10\PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\CyberLink Power2Go 8.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink Power2Go 8\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\CyberLink LabelPrint 2.5\CyberLink LabelPrint 2.5.lnk -> C:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Shelly\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Shelly\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\avast! Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Shelly\Pictures\shelly\contract preschool.jpg - Shortcut.lnk -> C:\Users\Shelly\Pictures\contract preschool.jpg (No File)
Shortcut: C:\Users\Shelly\Links\Desktop.lnk -> C:\Users\Shelly\Desktop ()
Shortcut: C:\Users\Shelly\Links\Downloads.lnk -> C:\Users\Shelly\Downloads ()
Shortcut: C:\Users\Shelly\Links\Dropbox.lnk -> C:\Users\Shelly\Dropbox ()
Shortcut: C:\Users\Shelly\Dropbox\shelly\contract preschool.jpg - Shortcut.lnk -> C:\Users\Shelly\Pictures\contract preschool.jpg (No File)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Shelly\Documents ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Shelly\Pictures ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Learn More.lnk -> C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\5.1.4.6\learnmore.url ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Lightshot .lnk -> C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot\Uninstall LightShot.lnk -> C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\unins000.exe ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe (Dropbox, Inc.)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk -> C:\Users\Shelly\Dropbox ()
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Shelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SUPERAntiSpyware Free Edition Setup.lnk -> C:\Users\Shelly\Downloads\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) ->  /register
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Calendar.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contacts.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Find My iPhone.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Mail.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notes.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Reminders.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\Register My Device.lnk -> C:\Program Files (x86)\Dell Product Registration\prodreg.exe (Aviata Inc) -> /LSRC=StartMenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\My Dell.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -lloc dsc
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell\My Dell\PC Checkup.lnk -> C:\Program Files\My Dell\pcdlauncher.exe (PC-Doctor, Inc.) -> -startingpage pccheckup -lloc pccheckup
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Shelly\Desktop\Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Word\Mid-Term%20Exam%20BEC%20152%20Students303868972385466381\Mid-Term%20Exam%20BEC%20152%20Students.docx.lnk -> C:\Users\Shelly\Downloads\Mid-Term Exam BEC 152 Students.docx () -> 0
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /systemstartup
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Shelly\AppData\Roaming\Microsoft\Excel\Answer%20Sheet%20Mid-Term%20BEC152303868953130795385\Answer%20Sheet%20Mid-Term%20BEC152.xls.lnk -> C:\Users\Shelly\Downloads\Answer Sheet Mid-Term BEC152.xls () -> 55
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Shelly\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
 
 
InternetURL: C:\Users\Default\Desktop\eBay.url -> hxxp://rover.ebay.com/rover/1/711-86042-13409-8/4
