Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Program blocked by group policy


  • This topic is locked This topic is locked
14 replies to this topic

#1 kunalthechamp

kunalthechamp

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:38 PM

Posted 15 May 2014 - 04:28 AM

Hello,

 

I have recently started experiencing this issue on my Windows 7 x64 HP notebook. I first experienced this with winrar. Whenever I try extracting from a rar, it gives me this error: This program is blocked by group policy. For more information, contact your system administrator. I then moved to 7zip and it works fine. I then downloaded utorrent, does not open, gives me the same error, no harm done. Now the issue is when I want to uninstall the program, it gives me a similar error and wont let me uninstall it. The error: You do not have sufficient access to uninstall uTorrent. Please contact your system administrator. I am the only user on this computer and it is not connected to a LAN network. I have tried using Revo Uninstaller with no results. I also installed (and uninstalled) add gpedit. From: http://drudger.deviantart.com/art/Add-GPEDIT-msc-215792914.

I cant even find the program files for utorrent for me to delete. Please help!

 

I deleted the settings from %appdata%\utorrent

The second time I tried opening uTorrent my computer froze on me, no ctrl alt del results, no mouse, nothing had to force shut down frmo the power button.


Edited by hamluis, 16 May 2014 - 02:58 PM.
Moved from Win 7 to Am I Infected - Hamluis.

If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

 

Follow BleepingComputer on: Facebook | Twitter | Google+


BC AdBot (Login to Remove)

 


#2 RebootRequired

RebootRequired

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 15 May 2014 - 10:49 AM

Would like a little more information on your situation. Is this your personal computer?

Silly question but must ask: Are you on an account with administrative rights?

 

Group policy can be caused by a few things but first get back at us with a little more information and we will get the ball rolling. 

 

 

If you are an admin first try looking into the gpedit.msc in admin mode:

 

-Go to run-->type CMD-->type gpedit.msc in the black window that appears.

-Click into "window settings" then "Software restrictions and policies"

-Under your profile change it to basic as default.

 

Get back to us. 

 

 



#3 kunalthechamp

kunalthechamp
  • Topic Starter

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:38 PM

Posted 15 May 2014 - 11:29 AM

Thanks for your reply. It is a personal computer. I am on my account, not sure if its an admin account. I did what you said, it says 'No software restriction policies defined' followed by a long message 'Software restriction policies are not defined in this group policy object. If you define........' etc.


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#4 RebootRequired

RebootRequired

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:08 AM

Posted 15 May 2014 - 12:25 PM

Go to control panel and navigate to the user account section and check what kind of account you are on.  



#5 kunalthechamp

kunalthechamp
  • Topic Starter

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:38 PM

Posted 16 May 2014 - 04:03 AM

My name

Administrator

Password Protected


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:08 PM

Posted 21 May 2014 - 05:42 PM

Hello kunalthechamp, and welcome to the forums! :thumbsup:
 
Sorry for the delay in response to your topic. As you know the forum can get busy at times, but now that I'm helping you, I will stay with you until the end! :thumbup2:
 
Just to let you know, I have moved this topic to the Malware Removal Logs forum where it will stay. We will need a FRST log posted (instructions are bellow), and a log from that tool cannot be posted in the Am I Infected forum, so here we are. :)
 
==========
 
Let's first get some logs to check for any malware activity:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. You will need the 64-bit version.

  • Right-click FRST then click "Run as administrator".
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 

bloopie


Edited by bloopie, 21 May 2014 - 05:44 PM.
typo


#7 kunalthechamp

kunalthechamp
  • Topic Starter

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:38 PM

Posted 22 May 2014 - 02:29 AM

Thanks a lot Bloopie, no worries for the delay :)

