Suspected Matrix Ransomware. Need help in removing it.

Ran by HP-PC (ATTENTION: The user is not administrator) on HP (18-03-2017 23:36:15)
Running from C:\Users\HP-PC\Downloads
Loaded Profiles: HP-PC & 183-k (Available Profiles: HP-PC & shrey & 183-k)
Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process → smss.exe
Failed to access process → csrss.exe
Failed to access process → wininit.exe
Failed to access process → csrss.exe
Failed to access process → winlogon.exe
Failed to access process → services.exe
Failed to access process → lsass.exe
Failed to access process → svchost.exe
Failed to access process → svchost.exe
Failed to access process → dwm.exe
Failed to access process → OmniServ.exe
Failed to access process → svchost.exe
Failed to access process → svchost.exe
Failed to access process → svchost.exe
Failed to access process → igfxCUIService.exe
Failed to access process → svchost.exe
Failed to access process → hpservice.exe
Failed to access process → RtkAudioService64.exe
Failed to access process → RAVBg64.exe
Failed to access process → RAVBg64.exe
Failed to access process → svchost.exe
Failed to access process → svchost.exe
Failed to access process → AvastSvc.exe
Failed to access process → spoolsv.exe
Failed to access process → armsvc.exe
Failed to access process → svchost.exe
Failed to access process → avp.exe
Failed to access process → svchost.exe
Failed to access process → EdgeModem-DrvSrv.exe
Failed to access process → HPWMISVC.exe
Failed to access process → HeciServer.exe
Failed to access process → iSCTAgent.exe
Failed to access process → mDNSResponder.exe
Failed to access process → svchost.exe
Failed to access process → SynTPEnhService.exe
Failed to access process → tunmgr.exe
Failed to access process → ConnectifyService.exe
Failed to access process → MBAMService.exe
Failed to access process → Connectifyd.exe
Failed to access process → conhost.exe
Failed to access process → WmiPrvSE.exe
Failed to access process → BbDevMgr.exe
Failed to access process → svchost.exe
Failed to access process → svchost.exe
Failed to access process → svchost.exe
Failed to access process → svchost.exe
Failed to access process → dasHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Failed to access process → PresentationFontCache.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
Failed to access process → opvapp.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
Failed to access process → SearchIndexer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Shanghai DS-Mobile Technology Co., Ltd.) C:\Program Files\Micromax 200G USB Modem\EdgeModem-Run.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectify.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
Failed to access process → hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process → HPSA_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(RescueTime, Inc.) C:\Users\HP-PC\AppData\Local\RescueTime\RescueTime.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process → IAStorDataMgrSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process → IntelMeFWService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Failed to access process → jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process → ksde.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
Failed to access process → LMS.exe
Failed to access process → wmpnetwk.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
Failed to access process → dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process → WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Design Science, Inc.) C:\Users\HP-PC\Downloads\MTW6.7a.exe
(Design Science, Inc.) C:\Users\183-k\AppData\Local\Temp\pftF1D9~tmp\setup.exe
(Design Science, Inc.) C:\Program Files (x86)\MathType\MathType.exe
Failed to access process → wlanext.exe
Failed to access process → conhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process → SearchProtocolHost.exe
Failed to access process → SearchFilterHost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-23] (Realtek Semiconductor)
HKLM...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-29] (Hewlett-Packard)
HKLM...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM...\Run: [EdgeModem-AutoRun] => C:\Program Files\Micromax 200G USB Modem\EdgeModem-Run.exe [86016 2009-09-19] (Shanghai DS-Mobile Technology Co., Ltd.)
HKLM...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [4131384 2016-12-15] (Connectify)
HKLM...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-14] (Hewlett-Packard Company)
HKLM-x32...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2008-05-27] (Apple Inc.)
HKLM-x32...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4861688 2015-03-19] (BlackBerry Limited)
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
HKLM...\RunOnce: [GrpConv] => grpconv -o
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2471672 2015-03-19] (Research In Motion Limited)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\Run: [AZ3Tq5k16l3MBynp] => C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta [35119 2017-03-13] ()
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\Run: [GoogleChromeAutoLaunch_7F0416C691E452253BB89BC2BE6 D7727] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-09] (Google Inc.)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\RunOnce: [Application Restart #7] => C:\Users\HP-PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (the data entry has 583 more characters).
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MountPoints2: {52f96c0f-4b14-11e6-82cb-020046a23e01} - “E:.\StartModem.exe”
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MountPoints2: {6d4daa1b-2812-11e4-8266-a02bb859a5c2} - “E:\AutoRun.exe”
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MountPoints2: {fddc09cc-da5b-11e3-825b-806e6f6e6963} - “E:\start.exe”
ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-05-13]
ShortcutTarget: ISCTSystray.lnk → C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2017-03-08]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk → C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2017-01-28]
ShortcutTarget: RescueTime.lnk → C:\Users\HP-PC\AppData\Local\RescueTime\RescueTime.exe (RescueTime, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip..\Interfaces{D8CDCD34-1927-4308-BFA6-CD78629C69FD}: [DhcpNameServer] 192.168.0.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
URLSearchHook: [S-1-5-21-1605944295-1278072363-3366277582-1005] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001 → {ED62CEEF-D711-461D-8D9E-9ACA3F0E3A2A} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection → {2E38825B-8815-42CF-9126-C58BC28D4591} → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
BHO: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Users\183-k\Desktop\bin\ssv.dll [2014-10-22] (Oracle Corporation)
BHO: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Users\183-k\Desktop\bin\jp2ssv.dll [2014-10-22] (Oracle Corporation)
BHO: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP luginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Kaspersky Protection → {2E38825B-8815-42CF-9126-C58BC28D4591} → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper → {72853161-30C5-4D22-B7F9-0BBC1D38A37E} → C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
BHO-x32: Evernote extension → {92EF2EAD-A7CE-4424-B0DB-499CF856608E} → C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\HP-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hyaysi ad.default [2017-03-14]
FF Extension: (No Name) - C:\Users\HP-PC\AppData\Roaming\Mozilla\Firefox\Profiles\hyaysi ad.default\extensions\deskCutv2@gmail.com [not found]
FF HKLM...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => not found
FF HKLM...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A...asp ersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-14]
FF HKLM-x32...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM-x32...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => not found
FF HKLM-x32...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A...asp ersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22]
FF Plugin: @java.com/DTPlugin,version=11.25.2 → C:\Users\183-k\Desktop\bin\dtplugin\npDeployJava1.dll [2014-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 → C:\Users\183-k\Desktop\bin\plugin2\npjp2.dll [2014-10-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer → C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144 .dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @autograph-maths.com/Autograph Player Plugin → C:\Program Files (x86)\Autograph 3.3\WebPlayer\npagraph.dll [2011-06-17] (Eastmond Publishing Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 → C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 → C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-14] (Google Inc.)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-12-22] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-03-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-03-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-03-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-03-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-03-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2015-03-27] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2015-03-27] (Apple Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2009-12-22]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2009-12-22]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2009-12-22]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2009-12-22]
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR HomePage: Default → hxxp://www.mysites123.com/?type=hp&ts=1453566380&z=f6910177e709c56307dc30dgb z8wcc0w0q5q2cfb8e&from=amt&uid=hgstxhts541010a9e68 0_ja1006103dru1v3dru1vx
CHR StartupUrls: Default → “hxxp://www.mysites123.com/?type=hp&ts=1453566380&z=f6910177e709c56307dc30dgb z8wcc0w0q5q2cfb8e&from=amt&uid=hgstxhts541010a9e68 0_ja1006103dru1v3dru1vx”
CHR Profile: C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default [2017-03-18]
CHR Extension: (Google Slides) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-03-15]
CHR Extension: (Google Docs) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-03-15]
CHR Extension: (Google Drive) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2017-03-15]
CHR Extension: (RescueTime for Chrome™ & ChromeOS™) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakmnplckeopfghnlpocafcep egjeap [2017-01-28]
CHR Extension: (YouTube) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-28]
CHR Extension: (OneTab) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkd nihall [2017-02-28]
CHR Extension: (Google Search) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2015-10-28]
CHR Extension: (Daum Equation Editor) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dinfmiceliiomokeofbocegmac magjhe [2015-12-29]
CHR Extension: (Kindle Cloud Reader) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eidmeomeandibmjodiebnhjlnm poenph [2016-06-05]
CHR Extension: (Block site) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeo jpcgbh [2016-11-29]
CHR Extension: (Google Sheets) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-03-15]
CHR Extension: (Kaspersky Protection) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdb bplhib [2017-03-14]
CHR Extension: (Google Docs Offline) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-03-15]
CHR Extension: (AdBlock) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2017-02-28]
CHR Extension: (Multi messenger) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknmpnbgkaekopldbncmggaejj amkemn [2017-03-14]
CHR Extension: (Grammarly for Chrome) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobk ghlhen [2017-03-17]
CHR Extension: (Popup Blocker Pro) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghp ejdjai [2017-01-29]
CHR Extension: (StayFocusd) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdela hlfoji [2017-01-28]
CHR Extension: (Gorgias Templates: Email templates for Gmail) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmcngpkjkplipamgflhioabnhn opeabf [2017-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2017-03-14]
CHR Extension: (sketchometry) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmnfcmbldiamdnkjjojkiamjob lkemfd [2016-12-01]
CHR Extension: (Video Cutter) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmc iabnai [2016-02-20]
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjn mnmnnb [2016-02-20]
CHR Extension: (Gmail) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2015-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2017-03-14]
CHR HKLM...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-14] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [257592 2016-12-15] (Connectify)
R2 EdgeModem-DrvSrv; C:\Program Files\Micromax 200G USB Modem\EdgeModem-DrvSrv.exe [189952 2009-09-19] (Shanghai DS-Mobile Technology Co., Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-27] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-29] (Softex Inc.) [File not signed]
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-14] (AVAST Software s.r.o.)
S3 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-14] (AVAST Software s.r.o.)
S3 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-14] (AVAST Software s.r.o.)
S3 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
S3 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
S3 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
S3 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-14] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
S3 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7517872 2014-05-13] (Broadcom Corporation)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.s ys [36360 2016-04-06] (BlackBerry)
S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-10] (Broadcom Corporation.)
R1 cfywlan1; C:\Windows\system32\DRIVERS\cfywlan1.sys [36736 2016-11-15] (Connectify)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [43872 2016-11-15] (Connectify)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-14] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-14] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-14] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-14] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [196376 2017-03-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [509728 2017-03-14] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1017624 2017-03-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2017-03-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-15] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-15] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-15] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-15] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 mtkmbim; C:\Windows\system32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (MediaTek Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-15] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdf_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [81408 2013-02-21] (MediaTek Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64 .sys [20800 2013-07-23] (Hewlett-Packard Development Company, L.P.)
U3 aswbdisk; no ImagePath
S3 mdareDriver_48; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_48.sys
S3 mdareDriver_52; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_52.sys
S3 mdareDriver_53; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_53.sys
S3 mdareDriver_60; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_60.sys
S3 mdareDriver_61; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_61.sys
S3 mdareDriver_62; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_62.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-18 23:36 - 2017-03-18 23:37 - 00036821 _____ C:\Users\HP-PC\Downloads\FRST.txt
2017-03-18 23:36 - 2017-03-18 23:36 - 00000000 ____D C:\FRST
2017-03-18 23:35 - 2017-03-18 23:35 - 02424832 _____ (Farbar) C:\Users\HP-PC\Downloads\FRST64.exe
2017-03-18 20:10 - 2017-03-18 20:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Mathematics Add-in
2017-03-18 20:05 - 2017-03-18 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6
2017-03-18 19:59 - 2017-03-18 20:00 - 06253776 _____ (Design Science, Inc.) C:\Users\HP-PC\Downloads\MTW6.7a.exe
2017-03-18 19:57 - 2017-03-18 20:01 - 06926440 _____ (Microsoft Corporation) C:\Users\HP-PC\Downloads\MASetup.exe
2017-03-18 19:41 - 2017-03-18 19:43 - 10416632 _____ (Design Science, Inc.) C:\Users\HP-PC\Downloads\InstallMTW6.9b.exe
2017-03-18 13:59 - 2017-03-18 23:04 - 00000000 ____D C:\Users\HP-PC\Downloads\Evelyn Math
2017-03-18 11:49 - 2017-03-18 11:49 - 00262060 _____ C:\Users\HP-PC\Downloads\New Doc 26_1 (1).pdf
2017-03-18 11:48 - 2017-03-18 11:48 - 00262060 _____ C:\Users\HP-PC\Downloads\New Doc 26_1.pdf
2017-03-18 00:38 - 2017-03-18 19:59 - 00006992 _____ C:\Users\HP-PC\Downloads\Letter.tex.bak
2017-03-18 00:37 - 2017-03-18 01:40 - 00037264 _____ C:\Users\HP-PC\Downloads\Letter.pdf
2017-03-18 00:37 - 2017-03-18 01:40 - 00000205 _____ C:\Users\HP-PC\Downloads\Letter.aux
2017-03-18 00:34 - 2017-03-18 01:40 - 00015806 _____ C:\Users\HP-PC\Downloads\Letter.synctex.gz
2017-03-18 00:34 - 2017-03-18 01:40 - 00006992 _____ C:\Users\HP-PC\Downloads\Letter.tex
2017-03-18 00:03 - 2017-03-18 00:13 - 00005427 _____ C:\Users\HP-PC\Downloads\Resume.tex.bak
2017-03-17 22:51 - 2017-03-17 22:51 - 01968138 _____ C:\Users\HP-PC\Downloads\dp-statistical-bulletin-may-2016-en.pdf
2017-03-17 21:50 - 2017-03-17 21:50 - 00057146 _____ C:\Users\HP-PC\Downloads\Resume_Shrey.pdf
2017-03-17 20:23 - 2017-03-17 20:23 - 00063661 _____ C:\Users\HP-PC\Downloads\ScholarshipsVersion2.pdf
2017-03-17 20:00 - 2017-03-17 20:00 - 00020462 _____ C:\Users\HP-PC\Downloads\receipt881031110632061 (1).pdf
2017-03-17 19:59 - 2017-03-17 20:00 - 00020462 _____ C:\Users\HP-PC\Downloads\receipt881031110632061.pdf
2017-03-17 16:21 - 2017-03-17 16:21 - 02485828 _____ C:\Users\HP-PC\Downloads\48150-1.pdf
2017-03-17 16:19 - 2017-03-17 16:19 - 01522664 _____ C:\Users\HP-PC\Downloads\48242-1.pdf
2017-03-17 13:20 - 2017-03-17 13:20 - 00035265 _____ C:\Users\HP-PC\Downloads_photo_8e7e150c0795121a9d0976de444f0b2 d.pdf
2017-03-17 01:33 - 2017-03-17 23:39 - 00005983 _____ C:\Users\HP-PC\Downloads\res8.tex.bak
2017-03-17 01:19 - 2017-03-17 01:49 - 00088470 _____ C:\Users\HP-PC\Downloads\res8.pdf
2017-03-17 01:18 - 2017-03-17 01:49 - 00010439 _____ C:\Users\HP-PC\Downloads\res8.synctex.gz
2017-03-17 01:17 - 2017-03-17 01:43 - 00003629 _____ C:\Users\HP-PC\Downloads\res1.tex.bak
2017-03-17 01:17 - 2017-03-17 01:17 - 00025869 _____ C:\Users\HP-PC\Downloads\res.cls
2017-03-17 01:15 - 2017-03-17 01:51 - 00065591 _____ C:\Users\HP-PC\Downloads\res1.pdf
2017-03-17 01:15 - 2017-03-17 01:51 - 00013952 _____ C:\Users\HP-PC\Downloads\res1.synctex.gz
2017-03-17 01:15 - 2017-03-17 01:15 - 00000009 _____ C:\Users\HP-PC\Downloads\res1.aux
2017-03-17 01:14 - 2017-03-17 01:51 - 00006117 _____ C:\Users\HP-PC\Downloads\res1.tex
2017-03-17 01:14 - 2017-03-17 01:49 - 00005983 _____ C:\Users\HP-PC\Downloads\res8.tex
2017-03-17 00:47 - 2017-03-17 23:39 - 00004718 _____ C:\Users\HP-PC\Downloads\Resume.bak
2017-03-17 00:39 - 2017-03-18 00:22 - 00079228 _____ C:\Users\HP-PC\Downloads\Resume.pdf
2017-03-17 00:39 - 2017-03-18 00:22 - 00000009 _____ C:\Users\HP-PC\Downloads\Resume.aux
2017-03-17 00:38 - 2017-03-18 00:22 - 00014505 _____ C:\Users\HP-PC\Downloads\Resume.synctex.gz
2017-03-17 00:38 - 2017-03-18 00:22 - 00005415 _____ C:\Users\HP-PC\Downloads\Resume.tex
2017-03-17 00:37 - 2017-03-17 00:37 - 00004525 _____ C:\Users\HP-PC\Downloads\resume.cls
2017-03-17 00:18 - 2017-03-17 00:18 - 00065536 _____ C:\Users\HP-PC\Downloads\Fathers_Resume.pdf
2017-03-16 22:15 - 2017-03-16 22:16 - 00010487 _____ C:\Users\HP-PC\Downloads\Scholarship Details Modified for 183 KH.xlsx
2017-03-16 00:39 - 2017-03-16 00:39 - 00748192 _____ (TechGuy, Inc.) C:\Users\HP-PC\Downloads\SysInfo.exe
2017-03-15 23:32 - 2017-03-15 23:32 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-15 20:33 - 2017-03-15 20:33 - 00002562 _____ C:\Users\HP-PC\Desktop\ttt.txt
2017-03-15 17:51 - 2017-03-15 17:51 - 00010425 _____ C:\Users\HP-PC\Downloads\Scholarship Details for 183 KH.xlsx
2017-03-15 14:05 - 2017-03-15 14:05 - 00121376 _____ C:\Users\HP-PC\Downloads\UndergraduateScholarshipForm.pdf
2017-03-15 04:54 - 2017-03-15 05:20 - 00000000 _____ C:\Recovery.txt
2017-03-15 02:05 - 2017-03-15 02:05 - 00020372 _____ C:\Users\HP-PC\Downloads\budget - pas à pas.xlsx
2017-03-14 20:19 - 2017-03-14 20:19 - 00001357 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-03-14 20:19 - 2017-03-14 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-03-14 20:18 - 2017-03-14 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-03-14 20:18 - 2017-03-14 20:17 - 00002094 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2017-03-14 20:18 - 2017-03-14 20:16 - 00002118 _____ C:\Users\Public\Desktop\Safe Money.lnk
2017-03-14 20:15 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2017-03-14 20:10 - 2017-03-18 22:55 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-14 20:10 - 2017-03-14 20:19 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-03-14 20:07 - 2017-03-14 20:54 - 01017624 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-03-14 20:07 - 2017-03-14 20:54 - 00196376 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-03-14 19:56 - 2017-03-14 19:56 - 177801248 _____ (Kaspersky Lab) C:\Users\HP-PC\Downloads\kts17.0.0.611en_10761.exe
2017-03-14 19:45 - 2017-03-18 19:45 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForHP-PC.job
2017-03-14 16:13 - 2017-03-14 16:13 - 00000000 ____D C:\Win 8.1
2017-03-14 12:29 - 2017-03-15 00:40 - 00000000 ____D C:\Users\183-k\AppData\Roaming\Enigma Software Group
2017-03-14 12:29 - 2017-03-15 00:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-03-14 12:29 - 2017-03-14 12:29 - 00000000 ____D C:\sh4ldr
2017-03-14 02:22 - 2017-03-14 11:51 - 00219360 _____ C:\Windows\ntbtlog.txt
2017-03-14 01:39 - 2017-03-15 23:31 - 00000000 ____D C:\Program Files\Google
2017-03-14 01:25 - 2017-03-14 01:39 - 00002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-14 01:25 - 2017-03-14 01:39 - 00002170 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-14 01:20 - 2017-03-14 01:19 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-14 01:15 - 2017-03-14 01:15 - 00000000 ____D C:\Users\HP-PC\AppData\Roaming\AVAST Software
2017-03-14 01:15 - 2017-03-14 01:15 - 00000000 ____D C:\Users\HP-PC\AppData\Local\CEF
2017-03-14 01:14 - 2017-03-14 01:14 - 00001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-03-14 01:14 - 2017-03-14 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-14 01:13 - 2017-03-14 20:26 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-14 01:12 - 2017-03-14 14:51 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 01:12 - 2017-03-14 01:13 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-14 01:12 - 2017-03-14 01:09 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-14 01:11 - 2017-03-14 01:11 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-14 01:06 - 2017-03-14 01:19 - 00000000 ____D C:\Program Files\AVAST Software
2017-03-14 01:05 - 2017-03-14 02:05 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-14 00:58 - 2017-03-14 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware
2017-03-14 00:58 - 2017-03-14 00:58 - 00000000 ____D C:\Program Files\Bitdefender
2017-03-14 00:37 - 2017-03-15 23:33 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-13 23:42 - 2017-03-16 00:00 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-13 23:42 - 2017-03-15 23:33 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-13 23:42 - 2017-03-15 23:33 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-13 23:42 - 2017-03-15 23:32 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-13 23:41 - 2017-03-13 23:41 - 00001890 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-13 23:41 - 2017-03-13 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-13 23:41 - 2017-03-13 23:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-13 23:41 - 2017-03-13 23:41 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-13 23:41 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-13 23:21 - 2017-03-13 23:39 - 00000000 ____D C:\Program Files\Plumbytes Software
2017-03-13 22:06 - 2017-03-13 22:06 - 00000000 ____D C:\Users\HP-PC\AppData\Local\Grammarly
2017-03-13 15:41 - 2017-03-13 15:41 - 00035119 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta
2017-03-13 15:41 - 2017-03-13 15:41 - 00017624 _____ C:\Users\HP-PC\AppData\Roaming\errlog.txt
2017-03-13 15:41 - 2017-03-13 15:41 - 00000000 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.afn
2017-03-13 14:33 - 2017-03-13 14:33 - 00000000 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.ast
2017-03-12 16:10 - 2017-03-13 15:25 - 02547944 _____ C:\Users\HP-PC\Desktop\Sustaiable development seminar _PPT.ppt.4B4FC70A905FD32B.matrix
2017-03-10 23:22 - 2017-03-13 15:32 - 00000000 ____D C:\Users\HP-PC\jdk
2017-03-10 23:15 - 2017-03-10 23:15 - 00000185 _____ C:\Users\HP-PC\Desktop\Hello.java
2017-03-08 11:04 - 2017-03-18 23:31 - 00000000 ____D C:\Users\HP-PC\Documents\OneNote Notebooks
2017-03-07 20:54 - 2017-03-07 20:54 - 00001417 _____ C:\Users\HP-PC\AppData\Roaming.emacs
2017-03-07 20:46 - 2017-03-07 20:46 - 00000954 _____ C:\Users\HP-PC\Desktop\emacs.exe - Shortcut.lnk
2017-03-07 20:41 - 2017-03-07 20:43 - 00000000 ____D C:\Users\HP-PC\AppData\Roaming.emacs.d
2017-03-07 19:25 - 2017-03-07 19:25 - 00001233 _____ C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey.lnk
2017-03-07 19:25 - 2017-03-07 19:25 - 00000000 ____D C:\Program Files (x86)\SMLNJ
2017-03-07 19:14 - 2017-03-07 19:20 - 13414400 _____ C:\Users\HP-PC\Desktop\smlnj-110.80.msi
2017-03-07 19:13 - 2017-03-13 15:22 - 50603744 _____ C:\Users\HP-PC\Desktop\emacs-24.5-bin-i686-mingw32.zip.4B4FC70A905FD32B.matrix
2017-03-07 14:33 - 2017-03-07 14:33 - 00001233 _____ C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey (2).lnk
2017-03-07 13:04 - 2017-03-07 13:04 - 00000000 ____D C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gnu Emacs
2017-02-16 10:47 - 2017-02-16 10:47 - 00000000 ____D C:\Program Files\HP
2017-02-16 10:47 - 2012-09-29 10:35 - 00350720 _____ C:\Windows\system32\mvhlewsi.dll
2017-02-16 10:37 - 2017-03-13 15:12 - 00000000 ____D C:\LJM1130_M1210_MFP_Full_Solution
2017-02-16 10:30 - 2017-02-16 10:33 - 228263392 _____ C:\Users\HP-PC\LJM1130_M1210_MFP_Full_Solution.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-18 20:09 - 2014-07-29 02:57 - 00238880 _____ C:\Users\HP-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-18 20:05 - 2015-10-27 14:46 - 00000000 ____D C:\Program Files (x86)\MathType
2017-03-18 16:52 - 2014-07-30 03:01 - 00000000 ___RD C:\Users\HP-PC\OneDrive
2017-03-18 13:59 - 2014-07-29 21:22 - 05062144 ___SH C:\Users\HP-PC\Downloads\Thumbs.db
2017-03-17 15:19 - 2013-08-22 21:06 - 00000000 ____D C:\Windows\AppReadiness
2017-03-17 10:56 - 2013-08-22 20:50 - 00000000 ____D C:\Windows\CbsTemp
2017-03-17 10:55 - 2014-08-23 10:48 - 00000000 ____D C:\Windows\system32\MRT
2017-03-17 10:46 - 2014-08-23 10:48 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-16 17:43 - 2013-08-22 19:06 - 00000000 ____D C:\Windows\Inf
2017-03-16 02:18 - 2013-08-22 21:06 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 23:41 - 2017-02-06 18:50 - 00000000 ____D C:\Users\HP-PC\Documents\Youcam
2017-03-15 23:31 - 2014-07-28 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-15 23:31 - 2013-08-22 20:15 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-15 18:47 - 2014-07-28 21:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-03-15 17:54 - 2013-08-22 21:06 - 00000000 ____D C:\Windows\system32\NDF
2017-03-15 11:43 - 2014-03-18 15:23 - 00958356 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-15 00:50 - 2016-12-10 22:10 - 00000000 ____D C:\Users\183-k\AppData\Local\Google
2017-03-14 20:54 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2017-03-14 20:54 - 2016-06-14 17:47 - 00199392 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-03-14 20:53 - 2016-06-02 22:39 - 00136416 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2017-03-14 20:51 - 2016-09-04 14:55 - 00000000 ____D C:\Users\183-k\AppData\Local\ElevatedDiagnostics
2017-03-14 20:33 - 2016-06-20 17:54 - 00509728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-14 20:13 - 2013-08-22 21:06 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-03-14 19:45 - 2014-07-28 21:19 - 00000000 ____D C:\Users\HP-PC\AppData\Local\Hewlett-Packard
2017-03-14 19:45 - 2013-08-22 21:06 - 00000000 ____D C:\Windows\tracing
2017-03-14 14:54 - 2014-07-28 21:33 - 00000000 ____D C:\Users\HP-PC\AppData\Local\Google
2017-03-14 14:45 - 2014-07-28 21:47 - 00002276 _____ C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-14 14:45 - 2014-07-28 21:47 - 00002246 _____ C:\Users\HP-PC\Desktop\Google Chrome.lnk
2017-03-14 13:43 - 2016-06-29 17:32 - 00000000 ____D C:\Program Files (x86)\Ckikution
2017-03-14 02:12 - 2014-11-06 12:35 - 00029184 ___SH C:\Users\shrey\Downloads\Thumbs.db
2017-03-14 01:15 - 2015-02-03 09:59 - 00000000 ____D C:\temp
2017-03-13 15:41 - 2016-04-05 18:42 - 12322828 _____ C:\Users\shrey\Downloads\MAY 2014.zip.4B4FC70A905FD32B.matrix
2017-03-13 15:41 - 2016-04-05 18:41 - 11749995 _____ C:\Users\shrey\Downloads\MAY 2012.zip.4B4FC70A905FD32B.matrix
2017-03-13 15:41 - 2013-08-22 21:06 - 00000000 __RHD C:\Users\Public\Libraries
2017-03-13 15:31 - 2015-10-28 10:09 - 00000000 ____D C:\Users\HP-PC\GeoGebra 5.0
2017-03-13 15:30 - 2016-02-12 12:05 - 00001421 ____H C:\Users\HP-PC\Downloads~$presentation 2.pptx
2017-03-13 15:28 - 2016-12-01 03:03 - 00026856 _____ C:\Users\HP-PC\Documents\Rescue3.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2016-06-16 00:37 - 00000000 ____D C:\Users\HP-PC\Documents\Latex Files
2017-03-13 15:28 - 2016-02-16 11:14 - 00552680 _____ C:\Users\HP-PC\Documents\Rescue2.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-12-08 01:48 - 00085224 _____ C:\Users\HP-PC\Documents\Rescue1.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-11-01 13:37 - 00007425 _____ C:\Users\HP-PC\Documents\IMP.2.ggb.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-11-01 12:29 - 00008632 _____ C:\Users\HP-PC\Documents\IMP.ggb.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-09-17 16:32 - 01853672 _____ C:\Users\HP-PC\Documents\Rescue.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-05-21 16:08 - 00000000 ____D C:\Users\HP-PC\Documents\IB Question Papers
2017-03-13 15:28 - 2014-08-17 09:30 - 54240515 _____ C:\Users\HP-PC\Documents\IMG_0696.MOV.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2014-08-17 09:30 - 26736097 _____ C:\Users\HP-PC\Documents\IMG_0684.MOV.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2014-08-10 16:39 - 00001421 ____H C:\Users\HP-PC\Documents~$Role Of Education in Creating a Sense of.pptx
2017-03-13 15:28 - 2014-08-09 22:59 - 00157150 _____ C:\Users\HP-PC\Documents\Role Of Education in Creating a Sense of.pptx.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2014-07-28 21:17 - 00000000 ___HD C:\Users\HP-PC\Documents\hp.system.package.metadata
2017-03-13 15:27 - 2017-01-20 18:11 - 00000000 ____D C:\Users\HP-PC\Documents\DST SHE Scholarship Relevant Documents
2017-03-13 15:27 - 2016-02-15 09:30 - 00003502 ____H C:\Users\HP-PC\Documents\Default.rdp
2017-03-13 15:27 - 2015-04-22 10:00 - 99711929 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (3_3) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 99711929 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (3_3) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 99711929 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (3_3) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 78880388 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar spectra - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 78880388 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar spectra - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 66528949 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (1_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 66528949 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (1_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 56863464 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (2_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 56863464 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (2_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 56550765 _____ C:\Users\HP-PC\Documents\Astrophysics - Redshift due to expanding space - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 45408275 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (1_3) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 45408275 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (1_3) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 45408275 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (1_3) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39409583 _____ C:\Users\HP-PC\Documents\Astrophysics - Spectral Classes - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39409583 _____ C:\Users\HP-PC\Documents\Astrophysics - Spectral Classes - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39383880 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (1_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39383880 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (1_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25387440 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (2_3) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25387440 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (2_3) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25387440 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (2_3) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25050921 _____ C:\Users\HP-PC\Documents\Astrophysics - Our place in space (2_2) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 15169781 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (2_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 15169781 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (2_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 09:59 - 25050921 _____ C:\Users\HP-PC\Documents\Astrophysics - Our place in space (2_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 09:59 - 25050921 _____ C:\Users\HP-PC\Documents\Astrophysics - Our place in space (2_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-15 09:48 - 00000000 ____D C:\Users\HP-PC\Documents\astrophysics
2017-03-13 15:27 - 2014-07-28 23:02 - 00000000 ____D C:\Users\HP-PC\Documents\Books
2017-03-13 15:25 - 2016-12-14 18:32 - 00001421 ____H C:\Users\HP-PC\Desktop~$NBA Campus Influencer Profiles.pptx
2017-03-13 15:22 - 2016-11-24 13:21 - 00000000 ____D C:\Users\HP-PC\Desktop\Important Documents
2017-03-13 15:22 - 2014-12-07 19:52 - 00000000 ____D C:\Users\HP-PC\Desktop\Practise
2017-03-13 15:22 - 2014-08-04 05:33 - 00000000 ____D C:\Users\HP-PC\Desktop\Laksh
2017-03-13 15:21 - 2016-09-10 02:29 - 00001485 _____ C:\Users\183-k.tracker.prefs.4B4FC70A905FD32B.matrix
2017-03-13 15:21 - 2016-09-03 08:17 - 00000000 ____D C:\Users\HP-PC.idlerc
2017-03-13 15:21 - 2016-01-27 09:06 - 00005392 _____ C:\ProgramData\oqztiqep.adk.4B4FC70A905FD32B.matri x
2017-03-13 15:21 - 2015-04-11 17:25 - 00000000 ____D C:\Users\HP-PC\Desktop\bin
2017-03-13 15:21 - 2014-10-22 20:22 - 00000000 ____D C:\Users\183-k\Desktop\lib
2017-03-13 15:21 - 2014-10-22 20:22 - 00000000 ____D C:\Users\183-k\Desktop\bin
2017-03-13 15:21 - 2014-08-30 11:31 - 00000000 ____D C:\ProgramData\Autograph 3
2017-03-13 15:21 - 2014-08-04 05:32 - 00000000 ____D C:\Users\HP-PC\bluej
2017-03-13 15:21 - 2014-08-02 09:06 - 00000000 ___HD C:\Users\183-k\Documents\hp.system.package.metadata
2017-03-13 15:21 - 2014-08-02 09:05 - 00000000 ____D C:\Users\183-k
2017-03-13 15:21 - 2014-04-01 06:37 - 00000000 ___HD C:\SYSTEM.SAV
2017-03-13 15:19 - 2016-02-20 15:37 - 00000000 ____D C:\SmartDraw CI
2017-03-13 14:57 - 2016-09-03 08:14 - 00000000 ____D C:\Python27
2017-03-13 14:57 - 2016-01-27 10:48 - 00000000 ____D C:\Users\HP-PC\Documents\ezvid
2017-03-13 14:57 - 2014-11-06 12:31 - 11883111 _____ C:\Users\shrey\Downloads\DSC_0050.JPG.4B4FC70A905F D32B.matrix
2017-03-13 14:57 - 2014-11-06 12:26 - 12132512 _____ C:\Users\shrey\Downloads\DSC_0073.JPG.4B4FC70A905F D32B.matrix
2017-03-13 14:57 - 2014-10-22 20:22 - 00179656 _____ C:\Users\183-k\Desktop\THIRDPARTYLICENSEREADME.txt.4B4FC70A905F D32B.matrix
2017-03-13 14:57 - 2014-10-22 20:22 - 00111370 _____ C:\Users\183-k\Desktop\THIRDPARTYLICENSEREADME-JAVAFX.txt.4B4FC70A905FD32B.matrix
2017-03-13 14:57 - 2014-10-22 20:22 - 00001302 _____ C:\Users\183-k\Desktop\README.txt.4B4FC70A905FD32B.matrix
2017-03-13 14:56 - 2016-12-14 20:56 - 00008328 _____ C:\Users\HP-PC\image001.jpg.4B4FC70A905FD32B.matrix
2017-03-13 14:56 - 2014-07-28 21:17 - 00000000 ____D C:\Users\HP-PC
2017-03-13 14:55 - 2016-08-02 23:41 - 00250534 _____ C:\Users\shrey\Downloads\Account Statement.PDF.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-08-02 23:41 - 00098092 _____ C:\Users\shrey\Downloads\PAN.pdf.4B4FC70A905FD32B. matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00346023 _____ C:\Users\shrey\Downloads\Computer_science_paper_2_ _SL.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00284405 _____ C:\Users\shrey\Downloads\Computer_science_paper_1_ _SL (1).pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00260714 _____ C:\Users\shrey\Downloads\Computer_science_paper_1_ _SL.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00255002 _____ C:\Users\shrey\Downloads\Computer_science_paper_2_ _SL (1).pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:45 - 00387807 _____ C:\Users\shrey\Downloads\HL p1 markscheme May 2014.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 18:44 - 04396948 _____ C:\Users\shrey\Downloads\Computer System Study material.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2016-03-27 22:51 - 00190312 _____ C:\Users\HP-PC\Documents\UGA-UGB-2015.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-25 16:28 - 20708124 _____ C:\Users\HP-PC\Documents\Mathematics HL.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 06718848 _____ C:\Users\HP-PC\Documents\MathExploration_Elevators SL MATH EXPLORATION.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 06392037 _____ C:\Users\HP-PC\Documents\MathExploration_Powertothepeople SL MATH EXPLORATION.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 01500816 _____ C:\Users\HP-PC\Documents\IB Math SL Exploration Rubric.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 01059657 _____ C:\Users\HP-PC\Documents\SampleProjectPerfectScore.pdf.4B4FC70 A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00497764 _____ C:\Users\HP-PC\Documents\SL MATH -1.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00377946 _____ C:\Users\HP-PC\Documents\Rainfall[1].pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00241524 _____ C:\Users\HP-PC\Documents\SL MATH -2.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00016863 _____ C:\Users\HP-PC\Documents\Intro Research Assignment.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-05-03 18:42 - 12128783 _____ C:\Users\HP-PC\Documents\Layout Design6.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2014-08-10 16:31 - 14504766 _____ C:\Users\HP-PC\Documents\The Echo [pub final edition].pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2017-02-05 18:32 - 00000000 ____D C:\Users\HP-PC\Desktop\Scholarships
2017-03-13 14:45 - 2016-07-15 23:09 - 00000000 ___D C:\Users\HP-PC\Documents\Delhi University
2017-03-13 14:45 - 2015-08-06 17:15 - 05109150 _____ C:\Users\HP-PC\Documents\Frequently asked questions.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 02530171 _____ C:\Users\HP-PC\Documents\Detail Information Math SL IA.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 02234539 _____ C:\Users\HP-PC\Documents\Cycloids and Paths.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00924734 _____ C:\Users\HP-PC\Documents\Exploration Describtion.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00471243 _____ C:\Users\HP-PC\Documents\example_5_annotations-Newton-Raphson.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00388756 _____ C:\Users\HP-PC\Documents\example04_e.pdf.4B4FC70A905FD32B.matr ix
2017-03-13 14:45 - 2015-08-06 17:15 - 00338007 _____ C:\Users\HP-PC\Documents\Example_A-Beginnings_of_Pi (1).pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00325254 _____ C:\Users\HP-PC\Documents\Example_B-Sangaku_Puzzles.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00224571 _____ C:\Users\HP-PC\Documents\Example_D-Medical_Testing.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00146829 _____ C:\Users\HP-PC\Documents\Example_C-_Clue.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00065959 _____ C:\Users\HP-PC\Documents\Exploration Guideline for Students 2014.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-05-21 16:08 - 00000000 ____D C:\Users\HP-PC\Documents\Comp Papers
2017-03-13 14:45 - 2015-04-30 18:34 - 07515247 _____ C:\Users\HP-PC\Documents\Barron’s SAT Math Level 2.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:42 - 2016-12-12 21:14 - 00112138 _____ C:\Users\HP-PC\2015-1.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:42 - 2016-07-15 09:46 - 00000000 ____D C:\Users\HP-PC\Desktop\IMPORTANT
2017-03-13 14:42 - 2016-06-08 23:00 - 00000000 ____D C:\Users\HP-PC\Desktop\Mathematics
2017-03-13 14:42 - 2015-10-30 10:06 - 00033647 _____ C:\Users\HP-PC\Desktop\COMMON APP.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:39 - 2016-02-21 18:59 - 00017290 _____ C:\Users\shrey\Downloads\Les questions pour l.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:39 - 2015-08-24 12:55 - 19740392 _____ C:\Users\HP-PC\Documents\Loan History by Borrower - Doon School.doc.4B4FC70A905FD32B.matrix
2017-03-13 14:39 - 2014-10-20 21:08 - 00021244 _____ C:\Users\shrey\Downloads\Aditya-Bhattacharya_CommApp draft 6_Oct.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2017-02-09 20:02 - 00046276 _____ C:\Users\HP-PC\Documents\New Property return form IPS-2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2017-01-20 11:36 - 00317622 _____ C:\Users\HP-PC\Documents\Letter.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-10-23 23:36 - 00017558 _____ C:\Users\HP-PC\Documents\Shrey Aryan- HKUST Personal Statement.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-07-28 15:11 - 00016213 _____ C:\Users\HP-PC\Documents\Ms Priyamvada Taneja.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-02-20 16:34 - 00130280 _____ C:\Users\HP-PC\Documents\Rescue3.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-02-19 10:28 - 00318863 _____ C:\Users\HP-PC\Documents\Woodrow Wilson Undergraduate Research Fellowship.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-02-13 19:13 - 00030738 _____ C:\Users\HP-PC\Documents\Quick Derivation.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2015-04-11 21:34 - 00013635 _____ C:\Users\HP-PC\Documents\Method for EE.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2015-03-06 16:53 - 00028001 _____ C:\Users\HP-PC\Documents\SC_Form_Parent_Questionnaire 2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2015-03-06 16:47 - 00027367 _____ C:\Users\HP-PC\Documents\Teacher_reco_form 2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-27 23:03 - 00517246 _____ C:\Users\HP-PC\Documents\Shanti Swaroop - Rudra.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-23 21:40 - 00016370 _____ C:\Users\HP-PC\Documents\Physics Practical.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-20 00:08 - 00020302 _____ C:\Users\HP-PC\Documents\The implications of declining pollinators.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-13 16:51 - 01182964 _____ C:\Users\HP-PC\Documents\Poster 1.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2016-03-13 11:04 - 01247967 _____ C:\Users\HP-PC\Documents\Awards.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-08-19 20:11 - 00025937 _____ C:\Users\HP-PC\Documents\Application form Science Master’s trophy.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-05-14 07:16 - 00015525 _____ C:\Users\HP-PC\Documents\French Oral.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-04-13 15:32 - 00015470 _____ C:\Users\HP-PC\Documents\Comman App essay.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-03-06 16:25 - 00023280 _____ C:\Users\HP-PC\Documents\Doon School US College Planning Program 2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-02-11 12:28 - 00017319 _____ C:\Users\HP-PC\Documents\Article for Commentary.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2014-08-17 07:56 - 00132589 _____ C:\Users\HP-PC\Documents\Dynamo PSOW - DCP (2).docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2014-08-13 13:55 - 00028157 _____ C:\Users\HP-PC\Documents\Differntial Equations.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2016-09-17 07:48 - 00017338 _____ C:\Users\HP-PC\Desktop\PLAN (Autosaved).xlsx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2016-09-04 23:11 - 00001421 ____H C:\Users\HP-PC\Downloads~$university-policy-index-en.xlsx
2017-03-13 14:35 - 2016-07-24 21:38 - 00017435 _____ C:\Users\HP-PC\Desktop\PLAN.xlsx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2016-03-04 19:19 - 00001421 ____H C:\Users\HP-PC\Desktop~$MOST IMPORTANT TABLE.xlsx
2017-03-13 14:35 - 2014-10-05 10:02 - 00010126 _____ C:\Users\HP-PC\Documents\Book1.xlsx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2014-08-13 09:56 - 00001421 ____H C:\Users\HP-PC\Desktop~$Lab 4 - Data Table.xlsx
2017-03-12 16:10 - 2015-01-02 08:24 - 00481792 ___SH C:\Users\HP-PC\Desktop\Thumbs.db
2017-03-10 10:04 - 2016-11-13 12:16 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-10 10:04 - 2016-11-13 12:16 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-07 20:46 - 2014-07-28 22:53 - 00000000 ____D C:\Users\HP-PC\AppData\Local\CrashDumps
2017-02-16 14:32 - 2016-12-14 21:05 - 00015872 ___SH C:\Users\HP-PC\Thumbs.db
2017-02-16 13:52 - 2017-01-15 20:17 - 00000000 ____D C:\Users\HP-PC\AppData\Roaming\Zoom
2017-02-16 13:51 - 2016-11-15 21:43 - 00000000 ____D C:\Program Files (x86)\Hotspoter
2017-02-16 13:50 - 2016-11-15 21:29 - 00000000 ____D C:\Program Files (x86)\Virtual Router
2017-02-16 13:40 - 2014-08-14 05:31 - 00000000 ____D C:\Windows\Minidump
2017-02-16 13:39 - 2014-08-14 05:31 - 406656122 _____ C:\Windows\MEMORY.DMP