InternetURL: C:\Users\Shelly\Pictures\daniel\daniel\Already tagged.url -> https://www.facebook.com/photo.php?fbid=180535921960903&set=a.180535881960907.49443.100000134901007&type=3
InternetURL: C:\Users\Shelly\Pictures\daniel\daniel\photo.php.url -> https://www.facebook.com/photo.php?fbid=3257722810790&set=t.100000134901007&type=3
InternetURL: C:\Users\Shelly\OneDrive\Documents\shelly's Notebook.url -> https://skydrive.live.com/redir.aspx?cid=0032dcf43e47c3d0&resid=32DCF43E47C3D0!239&type=3
InternetURL: C:\Users\Shelly\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Shelly\Favorites\Links\HP - See What's Hot.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&s=webslice&tp=iefavbar&pf=cndt&locale=en_us&bd=HP&c=133
InternetURL: C:\Users\Shelly\Favorites\Links\Novell WebAccess (Michelle Sute).url -> hxxp://10.83.8.4/gw/webacc
InternetURL: C:\Users\Shelly\Favorites\HP\Accessories.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpaccessories&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\eBay.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=ebay&pf=cndt&locale=en_us&bd=all&c=131
InternetURL: C:\Users\Shelly\Favorites\HP\HP Blog-TheNextBench.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hp_blog&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\HP Creative Studio.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=activitycenter&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\HP Games.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\HP Store.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=hpstore&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\Printing.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=printing&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\rara Music.url -> hxxp://redirect.hp.com/svs/rdr?locale=en_us&bd=pavilion&tp=iefavs&pf=cndt&c=124&s=RaRa&TYPE=4
InternetURL: C:\Users\Shelly\Favorites\HP\Saving Center.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=savingscenter&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\Snapfish.url -> hxxp://www.snapfish.com/hp_desktop_desktopicon_2013_us
InternetURL: C:\Users\Shelly\Favorites\HP\Software and Driver Downloads.url -> hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=downloads&pf=cndt&locale=en_us&bd=all&c=133
InternetURL: C:\Users\Shelly\Favorites\HP\Try HP MyRoom Free.url -> hxxp://redirect.hp.com/svs/rdr?bd=all&tp=iefavs&locale=en_ww&pf=cndt&c=132&s=hp_myroom&TYPE=4
InternetURL: C:\Users\Shelly\Favorites\Dell\Dell Auction.url -> hxxp://www.dellauction.com/
InternetURL: C:\Users\Shelly\Favorites\Dell\Dell Internet Security.url -> hxxp://support.dell.com/support/topics/global.aspx/support/security/security?c=us&cs=19&l=en&s=dhs
InternetURL: C:\Users\Shelly\Favorites\Dell\Dell.url -> hxxp://www.dell.com/
InternetURL: C:\Users\Shelly\Favorites\Dell\Support.Dell.Com.url -> hxxp://support.dell.com/support/index.aspx?c=us&l=en&s=gen
InternetURL: C:\Users\Shelly\Dropbox\daniel\daniel\Already tagged.url -> https://www.facebook.com/photo.php?fbid=180535921960903&set=a.180535881960907.49443.100000134901007&type=3
InternetURL: C:\Users\Shelly\Dropbox\daniel\daniel\photo.php.url -> https://www.facebook.com/photo.php?fbid=3257722810790&set=t.100000134901007&type=3
InternetURL: C:\Users\Shelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> hxxp://www.dropbox.com
InternetURL: C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\5.1.4.6\learnmore.url -> hxxp://app.prntscr.com/learnmore.html
InternetURL: C:\Users\Shelly\AppData\Local\Skillbrains\lightshot\5.1.4.6\learnmore_ru.url -> hxxp://app.prntscr.com/ru/learnmore.html
 