FRST Log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2014
Ran by Kunal at 2014-05-22 12:53:21
Running from C:\Users\Kunal\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,2,261,0 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{A1BC7068-C1BA-410F-8B9A-DB807C803DE2}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Avira (HKLM-x32\...\{3361e961-9e49-487c-b1ac-9255348ccbaf}) (Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.12.20002 - Avira Operations GmbH & Co. KG) Hidden
Avira APC 0.1.0.1 (HKLM-x32\...\{18948029-33D5-4B93-8275-FE1FC7A43D51}_is1) (Version: 0.1.0.1 - Avira Operations GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Software Updater (HKLM-x32\...\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}) (Version: 6.0.1.37 - Research In Motion Ltd)
BlackBerry Smartphone Simulators 5.0.0.654 (8530-Sprint) (HKLM-x32\...\{8B02CDDA-8E56-4305-A921-F4919DA77002}) (Version: 5.0.0.654 - Research In Motion)
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (64 bit) (HKLM\...\{597519E3-DCA6-433E-9BC2-708BC99BD5CD}) (Version: 3.3.39.0 - Box, Inc)
Build-a-lot 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.82 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.1.47.1220 - Foxit Corporation)
ColorPic (HKLM-x32\...\ColorPic) (Version: 4.1 - Iconico)
CryptoPrevent v3.0.0 (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.2216 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3419 - CyberLink Corp.) Hidden
CyberLink Power2Go 9 (HKLM-x32\...\InstallShield_{57D68FAE-CB5E-4fd6-AE3B-A0B43375AF18}) (Version: 9.0.1601.0 - CyberLink Corp.)
CyberLink Power2Go 9 (x32 Version: 9.0.1601.0 - CyberLink Corp.) Hidden
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1110 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.1.1110 - CyberLink Corp.) Hidden
CyberLink WaveEditor 2 (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.0.4203 - CyberLink Corp.)
CyberLink WaveEditor 2 (x32 Version: 2.0.0.4203 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3130 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.3130 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DisplayLink Core Software (HKLM\...\{5F536896-86A1-4CDA-AAE8-F58B492900B9}) (Version: 7.5.54018.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{33023FE8-9028-416A-8A5C-C115B59DD538}) (Version: 7.5.54051.0 - DisplayLink Corp.)
Ditto (HKLM-x32\...\Ditto_is1) (Version:  - Scott Brogden)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dora's Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
EASEUS Todo Backup Home 2.5 (HKLM-x32\...\EASEUS Todo Backup Home 2.5_is1) (Version: 2.5.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
Elcomsoft Blackberry Backup Explorer (HKLM-x32\...\{B67150DA-D9C7-4701-A97E-32023AEB3CDD}) (Version: 9.6.1.892 - Elcomsoft Co. Ltd.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
Fitbit Connect (HKLM-x32\...\{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}) (Version: 1.0.1.5127 - Fitbit Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
GMATPrep (HKLM-x32\...\GMATPrep 2.2.317) (Version: 2.2.317 - Graduate Management Admission Council (GMAC))
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{217CEB43-6D22-3E1F-A311-DC0D7BFEE0A2}) (Version: 5.4.1.18709 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version:  - Richard)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP User Guides 0179 (HKLM-x32\...\{5C3E37A9-B7A7-4CDD-8A87-EB6701AFD571}) (Version: 1.02.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iExplorer 3.2.5.6 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Macrium Reflect - Free Edition (HKLM\...\{FD66A549-5110-48C8-ACE6-3F52AB3BF100}) (Version: 4.2.3141 - Macrium)
MagicBerry for Blackberry version 3.5 (HKLM-x32\...\{404CBB42-3EF1-4ECF-BFBD-A557807CBF3B}_is1) (Version: 3.5 - Mena Step Innovative Solutions (Ashraf Awwad))
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Live Search Toolbar (x32 Version: 3.0.566.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Management Objects Collection  (HKLM\...\{5677B005-B609-4B5B-9F3C-132BB085D3CF}) (Version: 9.00.1399.06 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
MoboRobo 2.1.6.107 (HKLM-x32\...\{02B934E4-C574-4605-842B-01CD16295185}_is1) (Version: 2.1.6.107 - MoboRobo Inc.)
MotoHelper 2.1.32 Driver 5.4.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - The New York Fortune (x32 Version: 2.2.0.82 - WildTangent) Hidden
Nitro Reader 3 (HKLM\...\{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}) (Version: 3.5.2.10 - Nitro)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.0.47 - Symantec Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
paint.net 4.0 Pre-Release (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Pharos (HKLM-x32\...\Pharos) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.907 - Plex, Inc.) Hidden
Poker Superstars III (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Seagate Dashboard (HKLM-x32\...\{67445E65-3D93-428F-83A5-446F7D02689A}) (Version: 3.0.34.1 - Seagate)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sharepod 4.0.1.1 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version:  - Macroplant LLC)
ShufflePlusVLOI (x32 Version: 1.00.0000 - Your Company Name) Hidden
SkillSoft Course Manager (HKLM-x32\...\SkillSoft Course Manager) (Version:  - )
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StarToken (HKLM-x32\...\{5E4D6466-1917-4F6A-91FC-0A3EE4F31135}) (Version: 1.1.933 - Bank of India)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1008 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TextTwist 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vertcoin (HKCU\...\Vertcoin) (Version: 0.8.6.2 - Vertcoin project)
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
Wheel of Fortune 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.31 - WildTangent)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.9.2014.0 - BillP Studios)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Restore Points  =========================