==================== Files in the root of some directories =======

2017-03-07 20:54 - 2017-03-07 20:54 - 0001417 _____ () C:\Users\HP-PC\AppData\Roaming.emacs
2017-03-13 15:41 - 2017-03-13 15:41 - 0000000 _____ () C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.afn
2017-03-13 14:33 - 2017-03-13 14:33 - 0000000 _____ () C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.ast
2017-03-13 15:41 - 2017-03-13 15:41 - 0035119 _____ () C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta
2017-03-13 15:41 - 2017-03-13 15:41 - 0017624 _____ () C:\Users\HP-PC\AppData\Roaming\errlog.txt
2017-03-13 14:35 - 2017-03-13 14:35 - 0004904 _____ () C:\Users\HP-PC\AppData\Roaming\Readme-Matrix.rtf
2016-01-27 10:49 - 2016-01-28 21:36 - 0008192 _____ () C:\Users\HP-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-27 09:06 - 2016-01-27 09:06 - 0000016 _____ () C:\ProgramData\mntemp
2016-01-27 09:06 - 2017-03-13 15:21 - 0005392 _____ () C:\ProgramData\oqztiqep.adk.4B4FC70A905FD32B.matri x
2017-03-13 15:21 - 2017-03-13 14:35 - 0004904 _____ () C:\ProgramData\Readme-Matrix.rtf
[HEADING=1]Files to move or delete:[/HEADING]
C:\Users\HP-PC\LJM1130_M1210_MFP_Full_Solution.exe
[HEADING=1]Some files in TEMP:[/HEADING]
2016-06-23 20:22 - 2016-06-23 20:41 - 160815464 _____ (BlackBerry) C:\Users\183-k\AppData\Local\Temp\BlackBerryDesktopSoftware.exe
2016-06-23 20:22 - 2015-04-02 00:12 - 73521000 ____R (Research In Motion Ltd. ) C:\Users\183-k\AppData\Local\Temp\BlackBerryDeviceManager.exe
2016-06-23 20:21 - 2015-04-02 00:12 - 2423032 ____R () C:\Users\183-k\AppData\Local\Temp\BlackBerryLauncher.exe
2017-02-16 13:52 - 2016-12-29 17:26 - 0034992 _____ (Zoom Video Communications, Inc.) C:\Users\HP-PC\AppData\Local\Temp\CptInstall.exe
2017-02-16 13:52 - 2016-12-29 17:22 - 0146608 _____ (Zoom Video Communications, Inc.) C:\Users\HP-PC\AppData\Local\Temp\CptShare.dll
2016-06-17 00:46 - 2016-06-17 00:46 - 16102400 ____N () C:\Users\HP-PC\AppData\Local\Temp\javagiac0.12794759805232792. dll
2017-01-05 19:28 - 2017-01-05 19:28 - 16466432 ____N () C:\Users\HP-PC\AppData\Local\Temp\javagiac0.18537445423032273. dll
2017-01-05 03:24 - 2017-01-05 03:24 - 16466432 ____N () C:\Users\HP-PC\AppData\Local\Temp\javagiac0.6508720690561198.d ll
2017-01-24 16:33 - 2017-01-24 16:33 - 0739904 _____ (Oracle Corporation) C:\Users\HP-PC\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-06-03 00:31 - 2016-07-06 18:43 - 0739904 _____ (Oracle Corporation) C:\Users\HP-PC\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-02-20 15:37 - 2012-08-13 07:46 - 0348160 _____ (Microsoft Corporation) C:\Users\HP-PC\AppData\Local\Temp\msvcr71.dll
2016-02-07 19:41 - 2016-02-07 19:49 - 63077776 _____ (SweetLabs,Inc.) C:\Users\HP-PC\AppData\Local\Temp\octC7C4.tmp.exe
2016-02-22 10:17 - 2016-02-22 10:18 - 1171352 _____ (Apowersoft Ltd. ) C:\Users\HP-PC\AppData\Local\Temp\rth0bewx.25z.exe
2016-02-07 19:47 - 2016-02-07 19:50 - 0524288 _____ () C:\Users\HP-PC\AppData\Local\Temp\SkypeSetup.exe
2017-02-16 13:52 - 2016-12-29 17:25 - 0090288 _____ () C:\Users\HP-PC\AppData\Local\Temp\zCrashReport.dll
2016-02-11 14:36 - 2016-02-11 14:36 - 2519960 _____ (Google Inc.) C:\Users\HP-PC\AppData\Local\Temp{D101A98B-A458-4033-ACE6-87FDC07AA988}-48.0.2564.109_48.0.2564.103_chrome_updater.exe
2016-06-09 10:52 - 2016-06-09 10:56 - 12829272 _____ (Google Inc.) C:\Users\HP-PC\AppData\Local\Temp{D7177B5E-9E64-48DD-A82E-4B436BB8057A}-51.0.2704.84_50.0.2661.102_chrome_updater.exe
2016-05-21 16:52 - 2016-05-21 16:53 - 8777304 _____ (Google Inc.) C:\Users\HP-PC\AppData\Local\Temp{E18746EF-5F93-480B-81C3-C1405CE72C1B}-50.0.2661.102_49.0.2623.112_chrome_updater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD. The user is not administrator