==================== End of log =============================
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Shelly at 2014-08-06 15:52:45
Running from C:\Users\Shelly\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.6603 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.3214 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.3123 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.3126 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (x32 Version: 12.0.3205.55 - CyberLink Corp.) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{764E68FE-C2F9-410E-90A8-CE7F8B9A36E2}) (Version: 2.03.0204 - Aviata Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.1 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{9E4750A7-90F6-4181-8A8A-B1ADF4216E93}) (Version: 1.0.1059.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.5.6426.22 - PC-Doctor, Inc.) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Lightshot-5.1.4.6 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.6 - Skillbrains)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1102 - SUPERAntiSpyware.com)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Shelly\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3139656502-3334905310-4129259759-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shelly\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
25-07-2014 16:26:53 Installed Box Edit
29-07-2014 17:07:19 Installed Java 7 Update 65
02-08-2014 15:40:34 Removed Box Edit
05-08-2014 20:37:56 avast! antivirus system restore point
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BE2928D-D52E-4C6C-9DD3-5169FF7827E3} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-05-08] (Microsoft Corporation)
Task: {10BAFB31-07D0-45D5-B70C-213088AC5E83} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2A680D0E-6AE3-4A52-A2BB-7022D18507B1} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {354C4D23-7ECD-481C-8A87-EB3CDB148D36} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {37A9F055-5252-4CE3-8CC3-6DCDC36C4E7D} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-01-15] (Synaptics Incorporated)
Task: {3B1A1F61-6CCD-4FCB-8FE7-AF263B2ACE86} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {40C572D1-52D4-42D5-8F6C-E2508EC96064} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-05] (AVAST Software)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4FFF28C6-80B7-48BF-AEBE-03DF0B210963} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {688D0127-6BF5-4B34-9297-66C248C31584} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B767503-DE99-40C1-AAD0-05FDFAA2A82F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-07-27] (Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {72225630-5EFF-484F-B011-E4CF492673A0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7F18A244-BA93-4CA3-94F6-1E0975310531} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SHELLYSLAPTOP-Shelly ShellysLaptop => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8FB47619-6FCA-4B49-9B7E-C4B8C5D8A476} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {9219078C-6DB9-4F9F-A123-FB309D87DF3C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9CEC7B7A-0A53-41E5-8163-7ABDAA49BCB8} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3139656502-3334905310-4129259759-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {9D06F84C-A1E3-4B75-BBEF-6EDCB135CD67} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-26] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A51DC9DB-01FC-4A20-991B-A2C349E152DC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {A82A807E-97AF-4A61-80E7-11008F0542A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B66A86E6-E146-4CDE-965D-714C3DADAED2} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {B8111DC5-E37F-4E96-85FD-4D5A5AD7EBD2} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-02-19] (Aviata Inc)
Task: {B9F2308F-4859-436E-8C5E-BAA6C193DEA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {BDF45D30-16D8-4B77-9932-093AAFF54D4D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {C0F65D30-E49B-4A60-A786-6CD49AC2F51A} - System32\Tasks\update-S-1-5-21-3139656502-3334905310-4129259759-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F11A5D2F-20D3-4F11-9434-59994EBB8642} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F2E4E306-3E7C-478A-8F62-39327680BA32} - System32\Tasks\SUPERAntiSpyware Scheduled Task e1bc7e46-4f57-45db-8564-ac7c467e6d05 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {F5D6B835-8559-4584-89C6-D849FA2BD3CF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {F82D1185-E003-4E3B-A41A-26EC4512812F} - System32\Tasks\SUPERAntiSpyware Scheduled Task fc1cc217-4e0b-44f8-8285-00f78f1d0c64 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e1bc7e46-4f57-45db-8564-ac7c467e6d05.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task fc1cc217-4e0b-44f8-8285-00f78f1d0c64.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\update-S-1-5-21-3139656502-3334905310-4129259759-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-25 13:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-10 17:53 - 2014-01-10 17:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll
2014-01-10 17:53 - 2014-01-10 17:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll
2014-01-10 17:53 - 2014-01-10 17:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll
2014-01-10 18:24 - 2014-01-10 18:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll
2014-01-10 18:24 - 2014-01-10 18:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll
2014-07-13 01:30 - 2014-01-13 12:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-07-27 14:41 - 2014-07-27 14:41 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-01-08 04:00 - 2014-01-08 04:00 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-01-08 03:58 - 2014-01-08 03:58 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll
2014-01-08 04:03 - 2014-01-08 04:03 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
2014-08-05 16:39 - 2014-08-05 16:39 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-05 16:39 - 2014-08-05 16:39 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080500\algo.dll
2014-08-06 11:46 - 2014-08-06 11:46 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080600\algo.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-13 23:01 - 2014-06-06 13:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-07-13 23:01 - 2014-06-06 13:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-07-13 23:01 - 2014-06-06 13:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-05-08 23:32 - 2013-12-10 11:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-05-08 23:28 - 2013-03-04 23:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 14:41 - 2013-03-05 14:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-07-27 14:42 - 2014-07-27 14:42 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-07-13 23:01 - 2014-06-06 13:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-08-05 16:39 - 2014-08-05 16:39 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-06 12:12 - 2014-08-06 12:12 - 00043008 _____ () c:\users\shelly\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4vxio3.dll
2013-10-18 19:55 - 2013-10-18 19:55 - 25100288 _____ () C:\Users\Shelly\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-18 06:55 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-18 06:55 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-18 06:55 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-18 06:55 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-18 06:55 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-18 06:55 - 2014-07-15 05:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Shelly\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/06/2014 00:12:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17039 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d98
 