==================== End of FRST.txt ============================

[HEADING=1]Ran by HP-PC (18-03-2017 23:40:24)
Running from C:\Users\HP-PC\Downloads
Windows 8.1 Single Language (Update) (X64) (2014-07-28 15:47:16)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

183-k (S-1-5-21-1605944295-1278072363-3366277582-1005 - Administrator - Enabled) => C:\Users\183-k
Administrator (S-1-5-21-1605944295-1278072363-3366277582-500 - Administrator - Disabled)
Guest (S-1-5-21-1605944295-1278072363-3366277582-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1605944295-1278072363-3366277582-1003 - Limited - Enabled)
HP-PC (S-1-5-21-1605944295-1278072363-3366277582-1001 - Limited - Enabled) => C:\Users\HP-PC
shrey (S-1-5-21-1605944295-1278072363-3366277582-1004 - Limited - Enabled) => C:\Users\shrey

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CS4 (HKLM-x32...\Adobe Photoshop CS4_is1) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Apowersoft Screen Recorder Pro V2.1.1 (HKLM-x32...{dc9006db-6b05-4f0f-833b-79ef3f284c24}is1) (Version: 2.1.1 - APOWERSOFT LIMITED)
Autograph 3.3 (HKLM-x32...{AD6A8057-680B-459E-84D6-13A880A3575C}) (Version: 3.30.10.0 - Eastmond Publishing Ltd.)
Avast Free Antivirus (HKLM-x32...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
BDAntiRansomware (HKLM...{BE40AB1F-558F-4434-B72F-461EF97E7796}is1) (Version: 1.0.12.1 - Bitdefender)
BlackBerry 10 Desktop Software (HKLM-x32...{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
BlueJ (HKLM-x32...{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.4 - BlueJ Team)
Broadcom 802.11 Wireless LAN Adapter (HKLM...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.223.215.5 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM...{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9130 - Broadcom Corporation)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32...{4A3579A7-8A6A-4F07-8EFD-9E1DD7605864}is1) (Version: 1.0 - Universal Music India)
Connectify 2016 (HKLM...\Connectify) (Version: 2016.0.12.37996 - Connectify)
Corel Graphics - Windows Shell Extension (HKLM..._{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CyberLink Media Suite 10 (HKLM-x32...\InstallShield{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32...\InstallShield{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32...\InstallShield{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DjVu Solo 3.1 (HKLM-x32...\DjVu Solo 3.1) (Version: - )
D-Link Connection Manager v7.0.1IN (HKLM-x32...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - )
Energy Star (HKLM...{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32...{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
GeoGebra 5 (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\GeoGebra 5) (Version: 5.0.166.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 57.0.2987.98 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Graph 4.3 (HKLM-x32...\Graph_is1) (Version: - Ivan Johansen)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Host App Service (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\SweetLabs_AP) (Version: 0.269.7.840 - Pokki)
HP 3D DriveGuard (HKLM-x32...{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32...{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32...{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM...{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32...{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32...{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM...{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32...{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IB Questionbank Maths HL (HKLM-x32...\IB Questionbank IB_MH) (Version: - )
IB Questionbank Physics (HKLM-x32...\IB Questionbank IB_PH) (Version: - )
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32...{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32...{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM...{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM...{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Logger Pro 3.6.1 (HKLM-x32...{CBE48FF8-521A-4AE1-92B5-7008D8529630}) (Version: 3.6.0 - Vernier Software & Technology)
Malwarebytes version 3.0.6.1469 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MathType 6 (HKLM-x32...\DSMT6) (Version: 6.7 - Design Science, Inc.)
Microsoft Mathematics Add-in (32-bit) (HKLM-x32...{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)
Microsoft Office (HKLM-x32...{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32...{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32...{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MMX200G Netwarrior Manager V20090909 (HKLM...{D1F9117F-7187-4734-B105-8EEB4B2A3696}_is1) (Version: - Micromax Informatics Limited)
Mozilla Firefox (3.5.7) (HKLM-x32...\Mozilla Firefox (3.5.7)) (Version: 3.5.7 (en-US) - Mozilla)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Python 2.7.9 (HKLM-x32...{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
QuickTime (HKLM-x32...{08CA9554-B5FE-4313-938F-D4A417B81175}) (Version: 7.50.61.0 - Apple Inc.)
Realtek Card Reader (HKLM-x32...{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
RescueTime 2.12.5.1490 (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version: - RescueTime.com)
Scan To (HKLM...{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SHAREit (HKLM-x32...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
Skype Click to Call (HKLM-x32...{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
slitherlink version 1.0 (HKLM-x32...\slitherlink_is1) (Version: - )
Standard ML of New Jersey (HKLM-x32...{F7CA0FDB-0C97-480B-A532-2A579917CFDB}) (Version: 0.0.0.0 - University of Chicago)
Start Menu (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\SweetLabs_Start_Menu) (Version: 0.269.7.840 - Pokki)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
Texmaker (HKLM-x32...\Texmaker) (Version: - )
Tracker (HKLM-x32...\OSP Tracker) (Version: 4.94 - Open Source Physics)
VPython 6.11 (HKLM-x32...\VPython for Python 2.7_is1) (Version: - )
WinDjView 2.0.1 (HKLM...\WinDjView) (Version: 2.0.1 - Andrew Zhezherun)
WinRAR 5.10 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.25.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.27.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.30.3\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.31.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.1\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.13\psuser_64 .dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.29.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 → C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64 .dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.26.9\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.29.1\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.25.11\psuser_64 .dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.15\psuser_64 .dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForHP-PC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\site_825077256_en-us.lnk → hxxp://www.windowssearch.com:80/suggestions?qry=movie+maker&cc=IN&setlang=en-US&inlang=en-IN&adlt=strict&scale=100&contrast=none&hw=768%2C13 66&CVID=8B2036828D2E4D2C9E35A9832299FF6

==================== Loaded Modules (Whitelisted) ==============

2014-03-29 02:01 - 2014-03-29 02:01 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-29 02:18 - 2014-03-29 02:18 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-29 02:18 - 2014-03-29 02:18 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMSwissArmy => “”=“Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\mcpltsvc => “”=“”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMSwissArmy => “”=“Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mcpltsvc => “”=“”

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:55 - 2016-06-29 17:34 - 00001188 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Control Panel\Desktop\Wallpaper → C:\Windows\Web\Wallpaper\Hewlett-Packard Backgrounds\Birth_Of_An_Idea.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{64B9D502-F2A9-4D07-B273-49337AF2CD3C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{D94E5D30-5E92-4364-BBAD-3AA9C3B43892}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DM REngine.exe
FirewallRules: [{96188C50-7FD1-4C02-8BEE-F46247AA0F84}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPD VD12.exe
FirewallRules: [{F06983FC-8920-4F3D-AD39-3ED40BE5168B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{D2FB5136-8CCA-4944-B878-5650789950DC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1B7D9E60-79F4-4183-915B-91634E85450C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6D61EDC4-F73B-4414-8D90-AD7972CEB22D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{54CAF249-D498-4C7F-B8C4-C39F2E1BCE20}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{99D6E21E-92B1-423B-86AD-FB5FC8517AD8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{40384E5F-55E0-499D-9AEC-CA92286AD093}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A93C04BE-3839-4F93-8564-C2766514A9AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1A4F5393-C5B1-4E5C-AE5B-214DC99F4B70}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{2517537D-6605-4903-8DCB-68E19BC804FF}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [TCP Query User{65B266A6-66D4-4E10-B23C-3FBD9B576A95}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [UDP Query User{0C91A68E-1569-4DA7-8549-70DDEC003B4E}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [{316F8418-7F3F-4692-AE72-629A3DA48253}] => (Allow) tunmgr.exe
FirewallRules: [{EEC9BDE7-52BB-4B9C-9419-E45B704D5D7C}] => (Allow) tunmgr.exe
FirewallRules: [{88E06CDD-9511-494A-BA9D-98F04B1AF38A}] => (Allow) mDNSResponder.exe
FirewallRules: [{D17EDF1B-D27C-468B-A50A-8681D0C05702}] => (Allow) mDNSResponder.exe
FirewallRules: [{265A663D-1E01-42C0-ADEE-9122EDF880AD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{6FD288FF-75F9-43D9-BB0C-A6244923910D}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{5466A29F-7602-4701-8485-DE54D70CDB43}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{AF38A96D-61F4-4485-BB03-843BDED0E84B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{C5281240-DE99-43A1-A5E7-D10E4B3DFAB3}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{EF832788-1AB2-43F4-A5F7-8623E4B65025}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{0570EF7A-B81F-438A-9275-00DCFB086E90}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{987B2294-3DF7-431A-94A1-70E71B31D31C}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{545744AA-50FD-4F1C-8B38-8897961F2286}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
FirewallRules: [{F3E1C3EE-9965-4A38-88F9-2A3BFD52B095}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{E902B459-0196-487E-AD9F-3199149D9AEC}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{697A64C1-BD57-4718-9FF8-0D39D71E3D84}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{946B2A50-1EE5-4764-9DFC-1517DAB22D43}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{0C4DEC17-1199-489F-8779-0557C17163B4}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [TCP Query User{599CDD59-2084-42C3-8439-2773CF39318B}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [UDP Query User{44A31A6F-A90F-4A86-A40E-3BB028D870D9}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [{FC773ECF-F98A-480C-99D5-412EDE318A0D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{4D4B1086-6642-4F0E-89FC-D3ED5034BA6E}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{FD67FAE2-2BC5-42EC-B297-027A5F1BE508}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{0AF9D8E7-9842-41AE-95F2-9FBC5A93E355}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled
Check “winmgmt” service or repair WMI.

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

Name: hp DVDRAM GU90N
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (03/18/2017 09:59:59 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 532515

Error: (03/18/2017 09:59:59 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 532515

Error: (03/18/2017 09:59:59 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/18/2017 09:59:57 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 531234

Error: (03/18/2017 09:59:57 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 531234

Error: (03/18/2017 09:59:57 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/18/2017 09:59:56 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 529937

Error: (03/18/2017 09:59:56 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 529937

Error: (03/18/2017 09:59:56 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/18/2017 09:59:55 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 528625
[HEADING=1]System errors:[/HEADING]
Error: (03/18/2017 09:56:32 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 21

Error: (03/18/2017 09:56:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (03/18/2017 09:56:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.

Error: (03/16/2017 05:43:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (03/15/2017 11:33:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with the following service-specific error:
A device attached to the system is not functioning.

Error: (03/15/2017 11:33:19 PM) (Source: RemoteAccess) (EventID: 20103) (User: )
Description: Unable to load C:\Windows\System32\iprtrmgr.dll.

Error: (03/15/2017 11:29:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
The service has not been started.

Error: (03/15/2017 11:28:46 PM) (Source: DCOM) (EventID: 10010) (User: HP)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

Error: (03/15/2017 11:22:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\bcmihvsrv64.dll
Error Code: 21

Error: (03/15/2017 07:05:45 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2017-02-17 18:14:44.401
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-09 12:14:04.550
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-29 22:51:31.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-29 22:51:29.813
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-12 13:48:49.938
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-12 13:48:49.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-24 12:55:16.569
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-19 10:08:26.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-13 08:57:58.378
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-10 17:04:49.457
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core™ i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 77%
Total physical RAM: 4026.15 MB
Available physical RAM: 897.68 MB
Total Virtual: 8122.15 MB
Available Virtual: 2595.97 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:455.69 GB) (Free:334.95 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.21 GB) (Free:2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (New Volume) (Fixed) (Total:454.59 GB) (Free:452.6 GB) NTFS

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

Ran by 183-k (administrator) on HP (19-03-2017 11:50:49)
Running from C:\Users\HP-PC\Downloads
Loaded Profiles: HP-PC & 183-k (Available Profiles: HP-PC & shrey & 183-k)
Platform: Windows 8.1 Single Language (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Shanghai DS-Mobile Technology Co., Ltd.) C:\Program Files\Micromax 200G USB Modem\EdgeModem-DrvSrv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Shanghai DS-Mobile Technology Co., Ltd.) C:\Program Files\Micromax 200G USB Modem\EdgeModem-Run.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(RescueTime, Inc.) C:\Users\HP-PC\AppData\Local\RescueTime\RescueTime.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Apowersoft) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Pokki) C:\Users\183-k\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(AVAST Software) C:\Users\HP-PC\Downloads\aswmbr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Texmaker\texmaker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Users\183-k\Desktop\bin\javaws.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-23] (Realtek Semiconductor)
HKLM...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-29] (Hewlett-Packard)
HKLM...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM...\Run: [EdgeModem-AutoRun] => C:\Program Files\Micromax 200G USB Modem\EdgeModem-Run.exe [86016 2009-09-19] (Shanghai DS-Mobile Technology Co., Ltd.)
HKLM...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-14] (Hewlett-Packard Company)
HKLM-x32...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4861688 2015-03-19] (BlackBerry Limited)
HKLM-x32...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-14] (AVAST Software)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2471672 2015-03-19] (Research In Motion Limited)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\Run: [AZ3Tq5k16l3MBynp] => C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta [35119 2017-03-13] ()
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\Run: [GoogleChromeAutoLaunch_7F0416C691E452253BB89BC2BE6 D7727] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941912 2017-03-09] (Google Inc.)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\RunOnce: [Application Restart #7] => C:\Users\HP-PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (the data entry has 583 more characters).
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MountPoints2: {52f96c0f-4b14-11e6-82cb-020046a23e01} - “E:.\StartModem.exe”
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MountPoints2: {6d4daa1b-2812-11e4-8266-a02bb859a5c2} - “E:\AutoRun.exe”
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MountPoints2: {fddc09cc-da5b-11e3-825b-806e6f6e6963} - “E:\start.exe”
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005...\Run: [Pokki] => C:\Windows\system32\rundll32.exe “%LOCALAPPDATA%\Pokki\Engine\Launcher.dll”,RunLaun chPlatform
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005...\Run: [ApowersoftScreenRecorder] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3320472 2016-02-18] (Apowersoft)
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00asw] → {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-14] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-05-13]
ShortcutTarget: ISCTSystray.lnk → C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2017-03-08]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk → C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2017-01-28]
ShortcutTarget: RescueTime.lnk → C:\Users\183-k\AppData\Local\RescueTime\RescueTime.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip..\Interfaces{346CCC8E-0B21-4061-9284-6EAA8587D1B6}: [DhcpNameServer] 192.168.43.1
Tcpip..\Interfaces{D8CDCD34-1927-4308-BFA6-CD78629C69FD}: [DhcpNameServer] 192.168.43.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.jp.msn.com/HPALL14/26
SearchScopes: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001 → {ED62CEEF-D711-461D-8D9E-9ACA3F0E3A2A} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection → {2E38825B-8815-42CF-9126-C58BC28D4591} → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
BHO: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Users\183-k\Desktop\bin\ssv.dll [2014-10-22] (Oracle Corporation)
BHO: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-14] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Users\183-k\Desktop\bin\jp2ssv.dll [2014-10-22] (Oracle Corporation)
BHO: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP luginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Kaspersky Protection → {2E38825B-8815-42CF-9126-C58BC28D4591} → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper → {72853161-30C5-4D22-B7F9-0BBC1D38A37E} → C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security → {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} → C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-14] (AVAST Software)
BHO-x32: Evernote extension → {92EF2EAD-A7CE-4424-B0DB-499CF856608E} → C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-03-14] (AO Kaspersky Lab)
[HEADING=1]FireFox:[/HEADING]
FF DefaultProfile: iyrqfjx7.default
FF ProfilePath: C:\Users\183-k\AppData\Roaming\Profiles\iyrqfjx7.default [not found]
FF ProfilePath: C:\Users\183-k\AppData\Roaming\Mozilla\Firefox\Profiles\yt5wm08 v.default [2016-02-07]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\yt5wm08v.default → Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yt5wm08v.default → Bing
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\yt5wm08v.default → Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\yt5wm08v.default → hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&q=
FF Homepage: Mozilla\Firefox\Profiles\yt5wm08v.default → hxxp://www.msn.com/?pc=UP22&ocid=UP22DHP&osmkt=en-in
FF SearchPlugin: C:\Users\183-k\AppData\Roaming\Mozilla\Firefox\Profiles\yt5wm08 v.default\searchplugins\bingp.xml [2016-02-07]
FF HKLM...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => not found
FF HKLM...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A...asp ersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-03-14]
FF HKLM-x32...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM-x32...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF => not found
FF HKLM-x32...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A...asp ersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22]
FF Plugin: @java.com/DTPlugin,version=11.25.2 → C:\Users\183-k\Desktop\bin\dtplugin\npDeployJava1.dll [2014-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 → C:\Users\183-k\Desktop\bin\plugin2\npjp2.dll [2014-10-22] (Oracle Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer → C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144 .dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @autograph-maths.com/Autograph Player Plugin → C:\Program Files (x86)\Autograph 3.3\WebPlayer\npagraph.dll [2011-06-17] (Eastmond Publishing Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 → C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 → C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-03-19] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-14] (Google Inc.)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-12-22] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2009-12-22]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2009-12-22]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2009-12-22]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2009-12-22]
[HEADING=1]Chrome:[/HEADING]
CHR HomePage: Default → hxxp://www.google.com
CHR Profile: C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default [2017-03-19]
CHR Extension: (Google Slides) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-03-19]
CHR Extension: (Google Docs) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-03-19]
CHR Extension: (Google Drive) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2017-03-19]
CHR Extension: (YouTube) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-03-19]
CHR Extension: (Google Sheets) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-03-19]
CHR Extension: (Kaspersky Protection) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdb bplhib [2017-03-19]
CHR Extension: (Google Docs Offline) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-03-19]
CHR Extension: (Avast Online Security) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegiea cbdmki [2017-03-19]
CHR Extension: (Skype) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfg npldfl [2017-03-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2017-03-19]
CHR Extension: (Gmail) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2017-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\183-k\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2017-03-19]
CHR HKLM...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-14] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-14] (AVAST Software)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 EdgeModem-DrvSrv; C:\Program Files\Micromax 200G USB Modem\EdgeModem-DrvSrv.exe [189952 2009-09-19] (Shanghai DS-Mobile Technology Co., Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-27] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-29] (Softex Inc.) [File not signed]
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1354488 2015-03-19] (BlackBerry Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-14] (AVAST Software s.r.o.)
S3 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-14] (AVAST Software s.r.o.)
S3 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-14] (AVAST Software s.r.o.)
S3 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-14] (AVAST Software)
S3 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-14] (AVAST Software)
S3 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-14] (AVAST Software)
S3 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-14] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-14] (AVAST Software)
R3 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7517872 2014-05-13] (Broadcom Corporation)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.s ys [36360 2016-04-06] (BlackBerry)
S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-10] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-14] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-14] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-14] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-14] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [196376 2017-03-14] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [509728 2017-03-14] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1017624 2017-03-14] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2017-03-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-03-19] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-03-19] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-03-19] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-19] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92088 2017-03-19] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 mtkmbim; C:\Windows\system32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (MediaTek Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-15] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 wdf_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [81408 2013-02-21] (MediaTek Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64 .sys [20800 2013-07-23] (Hewlett-Packard Development Company, L.P.)
U3 aswbdisk; no ImagePath
S3 mdareDriver_48; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_48.sys
S3 mdareDriver_52; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_52.sys
S3 mdareDriver_53; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_53.sys
S3 mdareDriver_60; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_60.sys
S3 mdareDriver_61; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_61.sys
S3 mdareDriver_62; ??\C:\Program Files (x86)\Fortinet\FortiClient\mdare64_62.sys
U3 aswMBR; ??\C:\Users\183-k\AppData\Local\Temp\aswMBR.sys <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-19 11:53 - 2017-03-19 11:53 - 00000000 ____D C:\Users\183-k\AppData\Roaming\xm1
2017-03-19 02:02 - 2017-03-19 02:02 - 00302616 _____ C:\Windows\Minidump\031917-32046-01.dmp
2017-03-19 01:49 - 2017-03-19 01:49 - 00002660 _____ C:\Users\183-k\Desktop\aswMBR.txt
2017-03-19 01:49 - 2017-03-19 01:49 - 00000512 _____ C:\Users\183-k\Desktop\MBR.dat
2017-03-19 01:20 - 2017-03-18 23:44 - 00076596 _____ C:\Users\HP-PC\Desktop\FRST.txt
2017-03-19 01:20 - 2017-03-18 23:44 - 00036938 _____ C:\Users\HP-PC\Desktop\Addition.txt
2017-03-19 00:48 - 2017-03-19 00:48 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-18 23:49 - 2017-03-18 23:49 - 00306712 _____ C:\Windows\Minidump\031817-57218-01.dmp
2017-03-18 23:42 - 2017-03-18 23:42 - 05200384 _____ (AVAST Software) C:\Users\HP-PC\Downloads\aswmbr.exe
2017-03-18 23:40 - 2017-03-18 23:44 - 00036938 _____ C:\Users\HP-PC\Downloads\Addition.txt
2017-03-18 23:36 - 2017-03-19 11:50 - 00035990 _____ C:\Users\HP-PC\Downloads\FRST.txt
2017-03-18 23:36 - 2017-03-19 11:50 - 00000000 ____D C:\FRST
2017-03-18 23:35 - 2017-03-18 23:35 - 02424832 _____ (Farbar) C:\Users\HP-PC\Downloads\FRST64.exe
2017-03-18 20:10 - 2017-03-18 20:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Mathematics Add-in
2017-03-18 20:05 - 2017-03-18 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6
2017-03-18 19:59 - 2017-03-18 20:00 - 06253776 _____ (Design Science, Inc.) C:\Users\HP-PC\Downloads\MTW6.7a.exe
2017-03-18 19:57 - 2017-03-18 20:01 - 06926440 _____ (Microsoft Corporation) C:\Users\HP-PC\Downloads\MASetup.exe
2017-03-18 19:41 - 2017-03-18 19:43 - 10416632 _____ (Design Science, Inc.) C:\Users\HP-PC\Downloads\InstallMTW6.9b.exe
2017-03-18 13:59 - 2017-03-19 11:43 - 00000000 ____D C:\Users\HP-PC\Downloads\Evelyn Math
2017-03-18 11:49 - 2017-03-18 11:49 - 00262060 _____ C:\Users\HP-PC\Downloads\New Doc 26_1 (1).pdf
2017-03-18 11:48 - 2017-03-18 11:48 - 00262060 _____ C:\Users\HP-PC\Downloads\New Doc 26_1.pdf
2017-03-18 00:38 - 2017-03-18 19:59 - 00006992 _____ C:\Users\HP-PC\Downloads\Letter.tex.bak
2017-03-18 00:37 - 2017-03-18 01:40 - 00037264 _____ C:\Users\HP-PC\Downloads\Letter.pdf
2017-03-18 00:37 - 2017-03-18 01:40 - 00000205 _____ C:\Users\HP-PC\Downloads\Letter.aux
2017-03-18 00:34 - 2017-03-18 01:40 - 00015806 _____ C:\Users\HP-PC\Downloads\Letter.synctex.gz
2017-03-18 00:34 - 2017-03-18 01:40 - 00006992 _____ C:\Users\HP-PC\Downloads\Letter.tex
2017-03-18 00:03 - 2017-03-18 00:13 - 00005427 _____ C:\Users\HP-PC\Downloads\Resume.tex.bak
2017-03-17 22:51 - 2017-03-17 22:51 - 01968138 _____ C:\Users\HP-PC\Downloads\dp-statistical-bulletin-may-2016-en.pdf
2017-03-17 21:50 - 2017-03-17 21:50 - 00057146 _____ C:\Users\HP-PC\Downloads\Resume_Shrey.pdf
2017-03-17 20:23 - 2017-03-17 20:23 - 00063661 _____ C:\Users\HP-PC\Downloads\ScholarshipsVersion2.pdf
2017-03-17 20:00 - 2017-03-17 20:00 - 00020462 _____ C:\Users\HP-PC\Downloads\receipt881031110632061 (1).pdf
2017-03-17 19:59 - 2017-03-17 20:00 - 00020462 _____ C:\Users\HP-PC\Downloads\receipt881031110632061.pdf
2017-03-17 16:21 - 2017-03-17 16:21 - 02485828 _____ C:\Users\HP-PC\Downloads\48150-1.pdf
2017-03-17 16:19 - 2017-03-17 16:19 - 01522664 _____ C:\Users\HP-PC\Downloads\48242-1.pdf
2017-03-17 13:20 - 2017-03-17 13:20 - 00035265 _____ C:\Users\HP-PC\Downloads_photo_8e7e150c0795121a9d0976de444f0b2 d.pdf
2017-03-17 01:33 - 2017-03-17 23:39 - 00005983 _____ C:\Users\HP-PC\Downloads\res8.tex.bak
2017-03-17 01:19 - 2017-03-17 01:49 - 00088470 _____ C:\Users\HP-PC\Downloads\res8.pdf
2017-03-17 01:18 - 2017-03-17 01:49 - 00010439 _____ C:\Users\HP-PC\Downloads\res8.synctex.gz
2017-03-17 01:17 - 2017-03-17 01:43 - 00003629 _____ C:\Users\HP-PC\Downloads\res1.tex.bak
2017-03-17 01:17 - 2017-03-17 01:17 - 00025869 _____ C:\Users\HP-PC\Downloads\res.cls
2017-03-17 01:15 - 2017-03-17 01:51 - 00065591 _____ C:\Users\HP-PC\Downloads\res1.pdf
2017-03-17 01:15 - 2017-03-17 01:51 - 00013952 _____ C:\Users\HP-PC\Downloads\res1.synctex.gz
2017-03-17 01:15 - 2017-03-17 01:15 - 00000009 _____ C:\Users\HP-PC\Downloads\res1.aux
2017-03-17 01:14 - 2017-03-17 01:51 - 00006117 _____ C:\Users\HP-PC\Downloads\res1.tex
2017-03-17 01:14 - 2017-03-17 01:49 - 00005983 _____ C:\Users\HP-PC\Downloads\res8.tex
2017-03-17 00:47 - 2017-03-17 23:39 - 00004718 _____ C:\Users\HP-PC\Downloads\Resume.bak
2017-03-17 00:39 - 2017-03-18 00:22 - 00079228 _____ C:\Users\HP-PC\Downloads\Resume.pdf
2017-03-17 00:39 - 2017-03-18 00:22 - 00000009 _____ C:\Users\HP-PC\Downloads\Resume.aux
2017-03-17 00:38 - 2017-03-19 11:53 - 00005415 _____ C:\Users\HP-PC\Downloads\Resume.tex
2017-03-17 00:38 - 2017-03-18 00:22 - 00014505 _____ C:\Users\HP-PC\Downloads\Resume.synctex.gz
2017-03-17 00:37 - 2017-03-17 00:37 - 00004525 _____ C:\Users\HP-PC\Downloads\resume.cls
2017-03-17 00:18 - 2017-03-17 00:18 - 00065536 _____ C:\Users\HP-PC\Downloads\Fathers_Resume.pdf
2017-03-16 22:15 - 2017-03-16 22:16 - 00010487 _____ C:\Users\HP-PC\Downloads\Scholarship Details Modified for 183 KH.xlsx
2017-03-16 02:18 - 2017-02-23 20:20 - 00093360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-16 02:18 - 2017-02-22 20:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-16 02:18 - 2017-02-22 20:05 - 01286144 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-16 02:18 - 2017-02-22 20:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-16 02:18 - 2017-02-22 20:05 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-16 02:18 - 2017-02-22 20:05 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-16 02:18 - 2017-02-22 20:05 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-16 02:18 - 2017-02-22 20:05 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-16 02:18 - 2017-02-22 20:05 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-16 02:18 - 2016-06-03 22:41 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-03-16 00:39 - 2017-03-16 00:39 - 00748192 _____ (TechGuy, Inc.) C:\Users\HP-PC\Downloads\SysInfo.exe
2017-03-16 00:29 - 2017-03-04 13:31 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-16 00:29 - 2017-03-04 13:29 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-16 00:29 - 2017-03-04 13:18 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-16 00:29 - 2017-03-04 13:14 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-16 00:29 - 2017-03-04 13:01 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-16 00:29 - 2017-03-04 12:35 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-16 00:29 - 2017-03-04 12:24 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-16 00:29 - 2017-03-04 11:56 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-16 00:29 - 2017-03-04 11:55 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-16 00:29 - 2017-03-04 11:42 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-16 00:29 - 2017-03-04 11:32 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-16 00:29 - 2017-03-04 09:48 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-16 00:29 - 2017-03-02 23:31 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-16 00:29 - 2017-03-02 23:25 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-16 00:29 - 2017-03-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-16 00:29 - 2017-03-02 22:55 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-16 00:29 - 2017-03-02 22:52 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-16 00:29 - 2017-03-02 22:49 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-16 00:29 - 2017-03-02 22:41 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-16 00:29 - 2017-03-02 22:23 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-16 00:29 - 2017-03-02 22:20 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-16 00:29 - 2017-03-02 22:20 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-16 00:29 - 2017-02-11 10:42 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-16 00:29 - 2017-02-11 10:42 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-03-16 00:29 - 2017-02-11 10:30 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-16 00:29 - 2017-02-11 10:28 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-16 00:29 - 2017-02-11 10:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-16 00:29 - 2017-02-11 00:39 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-16 00:29 - 2017-02-10 10:40 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-16 00:29 - 2017-02-10 10:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-03-16 00:29 - 2017-02-10 10:38 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-16 00:29 - 2017-02-10 10:31 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-16 00:29 - 2017-02-10 10:30 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-16 00:29 - 2017-02-10 10:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-16 00:29 - 2017-02-10 05:42 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-16 00:29 - 2017-02-09 20:58 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-16 00:29 - 2017-02-09 20:49 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-16 00:29 - 2017-02-09 20:46 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-16 00:29 - 2017-02-09 20:46 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-16 00:29 - 2017-02-05 02:02 - 07444832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-16 00:29 - 2017-02-05 02:00 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-16 00:29 - 2017-02-05 02:00 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-03-16 00:29 - 2017-02-05 02:00 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-16 00:29 - 2017-02-05 02:00 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-03-16 00:29 - 2017-02-05 01:00 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-16 00:29 - 2017-02-04 23:10 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-03-16 00:29 - 2017-01-21 23:18 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-16 00:29 - 2017-01-12 01:07 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-16 00:29 - 2017-01-05 23:39 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2017-03-16 00:29 - 2017-01-05 22:59 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2017-03-16 00:29 - 2017-01-05 22:43 - 07796224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-03-16 00:28 - 2017-03-04 13:15 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-16 00:28 - 2017-02-12 00:55 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-16 00:28 - 2017-02-10 11:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-16 00:28 - 2017-02-10 07:01 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-03-16 00:28 - 2017-02-09 20:29 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-03-16 00:28 - 2017-02-09 20:28 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-03-16 00:28 - 2017-02-09 20:28 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-03-16 00:28 - 2017-02-05 01:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2017-03-16 00:28 - 2017-02-04 23:44 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-16 00:28 - 2017-02-04 23:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-16 00:28 - 2017-02-04 23:02 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-16 00:28 - 2017-02-04 22:47 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-16 00:28 - 2017-02-04 22:40 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-03-16 00:28 - 2017-02-04 22:35 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-16 00:28 - 2017-01-22 03:07 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-03-16 00:28 - 2017-01-22 00:57 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-16 00:28 - 2017-01-22 00:57 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-16 00:28 - 2017-01-22 00:52 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-16 00:28 - 2017-01-22 00:50 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-16 00:28 - 2017-01-22 00:10 - 00756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-16 00:28 - 2017-01-22 00:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-16 00:28 - 2017-01-22 00:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-16 00:28 - 2017-01-21 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-16 00:28 - 2017-01-14 23:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-03-16 00:28 - 2017-01-11 00:38 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-16 00:28 - 2017-01-05 23:50 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-16 00:28 - 2017-01-05 23:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-16 00:28 - 2017-01-05 22:27 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-03-16 00:28 - 2016-11-10 00:52 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-15 20:33 - 2017-03-15 20:33 - 00002562 _____ C:\Users\HP-PC\Desktop\ttt.txt
2017-03-15 17:51 - 2017-03-15 17:51 - 00010425 _____ C:\Users\HP-PC\Downloads\Scholarship Details for 183 KH.xlsx
2017-03-15 14:05 - 2017-03-15 14:05 - 00121376 _____ C:\Users\HP-PC\Downloads\UndergraduateScholarshipForm.pdf
2017-03-15 04:54 - 2017-03-15 05:20 - 00000000 _____ C:\Recovery.txt
2017-03-15 02:05 - 2017-03-15 02:05 - 00020372 _____ C:\Users\HP-PC\Downloads\budget - pas à pas.xlsx
2017-03-14 20:19 - 2017-03-14 20:19 - 00001357 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-03-14 20:19 - 2017-03-14 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-03-14 20:18 - 2017-03-14 20:18 - 00000000 ___D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-03-14 20:18 - 2017-03-14 20:17 - 00002094 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2017-03-14 20:18 - 2017-03-14 20:16 - 00002118 _____ C:\Users\Public\Desktop\Safe Money.lnk
2017-03-14 20:17 - 2017-03-19 02:21 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launch er{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-03-14 20:15 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2017-03-14 20:10 - 2017-03-19 11:44 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-14 20:10 - 2017-03-14 20:19 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-03-14 20:07 - 2017-03-14 20:54 - 01017624 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-03-14 20:07 - 2017-03-14 20:54 - 00196376 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-03-14 19:56 - 2017-03-14 19:56 - 177801248 _____ (Kaspersky Lab) C:\Users\HP-PC\Downloads\kts17.0.0.611en_10761.exe
2017-03-14 19:45 - 2017-03-18 19:45 - 00003148 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHP-PC
2017-03-14 19:45 - 2017-03-18 19:45 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForHP-PC.job
2017-03-14 16:13 - 2017-03-14 16:13 - 00000000 ____D C:\Win 8.1
2017-03-14 12:29 - 2017-03-15 00:40 - 00000000 ____D C:\Users\183-k\AppData\Roaming\Enigma Software Group
2017-03-14 12:29 - 2017-03-15 00:40 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-03-14 12:29 - 2017-03-14 12:29 - 00000000 ____D C:\sh4ldr
2017-03-14 02:22 - 2017-03-14 11:51 - 00219360 _____ C:\Windows\ntbtlog.txt
2017-03-14 02:09 - 2017-03-14 02:14 - 00000000 ____D C:\Users\shrey\AppData\Local\Google
2017-03-14 01:39 - 2017-03-15 23:31 - 00000000 ____D C:\Program Files\Google
2017-03-14 01:25 - 2017-03-14 01:39 - 00002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-14 01:25 - 2017-03-14 01:39 - 00002170 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-14 01:23 - 2017-03-14 01:40 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A
2017-03-14 01:23 - 2017-03-14 01:40 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore
2017-03-14 01:20 - 2017-03-14 01:19 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-14 01:15 - 2017-03-14 01:15 - 00000000 ____D C:\Users\HP-PC\AppData\Roaming\AVAST Software
2017-03-14 01:15 - 2017-03-14 01:15 - 00000000 ____D C:\Users\HP-PC\AppData\Local\CEF
2017-03-14 01:14 - 2017-03-14 01:14 - 00001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-03-14 01:14 - 2017-03-14 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-14 01:13 - 2017-03-14 20:26 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-14 01:13 - 2017-03-14 01:13 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-03-14 01:12 - 2017-03-14 14:51 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 01:12 - 2017-03-14 01:13 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-14 01:12 - 2017-03-14 01:12 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-14 01:12 - 2017-03-14 01:11 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-14 01:12 - 2017-03-14 01:11 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-14 01:12 - 2017-03-14 01:09 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-14 01:12 - 2017-03-14 01:08 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-14 01:11 - 2017-03-14 01:11 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-14 01:06 - 2017-03-14 01:19 - 00000000 ____D C:\Program Files\AVAST Software
2017-03-14 01:05 - 2017-03-14 02:05 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-14 01:02 - 2017-03-19 11:47 - 00003096 _____ C:\Windows\System32\Tasks\BDAntiCryptoWallTask
2017-03-14 00:58 - 2017-03-14 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware
2017-03-14 00:58 - 2017-03-14 00:58 - 00000000 ____D C:\Program Files\Bitdefender
2017-03-14 00:37 - 2017-03-19 02:05 - 00111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-03-13 23:42 - 2017-03-19 04:07 - 00092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-03-13 23:42 - 2017-03-19 02:05 - 00186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-03-13 23:42 - 2017-03-19 02:05 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-03-13 23:42 - 2017-03-19 02:04 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-13 23:41 - 2017-03-13 23:41 - 00001890 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-13 23:41 - 2017-03-13 23:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-13 23:41 - 2017-03-13 23:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-13 23:41 - 2017-03-13 23:41 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-13 23:41 - 2017-02-24 06:23 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-13 23:21 - 2017-03-13 23:39 - 00000000 ____D C:\Program Files\Plumbytes Software
2017-03-13 22:06 - 2017-03-13 22:06 - 00000000 ____D C:\Users\HP-PC\AppData\Local\Grammarly
2017-03-13 15:41 - 2017-03-13 15:41 - 00035119 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta
2017-03-13 15:41 - 2017-03-13 15:41 - 00017624 _____ C:\Users\HP-PC\AppData\Roaming\errlog.txt
2017-03-13 15:41 - 2017-03-13 15:41 - 00000000 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.afn
2017-03-13 14:33 - 2017-03-13 14:33 - 00000000 _____ C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.ast
2017-03-12 16:10 - 2017-03-13 15:25 - 02547944 _____ C:\Users\HP-PC\Desktop\Sustaiable development seminar _PPT.ppt.4B4FC70A905FD32B.matrix
2017-03-10 23:22 - 2017-03-13 15:32 - 00000000 ____D C:\Users\HP-PC\jdk
2017-03-10 23:15 - 2017-03-10 23:15 - 00000185 _____ C:\Users\HP-PC\Desktop\Hello.java
2017-03-08 11:04 - 2017-03-18 23:31 - 00000000 ____D C:\Users\HP-PC\Documents\OneNote Notebooks
2017-03-07 20:54 - 2017-03-07 20:54 - 00001417 _____ C:\Users\HP-PC\AppData\Roaming.emacs
2017-03-07 20:46 - 2017-03-07 20:46 - 00000954 _____ C:\Users\HP-PC\Desktop\emacs.exe - Shortcut.lnk
2017-03-07 20:41 - 2017-03-07 20:43 - 00000000 ____D C:\Users\HP-PC\AppData\Roaming.emacs.d
2017-03-07 19:25 - 2017-03-07 19:25 - 00001233 _____ C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey.lnk
2017-03-07 19:25 - 2017-03-07 19:25 - 00000000 ____D C:\Program Files (x86)\SMLNJ
2017-03-07 19:14 - 2017-03-07 19:20 - 13414400 _____ C:\Users\HP-PC\Desktop\smlnj-110.80.msi
2017-03-07 19:13 - 2017-03-13 15:22 - 50603744 _____ C:\Users\HP-PC\Desktop\emacs-24.5-bin-i686-mingw32.zip.4B4FC70A905FD32B.matrix
2017-03-07 14:33 - 2017-03-07 14:33 - 00001233 _____ C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey (2).lnk
2017-03-07 13:04 - 2017-03-07 13:04 - 00000000 ____D C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gnu Emacs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-19 11:50 - 2014-08-30 11:50 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1605944295-1278072363-3366277582-1005
2017-03-19 11:48 - 2014-07-29 21:22 - 05079040 ___SH C:\Users\HP-PC\Downloads\Thumbs.db
2017-03-19 11:46 - 2016-09-06 21:14 - 00000000 ____D C:\Users\183-k\AppData\Roaming\Skype
2017-03-19 11:44 - 2016-12-10 22:10 - 00000000 ____D C:\Users\183-k\AppData\Local\Google
2017-03-19 10:23 - 2014-07-28 21:24 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronizatio n-{B1F2061F-BE85-4148-A1E1-65F4E7E6E010}
2017-03-19 02:18 - 2013-08-22 19:06 - 00000000 ____D C:\Windows\Inf
2017-03-19 02:17 - 2016-11-15 21:58 - 00000000 ____D C:\Program Files (x86)\Connectify
2017-03-19 02:17 - 2014-07-28 21:23 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1605944295-1278072363-3366277582-1001
2017-03-19 02:15 - 2017-02-06 18:50 - 00000000 ____D C:\Users\HP-PC\Documents\Youcam
2017-03-19 02:10 - 2014-07-30 03:01 - 00000000 ___RD C:\Users\HP-PC\OneDrive
2017-03-19 02:04 - 2014-08-02 09:05 - 00000000 ____D C:\Users\183-k
2017-03-19 02:04 - 2014-07-28 21:17 - 00000000 ____D C:\Users\HP-PC
2017-03-19 02:03 - 2013-08-22 20:15 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-19 02:02 - 2014-08-14 05:31 - 666846546 _____ C:\Windows\MEMORY.DMP
2017-03-19 02:02 - 2014-08-14 05:31 - 00000000 ____D C:\Windows\Minidump
2017-03-19 00:44 - 2013-08-22 20:14 - 00784640 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-18 23:55 - 2013-08-22 18:55 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-03-18 23:50 - 2014-12-13 12:28 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-18 20:09 - 2014-07-29 02:57 - 00238880 _____ C:\Users\HP-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-18 20:05 - 2015-10-27 14:46 - 00000000 ____D C:\Program Files (x86)\MathType
2017-03-17 15:19 - 2013-08-22 21:06 - 00000000 ____D C:\Windows\AppReadiness
2017-03-17 10:56 - 2013-08-22 20:50 - 00000000 ____D C:\Windows\CbsTemp
2017-03-17 10:55 - 2014-08-23 10:48 - 00000000 ____D C:\Windows\system32\MRT
2017-03-17 10:46 - 2014-08-23 10:48 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-16 02:18 - 2013-08-22 21:06 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 23:31 - 2014-07-28 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-15 18:47 - 2014-07-28 21:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-03-15 17:54 - 2013-08-22 21:06 - 00000000 ____D C:\Windows\system32\NDF
2017-03-15 11:43 - 2014-03-18 15:23 - 00958356 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-14 20:54 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2017-03-14 20:54 - 2016-06-14 17:47 - 00199392 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-03-14 20:53 - 2016-06-02 22:39 - 00136416 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2017-03-14 20:51 - 2016-09-04 14:55 - 00000000 ____D C:\Users\183-k\AppData\Local\ElevatedDiagnostics
2017-03-14 20:33 - 2016-06-20 17:54 - 00509728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-14 20:16 - 2013-08-22 18:55 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-14 20:13 - 2013-08-22 21:06 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-03-14 19:45 - 2014-07-28 21:19 - 00000000 ____D C:\Users\HP-PC\AppData\Local\Hewlett-Packard
2017-03-14 19:45 - 2013-08-22 21:06 - 00000000 ____D C:\Windows\tracing
2017-03-14 14:54 - 2014-07-28 21:33 - 00000000 ____D C:\Users\HP-PC\AppData\Local\Google
2017-03-14 14:45 - 2014-07-28 21:47 - 00002276 _____ C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-14 14:45 - 2014-07-28 21:47 - 00002246 _____ C:\Users\HP-PC\Desktop\Google Chrome.lnk
2017-03-14 13:43 - 2016-06-29 17:32 - 00000000 ____D C:\Program Files (x86)\Ckikution
2017-03-14 02:15 - 2014-08-30 12:02 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronizatio n-{3B4D6E76-FC38-41A1-9102-DBC7623838F7}
2017-03-14 02:14 - 2014-08-02 09:04 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1605944295-1278072363-3366277582-1004
2017-03-14 02:12 - 2014-11-06 12:35 - 00029184 ___SH C:\Users\shrey\Downloads\Thumbs.db
2017-03-14 02:11 - 2014-08-30 12:03 - 00000000 ____D C:\Users\shrey\Documents\Youcam
2017-03-14 01:15 - 2015-02-03 09:59 - 00000000 ____D C:\temp
2017-03-13 15:41 - 2016-04-05 18:42 - 12322828 _____ C:\Users\shrey\Downloads\MAY 2014.zip.4B4FC70A905FD32B.matrix
2017-03-13 15:41 - 2016-04-05 18:41 - 11749995 _____ C:\Users\shrey\Downloads\MAY 2012.zip.4B4FC70A905FD32B.matrix
2017-03-13 15:41 - 2013-08-22 21:06 - 00000000 __RHD C:\Users\Public\Libraries
2017-03-13 15:31 - 2015-10-28 10:09 - 00000000 ____D C:\Users\HP-PC\GeoGebra 5.0
2017-03-13 15:30 - 2016-02-12 12:05 - 00001421 ____H C:\Users\HP-PC\Downloads~$presentation 2.pptx
2017-03-13 15:28 - 2016-12-01 03:03 - 00026856 _____ C:\Users\HP-PC\Documents\Rescue3.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2016-06-16 00:37 - 00000000 ____D C:\Users\HP-PC\Documents\Latex Files
2017-03-13 15:28 - 2016-02-16 11:14 - 00552680 _____ C:\Users\HP-PC\Documents\Rescue2.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-12-08 01:48 - 00085224 _____ C:\Users\HP-PC\Documents\Rescue1.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-11-01 13:37 - 00007425 _____ C:\Users\HP-PC\Documents\IMP.2.ggb.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-11-01 12:29 - 00008632 _____ C:\Users\HP-PC\Documents\IMP.ggb.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-09-17 16:32 - 01853672 _____ C:\Users\HP-PC\Documents\Rescue.asd.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2015-05-21 16:08 - 00000000 ____D C:\Users\HP-PC\Documents\IB Question Papers
2017-03-13 15:28 - 2014-08-17 09:30 - 54240515 _____ C:\Users\HP-PC\Documents\IMG_0696.MOV.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2014-08-17 09:30 - 26736097 _____ C:\Users\HP-PC\Documents\IMG_0684.MOV.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2014-08-10 16:39 - 00001421 ____H C:\Users\HP-PC\Documents~$Role Of Education in Creating a Sense of.pptx
2017-03-13 15:28 - 2014-08-09 22:59 - 00157150 _____ C:\Users\HP-PC\Documents\Role Of Education in Creating a Sense of.pptx.4B4FC70A905FD32B.matrix
2017-03-13 15:28 - 2014-07-28 21:17 - 00000000 ___HD C:\Users\HP-PC\Documents\hp.system.package.metadata
2017-03-13 15:27 - 2017-01-20 18:11 - 00000000 ____D C:\Users\HP-PC\Documents\DST SHE Scholarship Relevant Documents
2017-03-13 15:27 - 2016-02-15 09:30 - 00003502 ____H C:\Users\HP-PC\Documents\Default.rdp
2017-03-13 15:27 - 2015-04-22 10:00 - 99711929 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (3_3) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 99711929 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (3_3) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 99711929 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (3_3) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 78880388 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar spectra - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 78880388 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar spectra - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 66528949 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (1_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 66528949 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (1_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 56863464 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (2_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 56863464 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (2_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 56550765 _____ C:\Users\HP-PC\Documents\Astrophysics - Redshift due to expanding space - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 45408275 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (1_3) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 45408275 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (1_3) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 45408275 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (1_3) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39409583 _____ C:\Users\HP-PC\Documents\Astrophysics - Spectral Classes - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39409583 _____ C:\Users\HP-PC\Documents\Astrophysics - Spectral Classes - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39383880 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (1_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 39383880 _____ C:\Users\HP-PC\Documents\Astrophysics - Stellar properties (1_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25387440 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (2_3) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25387440 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (2_3) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25387440 _____ C:\Users\HP-PC\Documents\Astrophysics - Solar system (2_3) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 25050921 _____ C:\Users\HP-PC\Documents\Astrophysics - Our place in space (2_2) - (IB Physics, GCSE, A level, AP)[2].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 15169781 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (2_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 10:00 - 15169781 _____ C:\Users\HP-PC\Documents\Astrophysics - Types of stars (2_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 09:59 - 25050921 _____ C:\Users\HP-PC\Documents\Astrophysics - Our place in space (2_2) - (IB Physics, GCSE, A level, AP)[1].mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-22 09:59 - 25050921 _____ C:\Users\HP-PC\Documents\Astrophysics - Our place in space (2_2) - (IB Physics, GCSE, A level, AP).mp4.4B4FC70A905FD32B.matrix
2017-03-13 15:27 - 2015-04-15 09:48 - 00000000 ____D C:\Users\HP-PC\Documents\astrophysics
2017-03-13 15:27 - 2014-07-28 23:02 - 00000000 ____D C:\Users\HP-PC\Documents\Books
2017-03-13 15:25 - 2016-12-14 18:32 - 00001421 ____H C:\Users\HP-PC\Desktop~$NBA Campus Influencer Profiles.pptx
2017-03-13 15:22 - 2016-11-24 13:21 - 00000000 ____D C:\Users\HP-PC\Desktop\Important Documents
2017-03-13 15:22 - 2014-12-07 19:52 - 00000000 ____D C:\Users\HP-PC\Desktop\Practise
2017-03-13 15:22 - 2014-08-04 05:33 - 00000000 ____D C:\Users\HP-PC\Desktop\Laksh
2017-03-13 15:21 - 2016-09-10 02:29 - 00001485 _____ C:\Users\183-k.tracker.prefs.4B4FC70A905FD32B.matrix
2017-03-13 15:21 - 2016-09-03 08:17 - 00000000 ____D C:\Users\HP-PC.idlerc
2017-03-13 15:21 - 2016-01-27 09:06 - 00005392 _____ C:\ProgramData\oqztiqep.adk.4B4FC70A905FD32B.matri x
2017-03-13 15:21 - 2015-04-11 17:25 - 00000000 ____D C:\Users\HP-PC\Desktop\bin
2017-03-13 15:21 - 2014-10-22 20:22 - 00000000 ____D C:\Users\183-k\Desktop\lib
2017-03-13 15:21 - 2014-10-22 20:22 - 00000000 ____D C:\Users\183-k\Desktop\bin
2017-03-13 15:21 - 2014-08-30 11:31 - 00000000 ____D C:\ProgramData\Autograph 3
2017-03-13 15:21 - 2014-08-04 05:32 - 00000000 ____D C:\Users\HP-PC\bluej
2017-03-13 15:21 - 2014-08-02 09:06 - 00000000 ___HD C:\Users\183-k\Documents\hp.system.package.metadata
2017-03-13 15:21 - 2014-04-01 06:37 - 00000000 ___HD C:\SYSTEM.SAV
2017-03-13 15:19 - 2016-02-20 15:37 - 00000000 ____D C:\SmartDraw CI
2017-03-13 15:12 - 2017-02-16 10:37 - 00000000 ____D C:\LJM1130_M1210_MFP_Full_Solution
2017-03-13 14:57 - 2016-09-03 08:14 - 00000000 ____D C:\Python27
2017-03-13 14:57 - 2016-01-27 10:48 - 00000000 ____D C:\Users\HP-PC\Documents\ezvid
2017-03-13 14:57 - 2014-11-06 12:31 - 11883111 _____ C:\Users\shrey\Downloads\DSC_0050.JPG.4B4FC70A905F D32B.matrix
2017-03-13 14:57 - 2014-11-06 12:26 - 12132512 _____ C:\Users\shrey\Downloads\DSC_0073.JPG.4B4FC70A905F D32B.matrix
2017-03-13 14:57 - 2014-10-22 20:22 - 00179656 _____ C:\Users\183-k\Desktop\THIRDPARTYLICENSEREADME.txt.4B4FC70A905F D32B.matrix
2017-03-13 14:57 - 2014-10-22 20:22 - 00111370 _____ C:\Users\183-k\Desktop\THIRDPARTYLICENSEREADME-JAVAFX.txt.4B4FC70A905FD32B.matrix
2017-03-13 14:57 - 2014-10-22 20:22 - 00001302 _____ C:\Users\183-k\Desktop\README.txt.4B4FC70A905FD32B.matrix
2017-03-13 14:56 - 2016-12-14 20:56 - 00008328 _____ C:\Users\HP-PC\image001.jpg.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-08-02 23:41 - 00250534 _____ C:\Users\shrey\Downloads\Account Statement.PDF.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-08-02 23:41 - 00098092 _____ C:\Users\shrey\Downloads\PAN.pdf.4B4FC70A905FD32B. matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00346023 _____ C:\Users\shrey\Downloads\Computer_science_paper_2_ _SL.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00284405 _____ C:\Users\shrey\Downloads\Computer_science_paper_1_ _SL (1).pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00260714 _____ C:\Users\shrey\Downloads\Computer_science_paper_1_ _SL.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:53 - 00255002 _____ C:\Users\shrey\Downloads\Computer_science_paper_2_ _SL (1).pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 21:45 - 00387807 _____ C:\Users\shrey\Downloads\HL p1 markscheme May 2014.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:55 - 2016-04-05 18:44 - 04396948 _____ C:\Users\shrey\Downloads\Computer System Study material.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2016-03-27 22:51 - 00190312 _____ C:\Users\HP-PC\Documents\UGA-UGB-2015.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-25 16:28 - 20708124 _____ C:\Users\HP-PC\Documents\Mathematics HL.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 06718848 _____ C:\Users\HP-PC\Documents\MathExploration_Elevators SL MATH EXPLORATION.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 06392037 _____ C:\Users\HP-PC\Documents\MathExploration_Powertothepeople SL MATH EXPLORATION.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 01500816 _____ C:\Users\HP-PC\Documents\IB Math SL Exploration Rubric.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 01059657 _____ C:\Users\HP-PC\Documents\SampleProjectPerfectScore.pdf.4B4FC70 A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00497764 _____ C:\Users\HP-PC\Documents\SL MATH -1.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00377946 _____ C:\Users\HP-PC\Documents\Rainfall[1].pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00241524 _____ C:\Users\HP-PC\Documents\SL MATH -2.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-08-06 17:15 - 00016863 _____ C:\Users\HP-PC\Documents\Intro Research Assignment.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2015-05-03 18:42 - 12128783 _____ C:\Users\HP-PC\Documents\Layout Design6.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:46 - 2014-08-10 16:31 - 14504766 _____ C:\Users\HP-PC\Documents\The Echo [pub final edition].pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2017-02-05 18:32 - 00000000 ____D C:\Users\HP-PC\Desktop\Scholarships
2017-03-13 14:45 - 2016-07-15 23:09 - 00000000 ___D C:\Users\HP-PC\Documents\Delhi University
2017-03-13 14:45 - 2015-08-06 17:15 - 05109150 _____ C:\Users\HP-PC\Documents\Frequently asked questions.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 02530171 _____ C:\Users\HP-PC\Documents\Detail Information Math SL IA.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 02234539 _____ C:\Users\HP-PC\Documents\Cycloids and Paths.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00924734 _____ C:\Users\HP-PC\Documents\Exploration Describtion.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00471243 _____ C:\Users\HP-PC\Documents\example_5_annotations-Newton-Raphson.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00388756 _____ C:\Users\HP-PC\Documents\example04_e.pdf.4B4FC70A905FD32B.matr ix
2017-03-13 14:45 - 2015-08-06 17:15 - 00338007 _____ C:\Users\HP-PC\Documents\Example_A-Beginnings_of_Pi (1).pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00325254 _____ C:\Users\HP-PC\Documents\Example_B-Sangaku_Puzzles.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00224571 _____ C:\Users\HP-PC\Documents\Example_D-Medical_Testing.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00146829 _____ C:\Users\HP-PC\Documents\Example_C-_Clue.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-08-06 17:15 - 00065959 _____ C:\Users\HP-PC\Documents\Exploration Guideline for Students 2014.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:45 - 2015-05-21 16:08 - 00000000 ____D C:\Users\HP-PC\Documents\Comp Papers
2017-03-13 14:45 - 2015-04-30 18:34 - 07515247 _____ C:\Users\HP-PC\Documents\Barron’s SAT Math Level 2.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:42 - 2016-12-12 21:14 - 00112138 _____ C:\Users\HP-PC\2015-1.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:42 - 2016-07-15 09:46 - 00000000 ____D C:\Users\HP-PC\Desktop\IMPORTANT
2017-03-13 14:42 - 2016-06-08 23:00 - 00000000 ____D C:\Users\HP-PC\Desktop\Mathematics
2017-03-13 14:42 - 2015-10-30 10:06 - 00033647 _____ C:\Users\HP-PC\Desktop\COMMON APP.pdf.4B4FC70A905FD32B.matrix
2017-03-13 14:39 - 2016-02-21 18:59 - 00017290 _____ C:\Users\shrey\Downloads\Les questions pour l.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:39 - 2015-08-24 12:55 - 19740392 _____ C:\Users\HP-PC\Documents\Loan History by Borrower - Doon School.doc.4B4FC70A905FD32B.matrix
2017-03-13 14:39 - 2014-10-20 21:08 - 00021244 _____ C:\Users\shrey\Downloads\Aditya-Bhattacharya_CommApp draft 6_Oct.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2017-02-09 20:02 - 00046276 _____ C:\Users\HP-PC\Documents\New Property return form IPS-2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2017-01-20 11:36 - 00317622 _____ C:\Users\HP-PC\Documents\Letter.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-10-23 23:36 - 00017558 _____ C:\Users\HP-PC\Documents\Shrey Aryan- HKUST Personal Statement.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-07-28 15:11 - 00016213 _____ C:\Users\HP-PC\Documents\Ms Priyamvada Taneja.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-02-20 16:34 - 00130280 _____ C:\Users\HP-PC\Documents\Rescue3.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-02-19 10:28 - 00318863 _____ C:\Users\HP-PC\Documents\Woodrow Wilson Undergraduate Research Fellowship.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2016-02-13 19:13 - 00030738 _____ C:\Users\HP-PC\Documents\Quick Derivation.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2015-04-11 21:34 - 00013635 _____ C:\Users\HP-PC\Documents\Method for EE.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2015-03-06 16:53 - 00028001 _____ C:\Users\HP-PC\Documents\SC_Form_Parent_Questionnaire 2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2015-03-06 16:47 - 00027367 _____ C:\Users\HP-PC\Documents\Teacher_reco_form 2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-27 23:03 - 00517246 _____ C:\Users\HP-PC\Documents\Shanti Swaroop - Rudra.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-23 21:40 - 00016370 _____ C:\Users\HP-PC\Documents\Physics Practical.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-20 00:08 - 00020302 _____ C:\Users\HP-PC\Documents\The implications of declining pollinators.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:37 - 2014-08-13 16:51 - 01182964 _____ C:\Users\HP-PC\Documents\Poster 1.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2016-03-13 11:04 - 01247967 _____ C:\Users\HP-PC\Documents\Awards.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-08-19 20:11 - 00025937 _____ C:\Users\HP-PC\Documents\Application form Science Master’s trophy.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-05-14 07:16 - 00015525 _____ C:\Users\HP-PC\Documents\French Oral.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-04-13 15:32 - 00015470 _____ C:\Users\HP-PC\Documents\Comman App essay.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-03-06 16:25 - 00023280 _____ C:\Users\HP-PC\Documents\Doon School US College Planning Program 2015.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2015-02-11 12:28 - 00017319 _____ C:\Users\HP-PC\Documents\Article for Commentary.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2014-08-17 07:56 - 00132589 _____ C:\Users\HP-PC\Documents\Dynamo PSOW - DCP (2).docx.4B4FC70A905FD32B.matrix
2017-03-13 14:36 - 2014-08-13 13:55 - 00028157 _____ C:\Users\HP-PC\Documents\Differntial Equations.docx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2016-09-17 07:48 - 00017338 _____ C:\Users\HP-PC\Desktop\PLAN (Autosaved).xlsx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2016-09-04 23:11 - 00001421 ____H C:\Users\HP-PC\Downloads~$university-policy-index-en.xlsx
2017-03-13 14:35 - 2016-07-24 21:38 - 00017435 _____ C:\Users\HP-PC\Desktop\PLAN.xlsx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2016-03-04 19:19 - 00001421 ____H C:\Users\HP-PC\Desktop~$MOST IMPORTANT TABLE.xlsx
2017-03-13 14:35 - 2014-10-05 10:02 - 00010126 _____ C:\Users\HP-PC\Documents\Book1.xlsx.4B4FC70A905FD32B.matrix
2017-03-13 14:35 - 2014-08-13 09:56 - 00001421 ____H C:\Users\HP-PC\Desktop~$Lab 4 - Data Table.xlsx
2017-03-12 16:10 - 2015-01-02 08:24 - 00481792 ___SH C:\Users\HP-PC\Desktop\Thumbs.db
2017-03-10 10:04 - 2016-11-13 12:16 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-10 10:04 - 2016-11-13 12:16 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-07 20:46 - 2014-07-28 22:53 - 00000000 ____D C:\Users\HP-PC\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2016-01-27 09:06 - 2016-01-27 09:06 - 0000016 _____ () C:\ProgramData\mntemp
2016-01-27 09:06 - 2017-03-13 15:21 - 0005392 _____ () C:\ProgramData\oqztiqep.adk.4B4FC70A905FD32B.matri x
2017-03-13 15:21 - 2017-03-13 14:35 - 0004904 _____ () C:\ProgramData\Readme-Matrix.rtf
[HEADING=1]Files to move or delete:[/HEADING]
C:\Users\HP-PC\LJM1130_M1210_MFP_Full_Solution.exe
[HEADING=1]Some files in TEMP:[/HEADING]
2016-06-23 20:22 - 2016-06-23 20:41 - 160815464 _____ (BlackBerry) C:\Users\183-k\AppData\Local\Temp\BlackBerryDesktopSoftware.exe
2016-06-23 20:22 - 2015-04-02 00:12 - 73521000 ____R (Research In Motion Ltd. ) C:\Users\183-k\AppData\Local\Temp\BlackBerryDeviceManager.exe
2016-06-23 20:21 - 2015-04-02 00:12 - 2423032 ____R () C:\Users\183-k\AppData\Local\Temp\BlackBerryLauncher.exe
2017-02-16 13:52 - 2016-12-29 17:26 - 0034992 _____ (Zoom Video Communications, Inc.) C:\Users\HP-PC\AppData\Local\Temp\CptInstall.exe
2017-02-16 13:52 - 2016-12-29 17:22 - 0146608 _____ (Zoom Video Communications, Inc.) C:\Users\HP-PC\AppData\Local\Temp\CptShare.dll
2016-06-17 00:46 - 2016-06-17 00:46 - 16102400 ____N () C:\Users\HP-PC\AppData\Local\Temp\javagiac0.12794759805232792. dll
2017-01-05 19:28 - 2017-01-05 19:28 - 16466432 ____N () C:\Users\HP-PC\AppData\Local\Temp\javagiac0.18537445423032273. dll
2017-01-05 03:24 - 2017-01-05 03:24 - 16466432 ____N () C:\Users\HP-PC\AppData\Local\Temp\javagiac0.6508720690561198.d ll
2017-01-24 16:33 - 2017-01-24 16:33 - 0739904 _____ (Oracle Corporation) C:\Users\HP-PC\AppData\Local\Temp\jre-8u121-windows-au.exe
2016-06-03 00:31 - 2016-07-06 18:43 - 0739904 _____ (Oracle Corporation) C:\Users\HP-PC\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-02-20 15:37 - 2012-08-13 07:46 - 0348160 _____ (Microsoft Corporation) C:\Users\HP-PC\AppData\Local\Temp\msvcr71.dll
2016-02-07 19:41 - 2016-02-07 19:49 - 63077776 _____ (SweetLabs,Inc.) C:\Users\HP-PC\AppData\Local\Temp\octC7C4.tmp.exe
2016-02-22 10:17 - 2016-02-22 10:18 - 1171352 _____ (Apowersoft Ltd. ) C:\Users\HP-PC\AppData\Local\Temp\rth0bewx.25z.exe
2016-02-07 19:47 - 2016-02-07 19:50 - 0524288 _____ () C:\Users\HP-PC\AppData\Local\Temp\SkypeSetup.exe
2017-02-16 13:52 - 2016-12-29 17:25 - 0090288 _____ () C:\Users\HP-PC\AppData\Local\Temp\zCrashReport.dll
2016-02-11 14:36 - 2016-02-11 14:36 - 2519960 _____ (Google Inc.) C:\Users\HP-PC\AppData\Local\Temp{D101A98B-A458-4033-ACE6-87FDC07AA988}-48.0.2564.109_48.0.2564.103_chrome_updater.exe
2016-06-09 10:52 - 2016-06-09 10:56 - 12829272 _____ (Google Inc.) C:\Users\HP-PC\AppData\Local\Temp{D7177B5E-9E64-48DD-A82E-4B436BB8057A}-51.0.2704.84_50.0.2661.102_chrome_updater.exe
2016-05-21 16:52 - 2016-05-21 16:53 - 8777304 _____ (Google Inc.) C:\Users\HP-PC\AppData\Local\Temp{E18746EF-5F93-480B-81C3-C1405CE72C1B}-50.0.2661.102_49.0.2623.112_chrome_updater.exe
2016-12-09 18:08 - 2016-12-09 18:26 - 64108904 _____ (SweetLabs,Inc.) C:\Users\shrey\AppData\Local\Temp\oct7981.tmp.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-18 16:53