Start Time: 01cfb190e2e340ce
 
Termination Time: 0
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 691c1475-1d84-11e4-8261-645a04477892
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/05/2014 11:14:45 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: SHELLYSLAPTOP)
Description: Application or service 'Microsoft Office Document Cache Sync Client Interface' could not be shut down.
 
Error: (08/05/2014 11:03:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20573 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 13c0
 
Start Time: 01cfb12242e308b9
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 3826cadc-1d16-11e4-8260-645a04477892
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/05/2014 10:07:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHELLYSLAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/05/2014 10:07:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHELLYSLAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (08/05/2014 05:48:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20573 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f50
 
Start Time: 01cfb0f649ab0b82
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 3dc521b8-1cea-11e4-825f-645a04477892
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/05/2014 05:33:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20573 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2464
 
Start Time: 01cfb0f21950dc05
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 0e5c4e57-1ce6-11e4-825f-645a04477892
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/03/2014 11:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26715437
 
Error: (08/03/2014 11:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26715437
 
Error: (08/03/2014 11:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/06/2014 11:47:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (08/05/2014 11:00:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (08/05/2014 10:56:53 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.
 
Error: (08/05/2014 10:13:54 PM) (Source: DCOM) (EventID: 10010) (User: SHELLYSLAPTOP)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
 
Error: (08/05/2014 10:11:54 PM) (Source: DCOM) (EventID: 10010) (User: SHELLYSLAPTOP)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
 
Error: (08/05/2014 04:40:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The avast! EmHWID service failed to start due to the following error: 
%%127
 
Error: (08/02/2014 06:08:53 PM) (Source: Schannel) (EventID: 4116) (User: SHELLYSLAPTOP)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is BN1WNS2011507.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (08/02/2014 06:08:53 PM) (Source: Schannel) (EventID: 4120) (User: SHELLYSLAPTOP)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
 
Error: (08/02/2014 06:08:16 PM) (Source: Schannel) (EventID: 4116) (User: SHELLYSLAPTOP)
Description: The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is BN1WNS2011507.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
 
Error: (08/02/2014 06:08:16 PM) (Source: Schannel) (EventID: 4120) (User: SHELLYSLAPTOP)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
 
 
Microsoft Office Sessions:
=========================
Error: (08/06/2014 00:12:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.17039d9801cfb190e2e340ce0C:\Windows\Explorer.EXE691c1475-1d84-11e4-8261-645a04477892
 
Error: (08/05/2014 11:14:45 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: SHELLYSLAPTOP)
Description: 1C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXEMicrosoft Office Document Cache Sync Client Interface021176892243003A005C00500072006F006700720061006D002000460069006C00650073005C004D006900630072006F0073006F006600740020004F00660066006900630065002000310035005C0072006F006F0074005C007600660073005C00500072006F006700720061006D00460069006C006500730043006F006D006D006F006E005800380036005C004D006900630072006F0073006F006600740020005300680061007200650064005C004F0046004600490043004500310035005C00630032007200330032002E0064006C006C00000043003A005C00500072006F006700720061006D0044006100740061005C004D006900630072006F0073006F00660074005C004F00660066006900630065005C0043006C00690063006B0054006F00520075006E005000610063006B006100670065004C006F0063006B00650072000000
 
Error: (08/05/2014 11:03:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2057313c001cfb12242e308b94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe3826cadc-1d16-11e4-8260-645a04477892microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/05/2014 10:07:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHELLYSLAPTOP)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
 
Error: (08/05/2014 10:07:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHELLYSLAPTOP)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
 
Error: (08/05/2014 05:48:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20573f5001cfb0f649ab0b824294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe3dc521b8-1cea-11e4-825f-645a04477892microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/05/2014 05:33:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20573246401cfb0f21950dc054294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe0e5c4e57-1ce6-11e4-825f-645a04477892microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/03/2014 11:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26715437
 
Error: (08/03/2014 11:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26715437
 
Error: (08/03/2014 11:10:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 71%
Total physical RAM: 4000.18 MB
Available physical RAM: 1133.32 MB
Total Pagefile: 6176.18 MB
Available Pagefile: 2196.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.75 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:453.4 GB) (Free:346.72 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B1498C03)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#14 shellfish101

shellfish101
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 06 August 2014 - 08:57 PM

found version 3.303 of adwcleaner and it worked on my computer.  here is the log. when i click clean, after the scan, it crashes everytimewhen it gets to the part where it is cleaning chrome. I ran the scan a few more times and  the last item, the one in chrome is always still there, everything else is gone.  and when i open chrome, that pricehop extension is still there as well.  

# AdwCleaner v3.303 - Report created 06/08/2014 at 20:35:53
# Updated 06/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Shelly - SHELLYSLAPTOP
# Running from : C:\Users\Shelly\Downloads\adwcleaner_3.303.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Found : C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\pricechOpe
Folder Found : C:\Program Files (x86)\Skillbrains
Folder Found : C:\ProgramData\Adblocker
Folder Found : C:\ProgramData\Adblocker
Folder Found : C:\ProgramData\pricechOpe
Folder Found : C:\ProgramData\Trusted Publisher
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\Shelly\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Shelly\AppData\Local\Skillbrains
Folder Found : C:\Users\Shelly\AppData\Local\torch
 
***** [ Scheduled Tasks ] *****
 
Task Found : update-sys
Task Found : SUPERAntiSpyware Scheduled Task e1bc7e46-4f57-45db-8564-ac7c467e6d05
Task Found : SUPERAntiSpyware Scheduled Task fc1cc217-4e0b-44f8-8285-00f78f1d0c64
Task Found : update-S-1-5-21-3139656502-3334905310-4129259759-1001
Task Found : update-sys
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\SkillBrains
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\SkillBrains
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Found : HKLM\Software\SkillBrains
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [LightShot]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Shelly\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2877 octets] - [06/08/2014 20:35:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2937 octets] ##########


#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,544 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:37 AM

Posted 07 August 2014 - 12:52 PM

Run the AdwCleaner tool one more time and select the Cleaning button.

Restart the computer if required.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
===

How is the computer running now?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users