==================== End of FRST.txt ============================

[HEADING=1]Ran by 183-k (19-03-2017 11:55:34)
Running from C:\Users\HP-PC\Downloads
Windows 8.1 Single Language (Update) (X64) (2014-07-28 15:47:16)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

183-k (S-1-5-21-1605944295-1278072363-3366277582-1005 - Administrator - Enabled) => C:\Users\183-k
Administrator (S-1-5-21-1605944295-1278072363-3366277582-500 - Administrator - Disabled)
Guest (S-1-5-21-1605944295-1278072363-3366277582-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1605944295-1278072363-3366277582-1003 - Limited - Enabled)
HP-PC (S-1-5-21-1605944295-1278072363-3366277582-1001 - Limited - Enabled) => C:\Users\HP-PC
shrey (S-1-5-21-1605944295-1278072363-3366277582-1004 - Limited - Enabled) => C:\Users\shrey

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop CS4 (HKLM-x32...\Adobe Photoshop CS4_is1) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Apowersoft Screen Recorder Pro V2.1.1 (HKLM-x32...{dc9006db-6b05-4f0f-833b-79ef3f284c24}is1) (Version: 2.1.1 - APOWERSOFT LIMITED)
Autograph 3.3 (HKLM-x32...{AD6A8057-680B-459E-84D6-13A880A3575C}) (Version: 3.30.10.0 - Eastmond Publishing Ltd.)
Avast Free Antivirus (HKLM-x32...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
BDAntiRansomware (HKLM...{BE40AB1F-558F-4434-B72F-461EF97E7796}is1) (Version: 1.0.12.1 - Bitdefender)
BlackBerry 10 Desktop Software (HKLM-x32...{a0642dd3-1105-464b-84c8-caaf676c39c8}) (Version: 1.1.0.22 - BlackBerry)
BlackBerry Blend (x32 Version: 1.1.0.23 - BlackBerry Ltd.) Hidden
BlackBerry Communication Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Device Drivers (x32 Version: 8.0.0.119 - BlackBerry Ltd.) Hidden
BlackBerry Link (x32 Version: 1.2.4.28 - BlackBerry) Hidden
BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
BlueJ (HKLM-x32...{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.4 - BlueJ Team)
Broadcom 802.11 Wireless LAN Adapter (HKLM...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.223.215.5 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM...{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9130 - Broadcom Corporation)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32...{4A3579A7-8A6A-4F07-8EFD-9E1DD7605864}is1) (Version: 1.0 - Universal Music India)
Corel Graphics - Windows Shell Extension (HKLM..._{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CyberLink Media Suite 10 (HKLM-x32...\InstallShield{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32...\InstallShield{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32...\InstallShield{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DjVu Solo 3.1 (HKLM-x32...\DjVu Solo 3.1) (Version: - )
D-Link Connection Manager v7.0.1IN (HKLM-x32...\Broad Mobi HSPA Modem Normal Version_is1) (Version: - )
Energy Star (HKLM...{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32...{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
GeoGebra 5 (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\GeoGebra 5) (Version: 5.0.166.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 57.0.2987.98 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Graph 4.3 (HKLM-x32...\Graph_is1) (Version: - Ivan Johansen)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Host App Service (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\SweetLabs_AP) (Version: 0.269.7.840 - Pokki)
HP 3D DriveGuard (HKLM-x32...{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32...{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32...{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM...{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32...{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32...{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM...{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32...{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IB Questionbank Maths HL (HKLM-x32...\IB Questionbank IB_MH) (Version: - )
IB Questionbank Physics (HKLM-x32...\IB Questionbank IB_PH) (Version: - )
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32...{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32...{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM...{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM...{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Logger Pro 3.6.1 (HKLM-x32...{CBE48FF8-521A-4AE1-92B5-7008D8529630}) (Version: 3.6.0 - Vernier Software & Technology)
Malwarebytes version 3.0.6.1469 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MathType 6 (HKLM-x32...\DSMT6) (Version: 6.7 - Design Science, Inc.)
Microsoft Mathematics Add-in (32-bit) (HKLM-x32...{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)
Microsoft Office (HKLM-x32...{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32...{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32...{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MMX200G Netwarrior Manager V20090909 (HKLM...{D1F9117F-7187-4734-B105-8EEB4B2A3696}_is1) (Version: - Micromax Informatics Limited)
Mozilla Firefox (3.5.7) (HKLM-x32...\Mozilla Firefox (3.5.7)) (Version: 3.5.7 (en-US) - Mozilla)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Python 2.7.9 (HKLM-x32...{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
Realtek Card Reader (HKLM-x32...{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
RescueTime 2.12.5.1490 (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version: - RescueTime.com)
Scan To (HKLM...{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SHAREit (HKLM-x32...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo)
Skype Click to Call (HKLM-x32...{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
slitherlink version 1.0 (HKLM-x32...\slitherlink_is1) (Version: - )
Standard ML of New Jersey (HKLM-x32...{F7CA0FDB-0C97-480B-A532-2A579917CFDB}) (Version: 0.0.0.0 - University of Chicago)
Start Menu (HKU\S-1-5-21-1605944295-1278072363-3366277582-1001...\SweetLabs_Start_Menu) (Version: 0.269.7.840 - Pokki)
Start Menu (HKU\S-1-5-21-1605944295-1278072363-3366277582-1005...\Pokki) (Version: 0.269.2.437 - Pokki)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
Texmaker (HKLM-x32...\Texmaker) (Version: - )
Tracker (HKLM-x32...\OSP Tracker) (Version: 4.94 - Open Source Physics)
VPython 6.11 (HKLM-x32...\VPython for Python 2.7_is1) (Version: - )
WinDjView 2.0.1 (HKLM...\WinDjView) (Version: 2.0.1 - Andrew Zhezherun)
WinRAR 5.10 (64-bit) (HKLM...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.25.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.27.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.30.3\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.31.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.1\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.13\psuser_64 .dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.29.5\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 → C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.24.15\psuser_64 .dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.26.9\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.29.1\psuser_64. dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.25.11\psuser_64 .dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1001_Classes\CLSID{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 → C:\Users\HP-PC\AppData\Local\Google\Update\1.3.28.15\psuser_64 .dll => No File
CustomCLSID: HKU\S-1-5-21-1605944295-1278072363-3366277582-1005_Classes\CLSID{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 → C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01315D50-B242-4D91-A669-D1ED409D0262} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-14] (AVAST Software)
Task: {0219BF6B-4691-4A8B-B178-56FFF61475DE} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {070342EE-1507-4AE6-8AD5-7A2579EB1AC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-14] (Google Inc.)
Task: {1A863726-086B-42F3-ACBC-DF6752958E12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {29A46853-9769-454D-AFF2-430468021DE2} - System32\Tasks\SweetLabs App Platform => %LOCALAPPDATA%\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
Task: {2D94957D-4B03-46E7-920E-42978DA09CE4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-03-14] (AVAST Software)
Task: {4C8F99BA-5F62-451D-AEAA-50456A9AFDF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-14] (Google Inc.)
Task: {4EEFA05D-3276-41CF-A79A-F2C00D27F262} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {52F171EF-964E-4577-838C-2F9C09733248} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2014-02-12] ()
Task: {5F2066DB-0217-4F83-BBE9-E38D888098E9} - System32\Tasks\SDMsgUpdate (TE) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {61AAE424-B58F-4FD8-821A-6461A83209F1} - System32\Tasks\SDMsgUpdate (Local) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {769B17B9-B330-462C-A9DE-508E1F823989} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC4 2-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-07-11] (AO Kaspersky Lab)
Task: {8D3CE45B-EA58-4026-9922-10070FD498E3} - System32\Tasks\BDAntiCryptoWallTask => C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRan somware.exe [2016-05-16] ()
Task: {A1095FFC-DFCF-4D22-BD61-A029EF25DB12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-30] (Hewlett-Packard Company)
Task: {A402029B-4631-40B9-9BB6-3D89EFEC5968} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-02] (Hewlett-Packard Development Company, L.P.)
Task: {B69BDAEC-684E-4604-9A48-DF14EC6CCA42} - System32\Tasks\TinyTakeUpgrade => C:\Users\HP-PC\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {DF38DFA3-8A2A-4F3D-A6DB-79F757FF401F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {FE079EE5-FAC7-47D1-8254-37B606874DCD} - System32\Tasks\HPCeeScheduleForHP-PC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForHP-PC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-03-29 02:01 - 2014-03-29 02:01 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-29 02:18 - 2014-03-29 02:18 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-29 02:18 - 2014-03-29 02:18 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-12-04 21:14 - 2013-12-04 21:14 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 21:14 - 2013-12-04 21:14 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 21:14 - 2013-12-04 21:14 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2017-03-13 23:41 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-13 23:41 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2014-03-29 02:06 - 2014-03-29 02:06 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-07-28 20:41 - 2013-07-28 20:41 - 05849088 _____ () C:\Program Files (x86)\Texmaker\texmaker.exe
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2015-03-19 12:22 - 2015-03-19 12:22 - 00094208 _____ () C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
2014-05-13 08:48 - 2013-12-10 20:57 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-14 01:10 - 2017-03-14 01:10 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-14 01:25 - 2017-03-09 11:01 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libgl esv2.dll
2017-03-14 01:25 - 2017-03-09 11:01 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.98\libeg l.dll
2017-03-14 01:10 - 2017-03-14 01:10 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-14 01:08 - 2017-03-14 01:08 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-14 01:10 - 2017-03-14 01:10 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-06 21:15 - 2016-09-06 21:15 - 00081408 ____T () C:\Users\183-k\AppData\Local\Microsoft\bass_vst.dll
2016-09-06 21:15 - 2017-03-19 11:46 - 01758720 ____T () C:\Users\183-k\AppData\Local\Microsoft\engine_vx.dll
2017-03-19 00:51 - 2017-03-19 00:51 - 05885952 _____ () C:\Program Files\AVAST Software\Avast\defs\17031801\algo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMSwissArmy => “”=“Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\mcpltsvc => “”=“”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => “”=“Service”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMSwissArmy => “”=“Driver”
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mcpltsvc => “”=“”

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:55 - 2016-06-29 17:34 - 00001188 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1605944295-1278072363-3366277582-1001\Control Panel\Desktop\Wallpaper → C:\Windows\Web\Wallpaper\Hewlett-Packard Backgrounds\Birth_Of_An_Idea.jpg
HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Control Panel\Desktop\Wallpaper → C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{64B9D502-F2A9-4D07-B273-49337AF2CD3C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{D94E5D30-5E92-4364-BBAD-3AA9C3B43892}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DM REngine.exe
FirewallRules: [{96188C50-7FD1-4C02-8BEE-F46247AA0F84}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPD VD12.exe
FirewallRules: [{F06983FC-8920-4F3D-AD39-3ED40BE5168B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{D2FB5136-8CCA-4944-B878-5650789950DC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{1B7D9E60-79F4-4183-915B-91634E85450C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6D61EDC4-F73B-4414-8D90-AD7972CEB22D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{54CAF249-D498-4C7F-B8C4-C39F2E1BCE20}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{99D6E21E-92B1-423B-86AD-FB5FC8517AD8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{40384E5F-55E0-499D-9AEC-CA92286AD093}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A93C04BE-3839-4F93-8564-C2766514A9AE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1A4F5393-C5B1-4E5C-AE5B-214DC99F4B70}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{2517537D-6605-4903-8DCB-68E19BC804FF}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [TCP Query User{65B266A6-66D4-4E10-B23C-3FBD9B576A95}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [UDP Query User{0C91A68E-1569-4DA7-8549-70DDEC003B4E}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [{316F8418-7F3F-4692-AE72-629A3DA48253}] => (Allow) tunmgr.exe
FirewallRules: [{EEC9BDE7-52BB-4B9C-9419-E45B704D5D7C}] => (Allow) tunmgr.exe
FirewallRules: [{88E06CDD-9511-494A-BA9D-98F04B1AF38A}] => (Allow) mDNSResponder.exe
FirewallRules: [{D17EDF1B-D27C-468B-A50A-8681D0C05702}] => (Allow) mDNSResponder.exe
FirewallRules: [{265A663D-1E01-42C0-ADEE-9122EDF880AD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{6FD288FF-75F9-43D9-BB0C-A6244923910D}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe
FirewallRules: [TCP Query User{5466A29F-7602-4701-8485-DE54D70CDB43}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{AF38A96D-61F4-4485-BB03-843BDED0E84B}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{C5281240-DE99-43A1-A5E7-D10E4B3DFAB3}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{EF832788-1AB2-43F4-A5F7-8623E4B65025}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [TCP Query User{0570EF7A-B81F-438A-9275-00DCFB086E90}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{987B2294-3DF7-431A-94A1-70E71B31D31C}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [TCP Query User{599CDD59-2084-42C3-8439-2773CF39318B}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [UDP Query User{44A31A6F-A90F-4A86-A40E-3BB028D870D9}C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe] => (Block) C:\users\hp-pc\appdata\local\google\chrome\application\chrome. exe
FirewallRules: [{FC773ECF-F98A-480C-99D5-412EDE318A0D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{4D4B1086-6642-4F0E-89FC-D3ED5034BA6E}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [UDP Query User{FD67FAE2-2BC5-42EC-B297-027A5F1BE508}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Block) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe
FirewallRules: [{0AF9D8E7-9842-41AE-95F2-9FBC5A93E355}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

15-03-2017 20:26:32 Scheduled Checkpoint
18-03-2017 20:05:24 Installed Microsoft Mathematics Add-in (32-bit)

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

Name: hp DVDRAM GU90N
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (03/19/2017 10:43:34 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13328

Error: (03/19/2017 10:43:34 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13328

Error: (03/19/2017 10:43:34 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/19/2017 10:20:34 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 580: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (03/19/2017 10:20:34 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (03/19/2017 10:20:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe! Microsoft.WindowsLive.Calendar failed with error: -2147220995 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/19/2017 10:20:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe! Microsoft.WindowsLive.Calendar failed with error: -2147220995 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/19/2017 10:20:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe! ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147220995 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/19/2017 10:20:01 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22203640

Error: (03/19/2017 10:20:01 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22203640
[HEADING=1]System errors:[/HEADING]
Error: (03/19/2017 02:05:35 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with the following service-specific error:
A device attached to the system is not functioning.

Error: (03/19/2017 02:05:33 AM) (Source: RemoteAccess) (EventID: 20103) (User: )
Description: Unable to load C:\Windows\System32\iprtrmgr.dll.

Error: (03/19/2017 02:02:56 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x00000109 (0xa3a01f59f32ae67e, 0xb3b72be045aae849, 0xffffd0005e5e8fc0, 0x0000000000000002). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 031917-32046-01.

Error: (03/19/2017 02:02:50 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:59:21 on ‎19-‎03-‎2017 was unexpected.

Error: (03/19/2017 12:48:14 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.

Error: (03/19/2017 12:47:46 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 30) (User: NT AUTHORITY)
Description: The event logging service encountered an error (5) while enabling publisher {0BF2FB94-7B60-4B4D-9766-E82F658DF540} to channel Microsoft-Windows-Kernel-ShimEngine/Operational. This does not affect channel operation, but does affect the ability of the publisher to raise events to the channel. One common reason for this error is that the Provider is using ETW Provider Security and has not granted enable permissions to the Event Log service identity.

Error: (03/19/2017 12:46:59 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Routing and Remote Access service terminated with the following service-specific error:
A device attached to the system is not functioning.

Error: (03/19/2017 12:46:55 AM) (Source: RemoteAccess) (EventID: 20103) (User: )
Description: Unable to load C:\Windows\System32\iprtrmgr.dll.

Error: (03/19/2017 12:44:21 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 00:08:46 on ‎19-‎03-‎2017 was unexpected.

Error: (03/19/2017 12:08:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:58:53 on ‎18-‎03-‎2017 was unexpected.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2017-02-17 18:14:44.401
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-09 12:14:04.550
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-29 22:51:31.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-29 22:51:29.813
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-12 13:48:49.938
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-12 13:48:49.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-24 12:55:16.569
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-19 10:08:26.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-13 08:57:58.378
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1 \OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-10 17:04:49.457
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core™ i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 82%
Total physical RAM: 4026.15 MB
Available physical RAM: 714.79 MB
Total Virtual: 8122.15 MB
Available Virtual: 3374.02 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:455.69 GB) (Free:334.28 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.21 GB) (Free:2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (New Volume) (Fixed) (Total:454.59 GB) (Free:452.6 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 931.5 GB) (Disk ID: CAF3903F)

Partition: GPT.

==================== End of Addition.txt ============================

[HEADING=1]Run date: 2017-03-19 01:21:03[/HEADING]
01:21:03.005 OS Version: Windows x64 6.2.9200
01:21:03.005 Number of processors: 4 586 0x4501
01:21:03.008 ComputerName: HP UserName:
01:21:21.516 Initialize success
01:21:31.792 VM: initialized successfully
01:21:31.796 VM: Intel CPU BiosDisabled
01:21:43.015 AVAST engine defs: 17031801
01:22:57.801 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\00000033
01:22:57.803 Disk 0 Vendor: HGST_HTS541010A9E680 JA0OA710 Size: 953869MB BusType: 11
01:22:58.010 Disk 0 MBR read successfully
01:22:58.016 Disk 0 MBR scan
01:22:59.528 Disk 0 unknown MBR code
01:22:59.562 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
01:23:01.168 Disk 0 scanning C:\Windows\system32\drivers
01:23:56.038 Service scanning
01:24:13.443 Service cm_km C:\Windows\system32\DRIVERS\cm_km.sys LOCKED 5
01:24:36.371 Service kl1 C:\Windows\system32\DRIVERS\kl1.sys LOCKED 5
01:24:36.535 Service klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys LOCKED 5
01:24:36.948 Service kldisk C:\Windows\system32\DRIVERS\kldisk.sys LOCKED 5
01:24:37.166 Service klelam C:\Windows\system32\DRIVERS\klelam.sys LOCKED 5
01:24:37.332 Service klflt C:\Windows\system32\DRIVERS\klflt.sys LOCKED 5
01:24:37.485 Service klhk C:\Windows\System32\drivers\klhk.sys LOCKED 5
01:24:37.948 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys LOCKED 5
01:24:38.227 Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys LOCKED 5
01:24:38.423 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys LOCKED 5
01:24:39.178 Service klwfp C:\Windows\system32\DRIVERS\klwfp.sys LOCKED 5
01:24:39.315 Service Klwtp C:\Windows\system32\DRIVERS\klwtp.sys LOCKED 5
01:24:39.429 Service kneps C:\Windows\system32\DRIVERS\kneps.sys LOCKED 5
01:25:21.695 Modules scanning
01:25:21.696 Disk 0 trace - called modules:
01:25:21.698
01:25:25.557 AVAST engine scan C:\Windows
01:25:29.780 AVAST engine scan C:\Windows\system32
01:33:49.217 AVAST engine scan C:\Windows\system32\drivers
01:34:37.632 AVAST engine scan C:\Users\183-k
01:38:41.228 AVAST engine scan C:\ProgramData
01:43:08.531 Disk 0 statistics 3489450/0/0 @ 2.50 MB/s
01:43:08.541 Scan finished successfully
01:49:36.172 Disk 0 MBR has been saved successfully to “C:\Users\183-k\Desktop\MBR.dat”
01:49:36.186 The log file has been saved successfully to “C:\Users\183-k\Desktop\aswMBR.txt”
[HEADING=1]aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-03-19 11:48:55[/HEADING]
11:48:55.641 OS Version: Windows x64 6.2.9200
11:48:55.642 Number of processors: 4 586 0x4501
11:48:55.644 ComputerName: HP UserName:
11:49:05.627 Initialize success
11:49:05.819 VM: initialized successfully
11:49:05.822 VM: Intel CPU BiosDisabled
11:49:17.977 AVAST engine defs: 17031801
11:50:14.501 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\00000033
11:50:14.564 Disk 0 Vendor: HGST_HTS541010A9E680 JA0OA710 Size: 953869MB BusType: 11
11:50:14.782 Disk 0 MBR read successfully
11:50:14.784 Disk 0 MBR scan
11:50:15.524 Disk 0 unknown MBR code
11:50:15.554 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
11:50:17.266 Disk 0 scanning C:\Windows\system32\drivers
11:51:44.433 Service scanning
11:52:04.879 Service cm_km C:\Windows\system32\DRIVERS\cm_km.sys LOCKED 5
11:52:26.842 Service kl1 C:\Windows\system32\DRIVERS\kl1.sys LOCKED 5
11:52:27.152 Service klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys LOCKED 5
11:52:27.553 Service kldisk C:\Windows\system32\DRIVERS\kldisk.sys LOCKED 5
11:52:27.682 Service klelam C:\Windows\system32\DRIVERS\klelam.sys LOCKED 5
11:52:27.916 Service klflt C:\Windows\system32\DRIVERS\klflt.sys LOCKED 5
11:52:28.239 Service klhk C:\Windows\System32\drivers\klhk.sys LOCKED 5
11:52:28.685 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys LOCKED 5
11:52:28.811 Service klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys LOCKED 5
11:52:29.049 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys LOCKED 5
11:52:30.859 Service klwfp C:\Windows\system32\DRIVERS\klwfp.sys LOCKED 5
11:52:31.332 Service Klwtp C:\Windows\system32\DRIVERS\klwtp.sys LOCKED 5
11:52:31.624 Service kneps C:\Windows\system32\DRIVERS\kneps.sys LOCKED 5
11:53:33.394 Modules scanning
11:53:33.395 Disk 0 trace - called modules:
11:53:33.408 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys storport.sys hal.dll iaStorA.sys
11:53:33.409 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0xffffe0001e756770]
11:53:33.409 3 CLASSPNP.SYS[fffff800d0c5e170] → nt!IofCallDriver → [0xffffe0001e756040]
11:53:33.410 5 hpdskflt.sys[fffff800d159942b] → nt!IofCallDriver → [0xffffe0001c7fde50]
11:53:33.411 7 ACPI.sys[fffff800cfc03c21] → nt!IofCallDriver → \Device\00000033[0xffffe0001c786060]
11:53:42.584 AVAST engine scan C:\Windows
11:53:54.886 AVAST engine scan C:\Windows\system32
12:09:11.890 AVAST engine scan C:\Windows\system32\drivers
12:09:53.846 AVAST engine scan C:\Users\183-k
12:14:55.741 AVAST engine scan C:\ProgramData
12:22:41.391 Disk 0 statistics 3535930/0/0 @ 1.39 MB/s
12:22:41.392 Scan finished successfully
12:24:04.377 Disk 0 MBR has been saved successfully to “C:\Users\183-k\Desktop\MBR.dat”
12:24:04.426 The log file has been saved successfully to “C:\Users\183-k\Desktop\aswMBR.txt”

Ran by 183-k (19-03-2017 12:28:28)
Running from C:\Users\HP-PC\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\site_825077256_en-us.lnk → hxxp://www.windowssearch.com:80/suggestions?qry=movie+maker&cc=IN&setlang=en-US&inlang=en-IN&adlt=strict&scale=100&contrast=none&hw=768%2C13 66&CVID=8B2036828D2E4D2C9E35A9832299FF6

Shortcut: C:\Users\183-k\Links\Desktop.lnk → C:\Users\183-k\Desktop ()
Shortcut: C:\Users\183-k\Links\Downloads.lnk → C:\Users\183-k\Downloads ()
Shortcut: C:\Users\183-k\Links\RecentPlaces.lnk → L ᐁ À 䘀 耟穭⊇㞡䘚낑�깚馼 ă ꀀv 匱卐뜥䟯ယ怂麌곫-
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder 匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀 ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀
Shortcut: C:\Users\183-k\Desktop\Texmaker.lnk → C:\Program Files (x86)\Texmaker\texmaker.exe ()
Shortcut: C:\Users\183-k\Desktop\Tracker.lnk → C:\Program Files (x86)\Tracker\Tracker.exe (Open Source Physics (www.opensourcephysics.org))
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk → C:\Users\183-k\Documents ()
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk → C:\Users\183-k\Pictures ()
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk → C:\Windows\explorer.exe,-30
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk → C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk → C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk → C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk → C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk → C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk → C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk → C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\SendTo\Bluetoo th File Transfer.LNK → C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apowersoft Screen Recorder Pro 2.lnk → C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk → C:\Windows\Installer{08CA9554-B5FE-4313-938F-D4A417B81175}\QTPlayer.ico (No File)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink Media Suite.lnk → C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink YouCam 5.lnk → C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video. exe (CyberLink Corp.)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Utility Center.lnk → C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk → C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk → C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk → C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk → C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk → C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\ConnectedSearch\ History\txt_2887653717_en-us.lnk → [LFUI1SPSOh+'-google chrome]
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\WTGames.lnk → Tile and icon assets
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Micros oft.ZuneVideo.lnk → Tile and icon assets
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Micros oft.ZuneMusic.lnk → Tile and icon assets
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Mi crosoft.XboxLIVEGames.lnk → Tile and icon assets
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8 bbwe\App.lnk → Tile and icon assets
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App. lnk → Tile and icon assets
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bb we\Microsoft.WindowsReadingList.lnk → Tile and icon assets
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk → [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calen dardC:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<DTQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\Ca lendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalen dar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\Calendar TinyLogo.pngi1SPS0%G[ICODE]Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File) Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Maild C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMԆi<D*T IModernMail\Res\MailLogo.pngMModernMail\Res\MailBa dge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\M ailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G[/ICODE]Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.People.lnk → [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Peopl edC:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<DTAModernPeople\People.pngMModernPeople\PeopleSmall .pngIModernPeople\PeopleWide.pngG&MModernPeople\Pe opleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G[ICODE]]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File) Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbw e\App.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Ap p.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft .Reader.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\m icrosoft.onenoteim.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8 wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe \MicrosoftMahjong.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\Help AndTips.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App. lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\Appex Travel.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\Appex Sports.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNe ws.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMa ps.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8 bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe \AppexFoodAndDrink.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\Appe xFinance.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\CyberLinkCorp.hs.YouCamforHP_06qsbagp91r vg\App.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\AMZNMobileLLC.KindleforWindows8_stfe6vwa 9jnbp\com.amazon.kindle.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPRegistration_v10z8vjag6ke6\Ap p.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPConnectedPhotopoweredbySnapfi sh_v10z8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.GettingStartedwithWindows8_v10z 8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\AccuWeather.AccuWeatherforWindows8_8zz2p j9h1h1d8\App.lnk -> Tile and icon assets Shortcut: C:\Users\183-k\AppData\Local\Microsoft\Windows\Application Shortcuts\2703103D.McAfeeCentral_4ehj4w4frejdr\McA feeCentral.lnk -> Tile and icon assets Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\MMX200G Netwarrior Manager.lnk -> C:\Program Files\Micromax 200G USB Modem\EdgeModem.exe (Shanghai DS-Mobile Technology Co., Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk -> C:\Program Files (x86)\Adobe\Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connected Music powered by Universal Music Group.lnk -> C:\Program Files (x86)\Connected Music powered by Universal Music Group\Connected Music powered by Universal Music Group.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView\Uninstall WinDjView.lnk -> C:\Program Files\WinDjView\uninstall.exe (Andrew Zhezherun) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView\WinDjView.lnk -> C:\Program Files\WinDjView\WinDjView.exe (Andrew Zhezherun) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vernier Software\Logger Pro 3.6.1.lnk -> C:\Program Files (x86)\Vernier Software\Logger Pro 3\LoggerPro.exe (Vernier Software & Technology) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vernier Software\Logger Pro Quick Reference Manual.lnk -> C:\Program Files (x86)\Vernier Software\Logger Pro 3\QuickReferenceManual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vernier Software\Logger Pro Release Notes.lnk -> C:\Program Files (x86)\Vernier Software\Logger Pro 3\Release Notes.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker\Tracker.lnk -> C:\Program Files (x86)\Tracker\Tracker.exe (Open Source Physics ([www.opensourcephysics.org]('http://www.opensourcephysics.org'))) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker\Uninstall Tracker.lnk -> C:\Program Files (x86)\Tracker\uninstall_Tracker.exe (Open Source Physics) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker\Texmaker.lnk -> C:\Program Files (x86)\Texmaker\texmaker.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\slitherlink\slitherlink.lnk -> C:\Program Files (x86)\slitherlink\SLITHERLINK.EXE (Ihsan) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit\SHAREit.lnk -> C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection\HP SimplePass.lnk -> C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Python (command line).lnk -> C:\Windows\Installer\{79F081BF-7454-43DB-BD8F-9EE596813232}\python_icon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Python Manuals.lnk -> C:\Python27\Doc\python279.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\CyberLink Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2Go8.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Evernote.lnk -> C:\Windows\Installer\{412F6426-A3C7-11E3-8A71-00163E98E7D6}\Evernote.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\HP Utility Center.lnk -> C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe (Hewlett-Packard Development Company, L.P.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\IsoViewer8.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools\Virtual Drive.lnk -> C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk -> C:\Program Files (x86)\Google\Picasa3\Picasa3.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Uninstall.lnk -> C:\Program Files (x86)\Google\Picasa3\Uninstall.exe (Google) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\Beats Audio.lnk -> C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink Media Suite.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PhotoDirector.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector\PhotoDirector3.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos\CyberLink PowerDVD 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micromax 200G USB Modem\MMX200G Netwarrior Manager.lnk -> C:\Program Files\Micromax 200G USB Modem\EdgeModem.exe (Shanghai DS-Mobile Technology Co., Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micromax 200G USB Modem\Uninstall MMX200G Netwarrior Manager.lnk -> C:\Program Files\Micromax 200G USB Modem\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\MathType Help.lnk -> C:\Program Files (x86)\MathType\MT6enu.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\MathType.lnk -> C:\Program Files (x86)\MathType\MathType.exe (Design Science, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardTech\DjVu Solo 3.1.lnk -> C:\Program Files (x86)\LizardTech\DjVu Solo 3.1\DjVuSolo.exe (LizardTech, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\SHAREit.lnk -> C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\End User License Agreement.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\Doc\en\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Kaspersky Total Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (AO Kaspersky Lab) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Visit Kaspersky Lab on the Web.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kl.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\End User License Agreement.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\Doc\en\license.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\My Kaspersky.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\kl.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Users\183-k\Desktop\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -> C:\Users\183-k\Desktop\bin\java.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -> C:\Users\183-k\Desktop\bin\java.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Smart Connect Technology.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTModernUI.exe (Intel Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Documentation.lnk -> C:\Program Files (x86)\Hewlett-Packard\Documentation\NotebookDocs.exe (Hewlett-Packard) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Support Assistant.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (Hewlett-Packard Company) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Manager.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graph\Graph.lnk -> C:\Program Files (x86)\Graph\Graph.exe (Ivan Johansen) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graph\Uninstall.lnk -> C:\Program Files (x86)\Graph\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graph\Examples\target.lnk -> C:\Program Files (x86)\Graph\Examples () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link Connection Manager\D-Link Connection Manager Uninstall .lnk -> C:\Program Files (x86)\D-Link Connection Manager\uninst\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link Connection Manager\D-Link Connection Manager.lnk -> C:\Program Files (x86)\D-Link Connection Manager\WirelessModem.exe (D-Link Corportation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat\CyberLink YouCam 5.lnk -> C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video. exe (CyberLink Corp.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueJ\BlueJ.lnk -> C:\Program Files (x86)\BlueJ\BlueJ.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueJ\View README.lnk -> C:\Program Files (x86)\BlueJ\README.TXT () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Link\BlackBerry Link.lnk -> C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe (Research In Motion) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry Blend\BlackBerry Blend.lnk -> C:\Program Files (x86)\BlackBerry\BlackBerry Blend\Blend.exe (BlackBerry Limited. All rights reserved) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware\BDAntiRansomware.ln k -> C:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRan somware.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Autograph.lnk -> C:\Program Files (x86)\Autograph 3.3\agraph.exe (Eastmond Publishing Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Keyboard.lnk -> C:\Program Files (x86)\Autograph 3.3\Autograph Virtual Keyboard.exe (Eastmond Publishing Ltd.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro.lnk -> C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\Apowersoft Screen Recorder Pro 2\Uninstall Apowersoft Screen Recorder Pro.lnk -> C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Photoshop CS4\Adobe Photoshop CS4.lnk -> C:\Program Files (x86)\Adobe\Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Photoshop CS4\Uninstall Photoshop.lnk -> C:\Program Files (x86)\Adobe\Photoshop CS4\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerSh ell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerSh ell_ISE.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Hewlett-Packard\Recovery\Links\RM.lnk -> C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Documents.lnk -> C:\Users\183-k\Documents () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Pictures.lnk -> C:\Users\183-k\Pictures () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Interne t Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Interne t Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\OneDrive\Google Chrome.lnk -> C:\Users\HP-PC\AppData\Local\Google\Chrome\Application\chrome. exe (No File) Shortcut: C:\Users\HP-PC\OneDrive\Photoshop CS4.lnk -> C:\Program Files (x86)\Adobe\Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\Users\HP-PC\OneDrive\IB\IB - Shortcut.lnk -> C:\Users\HP-PC\OneDrive\IB () Shortcut: C:\Users\HP-PC\OneDrive\BlueJ\Select VM.lnk -> I:\BlueJ\bluej.exe (No File) Shortcut: C:\Users\HP-PC\Links\Desktop.lnk -> C:\Users\HP-PC\Desktop () Shortcut: C:\Users\HP-PC\Links\Downloads.lnk -> C:\Users\HP-PC\Downloads () Shortcut: C:\Users\HP-PC\Links\RecentPlaces.lnk -> L ᐁ À 䘀 耟穭⊇㞡䘚낑�깚馼 ă ꀀv 匱卐뜥䟯ယ怂麌곫- ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder 匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀 ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀 Shortcut: C:\Users\HP-PC\Documents\Corel\CorelDRAW X7 Samples\target.lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\Samples (No File) Shortcut: C:\Users\HP-PC\Documents\Corel\Corel PHOTO-PAINT X7 Samples\target.lnk -> C:\Program Files\Corel\CorelDRAW Graphics Suite X7\PHOTO-PAINT\Samples (No File) Shortcut: C:\Users\HP-PC\Desktop\emacs.exe - Shortcut.lnk -> C:\Users\HP-PC\Desktop\bin\emacs.exe (Free Software Foundation) Shortcut: C:\Users\HP-PC\Desktop\GeoGebra.lnk -> C:\Users\HP-PC\GeoGebra 5.0\GeoGebra.exe () Shortcut: C:\Users\HP-PC\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\HP-PC\Desktop\Photoshop CS4.lnk -> C:\Program Files (x86)\Adobe\Photoshop CS4\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\Users\HP-PC\Desktop\SmartDraw CI.lnk -> C:\SmartDraw CI\SmartDraw.exe (SmartDraw.com) Shortcut: C:\Users\HP-PC\Desktop\Texmaker.lnk -> C:\Program Files (x86)\Texmaker\texmaker.exe () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\HP-PC\Documents () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk -> C:\Users\HP-PC\Downloads () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk -> C:\Users\HP-PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (No File) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\HP-PC\Pictures () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\HP-PC\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (No File) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30 Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Help.lnk -> C:\Windows\HelpPane.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartDraw CI\SmartDraw CI.lnk -> C:\SmartDraw CI\SmartDraw.exe (SmartDraw.com) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartDraw CI\Uninstall SmartDraw CI.lnk -> C:\SmartDraw CI\Uninstall.exe () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RescueTime\RescueTime.lnk -> C:\Users\HP-PC\AppData\Local\RescueTime\RescueTime.exe (RescueTime, Inc.) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RescueTime\Uninstall RescueTime.lnk -> C:\Users\HP-PC\AppData\Local\RescueTime\unins000.exe () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\DVI Previewer (Yap).lnk -> C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex\bin\yap.exe (MiKTeX.org) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\TeXworks.lnk -> C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex\bin\miktex-texworks.exe (TeX Users Group) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\Maintenance\MiKTeX Package Manager.lnk -> C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex\bin\mpm_mfc.exe (MiKTeX.org) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\Maintenance\MiKTeX Settings.lnk -> C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex\bin\mo.exe (MiKTeX.org) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\Help\MiKTeX FAQ.lnk -> C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\doc\miktex\faq.chm () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\Help\MiKTeX Manual.lnk -> C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\doc\miktex\miktex.chm () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gnu Emacs\Emacs.lnk -> C:\Users\HP-PC\Desktop\bin\runemacs.exe (Free Software Foundation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 5\GeoGebra Forum.lnk -> C:\Users\HP-PC\GeoGebra 5.0\forum.ico () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 5\GeoGebra.lnk -> C:\Users\HP-PC\GeoGebra 5.0\GeoGebra.exe () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoGebra 5\GeoGebraTube.lnk -> C:\Users\HP-PC\GeoGebra 5.0\GeoGebra.exe () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\SendTo\Blueto oth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\SendTo\Skype. lnk -> [] Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GeoGebra.lnk -> C:\Users\HP-PC\GeoGebra 5.0\GeoGebra.exe () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MMX200G Netwarrior Manager.lnk -> C:\Program Files\Micromax 200G USB Modem\EdgeModem.exe (Shanghai DS-Mobile Technology Co., Ltd.) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink Media Suite.lnk -> C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\set_127180276_en-us.lnk -> C:\Windows\System32\powercpl.dll,- (No File) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\set_1281075515_en-us.lnk -> [LF5#1SPS՜.+,7AutoListBprop4294967295N8ᭊN{x^aMh 2item1IkLICSettings9$AutolistCacheTime"p5G"Autolis tCacheKeySettings0tY^Hg3(gs3EJ.* 1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{B725F130-47EF-101A-A5F1-02608C9EEBAC},101SPS_ǵZeMJuEg$<ISettingsPageRestor eRestoreC1SPSU(Ly9K-1SPStk\;Co,oud1AAA_SettingsPageRestoreRestore.sett ingcontent-msU1SPS<I]@;l9d.settingcontent-ms-1SPSoOM'rT<1SPSjc(=O]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrol panel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms9.settingcontent-msy f^aMh 2PJ 0UCEJQ1SPSOh+'5Recovery optionsy1SPSLX㈷ZJ ZDɬ]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrol panel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms1SPSjc(=O9.settingcontent-ms]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrol panel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-msw1SPS0%G[/ICODE] 5Recovery options@X1SPStk;Co,oud1AAA_SettingsPageRestoreRest ore.settingcontent-ms1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{B725F130-47EF-101A-A5F1-02608C9EEBAC},10U1SPS<I]@;l9d.settingcontent-mse1SPS_ǵZeMJuEg$<ISettingsPageRestoreRestore1SPS@ >+lG7*"]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrol panel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-msu1{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}.Merge Any1SPSOh+'5Recovery options)1SPSMԆi<DT)1SPSZAZHY$dy1SPSLX㈷ZJ ZDɬ]C:\Users\HP-PC\AppData\Local\Packages\windows.immersivecontrol panel_cw5n1h2txyewy\LocalState\Indexed\Settings\en-US\AAA_SettingsPageRestoreRestore.settingcontent-ms-1SPS[l#J[ICODE]'Hdw1SPS0%G[/ICODE] @X5Recovery options)1SPS՜.+,)1SPSmDpHH@.=xd]Q1SPSOh+'5Recovery options] (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\set_2747713814_en-us.lnk → C:\Windows\System32\usercpl.dll,- (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\set_3839032144_en-us.lnk → C:\Program Files\Windows Photo Viewer\ImagingDevices.ex (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_1015024219_en-US.lnk → [LFv91SPSOh+‘excel11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_1183248969_en-US.lnk → [LFv91SPSOh+‘alarm11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_120266139_en-US.lnk → [LFz=1SPSOh+’!remotee11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_1206239935_en-US.lnk → [LF~A1SPSOh+’%tangled 11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_1392105405_en-US.lnk → [LFQ1SPSOh+‘5carnival of rust11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_1696151812_en-us.lnk → [LFui1SPSOh+‘Mmozila firefox for windows10]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_1887427488_en-US.lnk → [LFz=1SPSOh+’!alarm\11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_1962188641_en-US.lnk → [LF~A1SPSOh+’%ms excel11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2063909742_en-US.lnk → [LFU1SPSOh+‘920160129_000859.mp411SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2093339993_en-US.lnk → 䰀 ĔȀ 쀀 F耀 Ā 蘀 ऀ 䤀 ㅓ偓鿲累栐ꮑࠀ⬧동ⴀ Ȁ
presentation 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2103604894_en-us.lnk → [LFYM1SPSOh+‘1shareit for pc]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2119866019_en-US.lnk → 䰀 ĔȀ 쀀 F耀 Ā 蘀 ऀ 䤀 ㅓ偓鿲累栐ꮑࠀ⬧동ⴀ Ȁ
power point 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2156594143_en-US.lnk → [LFz91SPSOh+‘music51SPSxgHyoLMSYC{“sizethreshold”:0 ,“web”:[{“CONST”:-4.31906021998125}],“apps”:[{“CONST”:1.2617519150092}],“documents”:[{“CONST”:-5.89852532558034}],“settings”:[{“CONST”:-3.80882103637851}],“music”:[{“CONST”:-5.89852532558034}],“photosandvideos”:[{“CONST”:-5.89852532558034}]}]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2162106366_en-US.lnk → [LFz=1SPSOh+’!winodws11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2162192705_en-US.lnk → [LFE1SPSOh+’)calculator11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2182816586_en-us.lnk → [LF1SPSOh+‘m-refresh your pc without affecting your files]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2215909045_en-US.lnk → [LFz=1SPSOh+’!mozart11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_238769243_en-US.lnk → [LFn91SPSOh+‘scan)1SPSxgHyoLMSYC{“sizethreshold”:0, “web”:[{“CONST”:-5.1767731116811}],“apps”:[{“CONST”:1.5268312192265}],“documents”:[{“CONST”:-6.390055423231}],“settings”:[{“CONST”:-3.87001062269025}],“music”:[{“CONST”:-6.390055423231}],“photosandvideos”:[{“CONST”:-6.390055423231}]}]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2436336599_en-US.lnk → 䰀 ĔȀ 쀀 F耀 Ā 縀 ऀ 䄀 ㅓ偓鿲累栐ꮑࠀ⬧동─ Ȁ
bob dylan 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2442881322_en-US.lnk → [LFv91SPSOh+‘porn11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2518791047_en-us.lnk → [LF]Q1SPSOh+‘5sardonic meaning]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2528231669_en-US.lnk → [LFr51SPSOh+‘tex11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2605017154_en-US.lnk → [LFE1SPSOh+’)Enregireur11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2674333138_en-US.lnk → 䰀 ĔȀ 쀀 F耀 Ā 縀 ऀ 䄀 ㅓ偓鿲累栐ꮑࠀ⬧동─ Ȁ
Math type 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2699513497_en-US.lnk → [LFv91SPSOh+‘alram11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_272427308_en-US.lnk → [LF~A1SPSOh+’%calendar11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2725192642_en-US.lnk → [LFz=1SPSOh+’!Blue J 11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_2845497818_en-us.lnk → [LFE91SPSOh+‘timer]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_316792907_en-US.lnk → [LFE1SPSOh+’)excel 200791SPSxgHyoLMSYC{“sizethreshold”:0,“web”:[{“CONST”:-5.00553114321913}],“apps”:[{“CONST”:1.78564421269734}],“documents”:[{“CONST”:-5.76232324075869}],“settings”:[{“CONST”:-6.89696900323513}],“music”:[{“CONST”:-5.76232324075869}],“photosandvideos”:[{“CONST”:-5.76232324075869}]}]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_3251757085_en-US.lnk → [LF~A1SPSOh+’%NetBeans11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_3485646781_en-US.lnk → [LF=1SPSOh+’!excell91SPSxgHyoLMSYC{“sizethreshold”: 0,“web”:[{“CONST”:-6.57336448547889}],“apps”:[{“CONST”:1.45025307071645}],“documents”:[{“CONST”:-6.36857180398437}],“settings”:[{“CONST”:-5.69999239133667}],“music”:[{“CONST”:-6.36857180398437}],“photosandvideos”:[{“CONST”:-6.36857180398437}]}]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_3759340646_en-US.lnk → [LFv91SPSOh+‘calc711SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_3778180037_en-US.lnk → [LFI1SPSOh+’-question bank11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_3805675896_en-US.lnk → [LFz=1SPSOh+’!mozila11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_3976905414_en-US.lnk → [LFz91SPSOh+‘Skype51SPSxgHyoLMSYC{“sizethreshold”:0 ,“web”:[{“CONST”:-3.70073859759537}],“apps”:[{“CONST”:1.6332424904863}],“documents”:[{“CONST”:-6.01491885373174}],“settings”:[{“CONST”:-3.44954544173443}],“music”:[{“CONST”:-6.01491885373174}],“photosandvideos”:[{“CONST”:-6.01491885373174}]}]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_4140679254_en-US.lnk → [LF~91SPSOh+‘paint91SPSxgHyoLMSYC{“sizethreshold”:0 ,“web”:[{“CONST”:-4.04523862668508}],“apps”:[{“CONST”:1.37874305443143}],“documents”:[{“CONST”:-4.73577546054191}],“settings”:[{“CONST”:-6.09097503030658}],“music”:[{“CONST”:-4.73577546054191}],“photosandvideos”:[{“CONST”:-4.73577546054191}]}]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_694752729_en-US.lnk → [LFE1SPSOh+’)Apowersoft11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_787502102_en-US.lnk → [LFz=1SPSOh+’!shareit11SPSxgHyoLMSYC]
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\ConnectedSearch \History\txt_989337498_en-US.lnk → 䰀 ĔȀ 쀀 F耀 Ā 縀 ऀ 䄀 ㅓ偓鿲累栐ꮑࠀ⬧동─ Ȁ
Mathtype 1 1卐卸杈祯䳞䶼反奃ᆯ餕 ἀ Ā
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\WTGames.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Micros oft.ZuneVideo.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Micros oft.ZuneMusic.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Mi crosoft.XboxLIVEGames.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8 bbwe\App.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App. lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bb we\Microsoft.WindowsReadingList.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk → [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calen dardC:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<DTQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\Ca lendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalen dar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\Calendar TinyLogo.pngi1SPS0%G[ICODE]Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Maild C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMԆi<D*T IModernMail\Res\MailLogo.pngMModernMail\Res\MailBa dge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\M ailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G[/ICODE]Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.People.lnk → [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Peopl edC:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<DTAModernPeople\People.pngMModernPeople\PeopleSmall .pngIModernPeople\PeopleWide.pngG&MModernPeople\Pe opleLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G[ICODE]]%ms-resource:///strings/peopleAppName1SPS}@H1e*ms-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File) Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbw e\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Ap p.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft .Reader.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\m icrosoft.onenoteim.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8 wekyb3d8bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe \MicrosoftMahjong.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\Help AndTips.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App. lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\Appex Travel.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\Appex Sports.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNe ws.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMa ps.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8 bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe \AppexFoodAndDrink.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\Appe xFinance.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Hungama.HPConnectedMusicRadioVideosMore_ k02ve6vgx57v0\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\Dictionary.com.Dictionary.comDictionaryT hesaurus_shfacqytt2kyw\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\CyberLinkCorp.hs.YouCamforHP_06qsbagp91r vg\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\AMZNMobileLLC.KindleforWindows8_stfe6vwa 9jnbp\com.amazon.kindle.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPScanandCapture_v10z8vjag6ke6\ App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPRegistration_v10z8vjag6ke6\Ap p.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.HPConnectedPhotopoweredbySnapfi sh_v10z8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\AD2F1837.GettingStartedwithWindows8_v10z 8vjag6ke6\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\AccuWeather.AccuWeatherforWindows8_8zz2p j9h1h1d8\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\64377App-UpSolutions.Quiz-upMath_fm1gz6m0sqz8y\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\62936MohammedEmam.PhysicsNerds_3tjk9p8c8 h3aw\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\5876MaartenvanDuren.PhysicsFormulas_3h8n gb30ggqkp\App.lnk -> Tile and icon assets Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\57405F7AB8904.MathLogicalTest_b55ywndse5 f8y\App.lnk -> [LFKY1SPSU(Ly9K-i,57405F7AB8904.MathLogicalTest_b55ywndse5f8y=5740 5F7AB8904.MathLogicalTest_1.0.0.0_neutral__b55ywnd se5f8yq057405F7AB8904.MathLogicalTest_b55ywndse5f8 y!AppZC:\Program Files\WindowsApps\57405F7AB8904.MathLogicalTest_1. 0.0.0_neutral__b55ywndse5f8y+1SPSMԆi<D*T1Assets\Lo go.jpg=Assets\SmallLogo.jpg9Assets\WideLogo.jpgFFF 5Math Logical TestQ1SPS0%G[/ICODE]5Math Logical Test-1SPSwlE[([8װ=1SPSOYMGm!Hsn Ch.] (No File)
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\55258Amrhamdylabib.MathPlotter_yzkcnsz9g jfcw\App.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\384E7E29.SATVocab_w5jxby373jwte\App.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\34005SonikaManandharMICNe.PhysicsQuiz_z3 kw18dn15fhm\App.lnk → Tile and icon assets
Shortcut: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\Application Shortcuts\2703103D.McAfeeCentral_4ehj4w4frejdr\McA feeCentral.lnk → Tile and icon assets
Shortcut: C:\Users\Public\Desktop\Adobe Reader XI.lnk → C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\Apowersoft Screen Recorder Pro.lnk → C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft)
Shortcut: C:\Users\Public\Desktop\Autograph 3.3.lnk → C:\Program Files (x86)\Autograph 3.3\agraph.exe (Eastmond Publishing Ltd.)
Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk → C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
Shortcut: C:\Users\Public\Desktop\BlackBerry Blend.lnk → C:\Program Files (x86)\BlackBerry\BlackBerry Blend\Blend.exe (BlackBerry Limited. All rights reserved)
Shortcut: C:\Users\Public\Desktop\BlackBerry Link.lnk → C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe (Research In Motion)
Shortcut: C:\Users\Public\Desktop\BlueJ.lnk → C:\Program Files (x86)\BlueJ\BlueJ.exe ()
Shortcut: C:\Users\Public\Desktop\Connected Music powered by Universal Music Group.lnk → C:\Program Files (x86)\Connected Music powered by Universal Music Group\Connected Music powered by Universal Music Group.exe ()
Shortcut: C:\Users\Public\Desktop\Connected Photo.lnk → C:\SYSTEM.SAV\Util\HPCPDesktopIcon.exe ()
Shortcut: C:\Users\Public\Desktop\D-Link Connection Manager.lnk → C:\Program Files (x86)\D-Link Connection Manager\WirelessModem.exe (D-Link Corportation)
Shortcut: C:\Users\Public\Desktop\Evernote.lnk → C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Kaspersky Total Security.lnk → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (AO Kaspersky Lab)
Shortcut: C:\Users\Public\Desktop\Logger Pro 3.6.1.lnk → C:\Program Files (x86)\Vernier Software\Logger Pro 3\LoggerPro.exe (Vernier Software & Technology)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk → C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\SHAREit.lnk → C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd)
Shortcut: C:\Users\Public\Desktop\Skype.lnk → C:\Windows\Installer{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe ()
Shortcut: C:\Users\shrey\Links\Desktop.lnk → C:\Users\shrey\Desktop ()
Shortcut: C:\Users\shrey\Links\Downloads.lnk → C:\Users\shrey\Downloads ()
Shortcut: C:\Users\shrey\Links\RecentPlaces.lnk → L ᐁ À 䘀 耟穭⊇㞡䘚낑�깚馼 ă ꀀv 匱卐뜥䟯ယ怂麌곫-
ἀ ฀ 刀攀挀攀渀琀 瀀氀愀挀攀猀 ⴀ Ѐ System Folder 匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀 ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀
Shortcut: C:\Users\shrey\Desktop\Texmaker.lnk → C:\Program Files (x86)\Texmaker\texmaker.exe ()
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Documents.lnk → C:\Users\shrey\Documents ()
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Internet Explorer.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Pictures.lnk → C:\Users\shrey\Pictures ()
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools\Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools\computer.lnk → C:\Windows\explorer.exe,-30
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools\Control Panel.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools\File Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools\Help.lnk → C:\Windows\HelpPane.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools\Run.lnk → C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\System Tools\Windows.Defender.lnk → C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories\Notepad.lnk → C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessibility\Magnify.lnk → C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessibility\Narrator.lnk → C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessibility\On-Screen Keyboard.lnk → C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S endTo\Bluetooth File Transfer.LNK → C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk → C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink Media Suite.lnk → C:\Program Files (x86)\CyberLink\Media Suite\PS.exe (CyberLink Corp.)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink YouCam 5.lnk → C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video. exe (CyberLink Corp.)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Utility Center.lnk → C:\Program Files\Hewlett-Packard\HP Utility Center\HPUC.exe (Hewlett-Packard Development Company, L.P.)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk → C:\Windows\Installer{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\01 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\01a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\02 - Command Prompt.lnk → C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\02a - Windows PowerShell.lnk → C:\Windows\System32\WindowsPowerShell\v1.0\powersh ell.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\03 - Computer Management.lnk → C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\04 - Disk Management.lnk → C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\07 - Event Viewer.lnk → C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\09 - Mobility Center.lnk → C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group2\4 - Control Panel.lnk → C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Con nectedSearch\History\set_1076774695_en-us.lnk → [LF5#1SPS՜.+,7AutoListBprop4294967295N8ᭊN{x^aMh 2item1IkLICSettings9$AutolistCacheTime\iG"Autolist CacheKeySettings0tY^Hg3(gs3EJ. F1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{F29F85E0-4FF9-1068-AB91-08002B27B3D9},24*{B725F130-47EF-101A-A5F1-02608C9EEBAC},101SPS_ǵZeMJuEg$<MSettingsPagePCSyst emBluetoothC1SPSU(Ly9K-1SPStk;Co,oyd4AAA_SettingsPagePCSystemBluetooth.se ttingcontent-msU1SPS<I]@;l9d.settingcontent-ms-1SPSoOM’rTL1SPSjc(=OaC:\Users\shrey\AppData\Local\ Packages\windows.immersivecontrolpanel_cw5n1h2txye wy\LocalState\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingconten t-ms9.settingcontent-ms q^aMh 2[U
;UCEJ1SPSOh+'9Bluetooth settingsYadd addsbluetoothdevice devicesdisable disablesenable enablespair pairs print printer printers printingremove removessmartunpairaudiodiscover discoverskeyboard keyboardsMouse micephone phonesradio radiosspeaker speakerswireless-find finds}1SPSLX㈷ZJ ZDɬaC:\Users\shrey\AppData\Local\Packages\windows. immersivecontrolpanel_cw5n1h2txyewy\LocalState\Ind exed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingconten t-ms1SPSjc(=O9.settingcontent-msaC:\Users\shrey\AppData\Local\Packages\windows.i mmersivecontrolpanel_cw5n1h2txyewy\LocalState\Inde xed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingconten t-ms{1SPS0%G[ICODE]9Bluetooth settings @X1SPStk\;Co,oyd4AAA_SettingsPagePCSystemBluetooth .settingcontent-msF1SPSiI~+.{F29F85E0-4FF9-1068-AB91-08002B27B3D9},6*{F29F85E0-4FF9-1068-AB91-08002B27B3D9},24*{B725F130-47EF-101A-A5F1-02608C9EEBAC},10U1SPS<I]@;l9d.settingcontent-msi1SPS_ǵZeMJuEg$<MSettingsPagePCSystemBluetooth1S PS@>+lG7*"aC:\Users\shrey\AppData\Local\Packages\w indows.immersivecontrolpanel_cw5n1h2txyewy\LocalSt ate\Indexed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingconten t-msu1{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}.Merge Any1SPSOh+'Yadd addsbluetoothdevice devicesdisable disablesenable enablespair pairs print printer printers printingremove removessmartunpairaudiodiscover discoverskeyboard keyboardsMouse micephone phonesradio radiosspeaker speakerswireless9Bluetooth settings-find finds)1SPSMԆi<D*T)1SPSZAZHY$d}1SPSLX㈷ZJ ZDɬaC:\Users\shrey\AppData\Local\Packages\windows. immersivecontrolpanel_cw5n1h2txyewy\LocalState\Ind exed\Settings\en-US\AAA_SettingsPagePCSystemBluetooth.settingconten t-ms-1SPS[l#J[/ICODE]’Hd{1SPS0%G[ICODE] @X9Bluetooth settings)1SPS՜.+,)1SPSmDpHH@.=xdaU1SPSOh+'9Bluetoo th settings] (No File) Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Con nectedSearch\History\set_3054665329_en-us.lnk -> C:\Windows\system32\rundll32.exe shell32.dll,Control_RunDLL bthprops.cpl,, (No File) Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Con nectedSearch\History\txt_1129765807_en-US.lnk -> [LFz=1SPSOh+'!chrome11SPSxgHyoLMSYC] Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Con nectedSearch\History\txt_377930388_en-US.lnk -> [LF~A1SPSOh+'%enternet11SPSxgHyoLMSYC] Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\Con nectedSearch\History\txt_4064715396_en-US.lnk -> [LFv91SPSOh+'crome11SPSxgHyoLMSYC] Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\WTGames.lnk -> Tile and icon assets Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Micros oft.ZuneVideo.lnk -> Tile and icon assets Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Micros oft.ZuneMusic.lnk -> Tile and icon assets Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Mi crosoft.XboxLIVEGames.lnk -> Tile and icon assets Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8 bbwe\App.lnk -> Tile and icon assets Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App. lnk -> Tile and icon assets Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bb we\Microsoft.WindowsReadingList.lnk -> Tile and icon assets Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> [LFz1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweQmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calen dardC:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TQ ModernCalendar\CalendarLogo.pngU!ModernCalendar\Ca lendarBadge.png]%ModernCalendar\CalendarSmallLogo.pngY$ModernCalen dar\CalendarWideLogo.pngQ3]%ModernCalendar\CalendarLargeLogo.pngMms-resource:calendarAppTitleY$ModernCalendar\Calendar TinyLogo.pngi1SPS0%G[/ICODE]Mms-resource:calendarAppTitle-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.Mail.lnk → [LF1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweMmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Maild C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwev1SPSMԆi<DTIModernMail\Res\MailLogo.pngMModernMail\Res\MailB adge.pngU!ModernMail\Res\MailSmallLogo.pngQ ModernMail\Res\MailWideLogo.pngrU!ModernMail\Res\M ailLargeLogo.pngEms-resource:mailAppTitleQ ModernMail\Res\MailTinyLogo.pnga1SPS0%G[ICODE]Ems-resource:mailAppTitleq1SPS}@H1U!ms-resource:mailShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File) Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\microsoft.windowscommunicationsapps_8wek yb3d8bbwe\Microsoft.WindowsLive.People.lnk -> [LFr1SPSU(Ly9K-u2microsoft.windowscommunicationsapps_8wekyb3d8bbw eGmicrosoft.windowscommunicationsapps_17.5.9600.20 911_x64__8wekyb3d8bbweOmicrosoft.windowscommunicat ionsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Peopl edC:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_17.5.9600.20911_x64__8wekyb3d8bbwe1SPSMԆi<D*TA ModernPeople\People.pngMModernPeople\PeopleSmall.p ngIModernPeople\PeopleWide.pngG&MModernPeople\Peop leLarge.png]%ms-resource:///strings/peopleAppNameIModernPeople\PeopleTiny.pngy1SPS0%G[/ICODE]]%ms-resource:///strings/peopleAppName1SPS}@H1ems-resource:///strings/raShareDescription-1SPSwlE[([8װY1SPSOYMGm=Microsoft Corporation] (No File)
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbw e\App.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\Ap p.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft .Reader.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\m icrosoft.onenoteim.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.MicrosoftSolitaireCollection_8 wekyb3d8bbwe\App.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe \MicrosoftMahjong.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\Help AndTips.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App. lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\Appex Travel.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\Appex Sports.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNe ws.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMa ps.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8 bbwe\AppexHealthAndFitness.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe \AppexFoodAndDrink.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\Appe xFinance.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\CyberLinkCorp.hs.YouCamforHP_06qsbagp91r vg\App.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\AMZNMobileLLC.KindleforWindows8_stfe6vwa 9jnbp\com.amazon.kindle.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\AD2F1837.HPRegistration_v10z8vjag6ke6\Ap p.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\AD2F1837.HPConnectedPhotopoweredbySnapfi sh_v10z8vjag6ke6\App.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\AD2F1837.GettingStartedwithWindows8_v10z 8vjag6ke6\App.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\AccuWeather.AccuWeatherforWindows8_8zz2p j9h1h1d8\App.lnk → Tile and icon assets
Shortcut: C:\Users\shrey\AppData\Local\Microsoft\Windows\App lication Shortcuts\2703103D.McAfeeCentral_4ehj4w4frejdr\McA feeCentral.lnk → Tile and icon assets

ShortcutWithArgument: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk → C:\Windows\System32\WFS.exe (Microsoft Corporation) → /SendTo
ShortcutWithArgument: C:\Users\183-k\AppData\Roaming\Microsoft\Windows\SendTo\Skype.l nk → C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) → /sendto:
ShortcutWithArgument: C:\Users\183-k\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk → C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) → /OPEN"menu"
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.System
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk → C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) → /0
ShortcutWithArgument: C:\Users\183-k\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\VIDLE for VPython.lnk → C:\Python27\pythonw.exe () → C:\Python27\Lib\site-packages\vidle\idle.py
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk → C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE (Microsoft Corporation) → /OEM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk → C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) → /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk → C:\Windows\System32\rundll32.exe (Microsoft Corporation) → -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk → C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) → /OPEN"menu"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk → C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) → /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\IDLE (Python GUI).lnk → C:\Windows\Installer{79F081BF-7454-43DB-BD8F-9EE596813232}\python_icon.exe () → “C:\Python27\Lib\idlelib\idle.pyw”
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Module Docs.lnk → C:\Windows\Installer{79F081BF-7454-43DB-BD8F-9EE596813232}\python_icon.exe () → “C:\Python27\Tools\scripts\pydocgui.pyw”
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7\Uninstall Python.lnk → C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) → /x{79F081BF-7454-43DB-BD8F-9EE596813232}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Configure Picasa Photo Viewer.lnk → C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe (Google Inc.) → /reconfig
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk → C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) →
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk → C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) →
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\Equation Conversion Manager.lnk → C:\Program Files (x86)\MathType\Setup.exe (Design Science, Inc.) → -OLEMGR
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\MathType Server.lnk → C:\Program Files (x86)\MathType\MathType.exe (Design Science, Inc.) → -server
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 6\Remove MathType.lnk → C:\Program Files (x86)\MathType\Setup.exe (Design Science, Inc.) → -R
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Remove Kaspersky Total Security.lnk → C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) → /i{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Kaspersky Secure Connection.lnk → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (AO Kaspersky Lab) → -navigate ksde://mainwindow
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Remove Kaspersky Secure Connection.lnk → C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) → /i{1CF84962-50F8-48CA-9082-B70F3A02C686} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk → C:\Users\183-k\Desktop\bin\javacpl.exe (Oracle Corporation) → -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk → C:\Users\183-k\Desktop\bin\javacpl.exe (Oracle Corporation) → -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IB Questionbank\Questionbank Maths HL.lnk → C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () → IB_MH
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IB Questionbank\Questionbank Physics.lnk → C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () → IB_PH
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support\HP Recovery Manager\HP Recovery Media Creation.lnk → C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) → \CRM
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueJ\Select BlueJ VM.lnk → C:\Program Files (x86)\BlueJ\BlueJ.exe () → /select
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Help.lnk → C:\Program Files (x86)\Autograph 3.3\LocalisedLauncher.exe (Eastmond Publishing Ltd.(UK)) → WebHelp\Autograph_Help.htm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autograph 3.3\Manual.lnk → C:\Program Files (x86)\Autograph 3.3\LocalisedLauncher.exe (Eastmond Publishing Ltd.(UK)) → Autograph Manual.pdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk → C:\Windows\System32\compmgmt.msc () → /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk → C:\Windows\System32\eventvwr.msc () → /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk → C:\Windows\System32\perfmon.msc () → /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk → C:\Windows\System32\perfmon.exe (Microsoft Corporation) → /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk → C:\Windows\System32\taskschd.msc () → /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk → C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) → /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk → C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) → -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer{d58e ecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk → C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) → /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer{b0e4 3195-dbe0-4647-8e23-84fc3b08cee9}\PlayTasks\0\web.lnk → C:\Program Files (x86)\WildTangent Games\Web Link - Dragons Of Atlantis\launcher.exe (WildTangent) → /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer{977b 5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk → C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\provider.exe (WildTangent) → /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer{7e00 8ca2-08ab-4789-af23-36da87658f74}\PlayTasks\0\web.lnk → C:\Program Files (x86)\WildTangent Games\Web Link - DoubleDown Casino\launcher.exe (WildTangent) → /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer{3eda 1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk → C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) → /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer{2635 2374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk → C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) → /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer{000d 96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk → C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) → /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Apps.lnk → C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) → \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\BTR.lnk → C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) → \BTR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\Driver.lnk → C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) → \SWR
ShortcutWithArgument: C:\ProgramData\Hewlett-Packard\Recovery\Links\RMC.lnk → C:\Program Files (x86)\Hewlett-Packard\HP Recovery Manager\rebecca.exe (Hewlett-Packard Development Company, L.P.) → \CRM
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows \SendTo\Fax Recipient.lnk → C:\Windows\System32\WFS.exe (Microsoft Corporation) → /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\04-1 - Network Connections.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\05 - Device Manager.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\06 - System.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\08 - Power Options.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group3\10 - Programs and Features.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group2\1 - Run.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group2\2 - Search.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group2\3 - Windows Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group2\5 - Task Manager.lnk → C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) → /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\W inX\Group1\1 - Desktop.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Chemistry.lnk → C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () → IB_CH
ShortcutWithArgument: C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Maths HL.lnk → C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () → IB_MH
ShortcutWithArgument: C:\Users\HP-PC\OneDrive\IB Question Banks\Questionbank Physics.lnk → C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () → IB_PH
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey (2).lnk → C:\Program Files (x86)\SMLNJ\bin.run\run.x86-win32.exe () → “@SMLload=C:\Program Files (x86)\SMLNJ\bin.heap\sml”
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SML of New Jersey.lnk → C:\Program Files (x86)\SMLNJ\bin.run\run.x86-win32.exe () → “@SMLload=C:\Program Files (x86)\SMLNJ\bin.heap\sml”
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk → C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) → /tsr
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk → C:\Users\HP-PC\AppData\Local\RescueTime\RescueTime.exe (RescueTime, Inc.) →
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\Maintenance\MiKTeX Update.lnk → C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex\bin\internal\copystart.exe () → “C:\Users\HP-PC\AppData\Local\Programs\MiKTeX 2.9\miktex/bin/internal\miktex-update.exe”
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Multi messenger.lnk → C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) →
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk → C:\Windows\System32\WFS.exe (Microsoft Corporation) → /SendTo
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk → C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) →
ShortcutWithArgument: C:\Users\HP-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk → C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) → /prefetch:1
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.System
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk → C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) → /0
ShortcutWithArgument: C:\Users\HP-PC\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (AO Kaspersky Lab) → -navigate ksde://mainwindow
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk → C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) →
ShortcutWithArgument: C:\Users\Public\Desktop\Questionbank Maths HL.lnk → C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () → IB_MH
ShortcutWithArgument: C:\Users\Public\Desktop\Questionbank Physics.lnk → C:\Program Files (x86)\IB Questionbank32\IB Questionbank32.exe () → IB_PH
ShortcutWithArgument: C:\Users\Public\Desktop\Safe Money.lnk → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (AO Kaspersky Lab) → -safebanking
ShortcutWithArgument: C:\Users\Public\Desktop\VIDLE for VPython.lnk → C:\Python27\pythonw.exe () → C:\Python27\Lib\site-packages\vidle\idle.py
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\FarmVille 2.lnk → C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) → /OPEN"34e8f5c0c9e5744bf2cdb514283762dd0524776b"
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\PC App Store.lnk → C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) → /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Start Menu.lnk → C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) → /OPEN"menu"
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S endTo\Fax Recipient.lnk → C:\Windows\System32\WFS.exe (Microsoft Corporation) → /SendTo
ShortcutWithArgument: C:\Users\shrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk → C:\Users\shrey\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) → /OPEN"menu"
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\04-1 - Network Connections.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\05 - Device Manager.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\06 - System.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.System
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\08 - Power Options.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group3\10 - Programs and Features.lnk → C:\Windows\System32\control.exe (Microsoft Corporation) → /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group2\1 - Run.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group2\2 - Search.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group2\3 - Windows Explorer.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group2\5 - Task Manager.lnk → C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) → /0
ShortcutWithArgument: C:\Users\shrey\AppData\Local\Microsoft\Windows\Win X\Group1\1 - Desktop.lnk → C:\Windows\explorer.exe (Microsoft Corporation) → shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}

InternetURL: C:\Users\183-k\Favorites\HP\WildTangent Games for HP.url → URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=en _in&bd=all&c=143
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView\WinDjView Website.url → URL: hxxp://windjview.sourceforge.net
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro on the Web.url → URL: hxxp://www.apowersoft.com/screen-recorder.html
InternetURL: C:\Users\Default\Favorites\HP\WildTangent Games for HP.url → URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=en _in&bd=all&c=143
InternetURL: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\MiKTeX on the Web\Give back.url → URL: hxxp://miktex.org/giveback
InternetURL: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\MiKTeX on the Web\Known Issues.url → URL: hxxp://miktex.org/2.9/issues
InternetURL: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\MiKTeX on the Web\MiKTeX Project Page.url → URL: hxxp://miktex.org/
InternetURL: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9\MiKTeX on the Web\MiKTeX Support.url → URL: hxxp://miktex.org/support
InternetURL: C:\Users\shrey\Favorites\Bing.url → URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\shrey\Favorites\HP\WildTangent Games for HP.url → URL: hxxp://redirect.hp.com/svs/rdr?TYPE=4&tp=iefavs&s=myhpgames&pf=cnnb&locale=en _in&bd=all&c=143

==================== End of Shortcut.txt =============================

mail : Support Form | Contact • Adlice Software
Feedback : https://forum.adlice.com
Website : Free Virus Cleaner | RogueKiller AntiMalware • Adlice Software
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9600) 64 bits version
Started in : Normal mode
User : 183-k [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete – Date : 03/19/2017 14:03:04 (Duration : 00:34:54)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software{E6276374-DE18-4AA5-A365-9016A2F98A2D} → Deleted
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\SweetLabs App Platform → Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\SweetLabs App Platform → Deleted
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\Uni nstall\SweetLabs_AP → Deleted
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\Uni nstall\SweetLabs_Start_Menu → Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\Uni nstall\SweetLabs_AP → Deleted
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\Uni nstall\SweetLabs_Start_Menu → Deleted
[VT.Unknown] (X64) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1001\Software\Microsoft\Windows\CurrentVersion\Run | AZ3Tq5k16l3MBynp : “C:\Users\HP-PC\AppData\Roaming\AZ3Tq5k16l3MBynp.hta” [-] → Deleted
[Suspicious.Path|PUP.Gen0|PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Microsoft\Windows\CurrentVersion\Run | Pokki : C:\Windows\system32\rundll32.exe “%LOCALAPPDATA%\Pokki\Engine\Launcher.dll”,RunLaun chPlatform → Deleted
[Suspicious.Path|PUP.Gen0|PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Microsoft\Windows\CurrentVersion\Run | Pokki : C:\Windows\system32\rundll32.exe “%LOCALAPPDATA%\Pokki\Engine\Launcher.dll”,RunLaun chPlatform → ERROR [2]

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path|PUP.Gen1] \SweetLabs App Platform – %LOCALAPPDATA%\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (/LOGON) → Deleted

¤¤¤ Files : 3 ¤¤¤
[PUP.Gen0|PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk [LNK@] C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe /OPEN"f22abfeae27a67446927d078890381efc546d3e1" → Deleted
[PUP.Gen0|PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk [LNK@] C:\Users\183-k\AppData\Local\Pokki\Engine\HostAppService.exe /OPEN"menu" → Deleted
[PUP.Gen3][File] C:\Users\183-k\AppData\Roaming\Mozilla\Firefox\Profiles\yt5wm08 v.default\searchplugins\bingp.xml → Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: HGST HTS541010A9E680 +++++
— User —
[MBR] e085f87a50f0139ec871ecbb51105324
[BSP] cead236acea90491462f8973d045724b : Empty MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 650 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1333248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1865728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2127872 | Size: 466630 MB
4 - Basic data partition | Offset (sectors): 957786112 | Size: 465504 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 1911140352 | Size: 20690 MB
User = LL1 … OK
User = LL2 … OK

Version: 8.1.2 (03.10.2017)
Operating System: Windows 8.1 Single Language x64
Ran by 183-k (Administrator) on 19-03-2017 at 14:51:01.77
Scan was completed on 19-03-2017 at 14:53:10.06
End of JRT log

[HEADING=1]Updated on 28/02/2017 by Malwarebytes[/HEADING]
[HEADING=1]Database : 2017-03-18.1 [Server][/HEADING]
[HEADING=1]Operating System : Windows 8.1 Single Language (X64)[/HEADING]
[HEADING=1]Username : 183-k - HP[/HEADING]
[HEADING=1]Running from : C:\Users\HP-PC\Downloads\adwcleaner_6.044.exe[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]Support : Malwarebytes Help Center[/HEADING]
***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\HP-PC\AppData\Local\SweetLabs App Platform
[-] Folder deleted: C:\Users\shrey\AppData\Local\SweetLabs App Platform
[-] Folder deleted: C:\Users\183-k\AppData\Roaming\Enigma Software Group
[-] Folder deleted: C:\Program Files\Enigma Software Group
[-] Folder deleted: C:\Users\183-k\AppData\Roaming\Mozilla\Firefox\rijercultclozerw ardvebeied
[-] Folder deleted: \Users\Public\Pokki

***** [ Files ] *****

[-] File deleted: C:\Users\HP-PC\Downloads\SysInfo.exe
[-] File deleted: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[-] File deleted: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Classes\pokki
[#] Key deleted on reboot: HKCU\Software\Classes\pokki
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\pokki
[-] Key deleted: HKU.DEFAULT\Software\xvb[ICODE]lj [-] Key deleted: HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\INSTALLPATH\STATUS [#] Key deleted on reboot: HKU\S-1-5-18\Software\xvb[/ICODE]lj
[#] Key deleted on reboot: HKCU\Software\INSTALLPATH\STATUS
[-] Key deleted: HKLM\SOFTWARE\xvb[ICODE]lj [#] Key deleted on reboot: [x64] HKCU\Software\INSTALLPATH\STATUS [-] Key deleted: [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup [-] Key deleted: [x64] HKLM\SOFTWARE\xvb[/ICODE]lj

***** [ Web browsers ] *****

[-] [C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.mysites123.com/?type=hp&ts=1453566380&z=f6910177e709c56307dc30dgb z8wcc0w0q5q2cfb8e&from=amt&uid=hgstxhts541010a9e68 0_ja1006103dru1v3dru1vx
[-] [C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxp://www.mysites123.com/?type=hp&ts=1453566380&z=f6910177e709c56307dc30dgb z8wcc0w0q5q2cfb8e&from=amt&uid=hgstxhts541010a9e68 0_ja1006103dru1v3dru1vx

---

:: “Tracing” keys deleted
:: Winsock settings cleared

---

\AdwCleaner\AdwCleaner[C0].txt - [2585 Bytes] - [19/03/2017 15:04:17]
\AdwCleaner\AdwCleaner[S0].txt - [2661 Bytes] - [19/03/2017 14:58:28]

########## EOF - \AdwCleaner\AdwCleaner[C0].txt - [2727 Bytes] ##########

[HEADING=1]Updated on 28/02/2017 by Malwarebytes[/HEADING]
[HEADING=1]Database : 2017-03-18.1 [Server][/HEADING]
[HEADING=1]Operating System : Windows 8.1 Single Language (X64)[/HEADING]
[HEADING=1]Username : 183-k - HP[/HEADING]
[HEADING=1]Running from : C:\Users\HP-PC\Downloads\adwcleaner_6.044.exe[/HEADING]
[HEADING=1]Mode: Scan[/HEADING]
[HEADING=1]Support : Malwarebytes Help Center[/HEADING]
***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Folder Found: C:\Users\HP-PC\AppData\Local\SweetLabs App Platform
Folder Found: C:\Users\shrey\AppData\Local\SweetLabs App Platform
Folder Found: C:\Users\183-k\AppData\Roaming\Enigma Software Group
Folder Found: C:\Program Files\Enigma Software Group
Folder Found: C:\Users\183-k\AppData\Roaming\Mozilla\Firefox\rijercultclozerw ardvebeied
Folder Found: \Users\Public\Pokki

***** [ Files ] *****

File Found: C:\Users\HP-PC\Downloads\SysInfo.exe
File Found: C:\Users\HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
File Found: C:\Users\shrey\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

No malicious task found.

***** [ Registry ] *****

Key Found: HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\Classes\pokki
Key Found: HKCU\Software\Classes\pokki
Key Found: [x64] HKCU\Software\Classes\pokki
Key Found: HKU.DEFAULT\Software\xvb[ICODE]lj Key Found: HKU\S-1-5-21-1605944295-1278072363-3366277582-1005\Software\INSTALLPATH\STATUS Key Found: HKU\S-1-5-18\Software\xvb[/ICODE]lj
Key Found: HKCU\Software\INSTALLPATH\STATUS
Key Found: HKLM\SOFTWARE\xvb[ICODE]lj Key Found: [x64] HKCU\Software\INSTALLPATH\STATUS Key Found: [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup Key Found: [x64] HKLM\SOFTWARE\xvb[/ICODE]lj

***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.mysites123.com/?type=hp&ts=1453566380&z=f6910177e709c56307dc30dgb z8wcc0w0q5q2cfb8e&from=amt&uid=hgstxhts54
Chrome pref Found: [C:\Users\HP-PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.mysites123.com/?type=hp&ts=1453566380&z=f6910177e709c56307dc30dgb z8wcc0w0q5q2cfb8e&from=amt&uid=hgstxhts5

---

\AdwCleaner\AdwCleaner[S0].txt - [2497 Bytes] - [19/03/2017 14:58:28]

########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [2568 Bytes] ##########

~ Run by 183-k (Administrator) (19/03/2017 15:18:58)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : ZHP
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\183-k\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\183-k\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit (Build 9600)

—\ Services (0)
~ No malicious or unnecessary items found.

—\ Browser internet (0)
~ No malicious or unnecessary items found.

—\ Hosts file (1)
~ The hosts file is legitimate (41)

—\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

—\ Explorer ( File, Folder) (0)
~ No malicious or unnecessary items found.

—\ Registry ( Key, Value, Data) (0)
~ No malicious or unnecessary items found.

—\ Result of repair
~ Any repair made
~ Browser not found (Opera Software)

—\ Statistics
~ Items scanned : 81990
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 0

~ End of search in 00h16mn23s
~====================
ZHPCleaner-[R]-19032017-13_54_16.txt
ZHPCleaner–19032017-13_23_17.txt
ZHPCleaner–19032017-15_35_21.txt