15-05-2014 08:01:34 Revo Uninstaller's restore point - µTorrent
15-05-2014 08:02:48 Revo Uninstaller's restore point - µTorrent
15-05-2014 08:44:25 Revo Uninstaller's restore point - µTorrent
15-05-2014 11:35:22 Installed Extended Asian Language font pack for Adobe Reader XI.
19-05-2014 08:52:48 Windows Update
21-05-2014 16:12:25 Before CCleaner

==================== Hosts content: ==========================

2009-07-14 08:04 - 2012-12-08 10:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1FF61D07-D964-4F25-8CBA-2AF5FE817ABF} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-07] ()
Task: {2007B7C7-9601-4CCD-8BEB-F9A834B80132} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-07] ()
Task: {279FB704-9CB1-4D5E-8A5F-7B0FC01E30E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {28A72C6E-6876-458C-91C3-E74F81272774} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-07] ()
Task: {2D559775-C408-4821-9DE8-36226D985528} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-674566640-1698649700-413755185-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {2DEA53D2-8E8C-48AB-BD12-11FC4F0A9B25} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {3023EFAA-3AC9-4A90-A953-DED130C1E1D1} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-674566640-1698649700-413755185-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-06] (RealNetworks, Inc.)
Task: {46F17CDE-43CC-442C-93F8-7191DB244D20} - System32\Tasks\HPCeeScheduleForKunal => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {55762F0C-CE49-428C-BF18-2D1648671719} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-02-11] (Seagate Technology LLC)
Task: {575AE79A-C3AC-4A53-B40C-13CDADA32E51} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {664D681B-55C2-41EF-8777-46B4F40E8033} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMJJMJPMNJMMLJOMKJCNPMMMLMKJCNLMJMIMPMCNHMJMPMKMCNLMLJMJJMGMKMMJJMLMOMJJPMJNJICMIMCNLMCNNMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMPMJNHICMNJKIBJPMOMJNBJCMELKIBJOJDJJNKJCMJNNICMJNDJCMKJBJ"
Task: {715C6C09-E06E-4CC3-87A5-6CC93B093121} - System32\Tasks\{996D409D-60ED-4BBA-9F15-1D4EEF7E5D02} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-15] (Skype Technologies S.A.)
Task: {7F6423AD-0AB8-493A-850D-3BCA859A302D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8AA71253-11F4-4B7A-A9F0-A902ABBDB52D} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe
Task: {91D1307B-4948-42FD-B046-B9A35062C40D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-10] (Google Inc.)
Task: {94135802-1ABC-4036-8E1C-75404E6DDDA6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-08-02] (CyberLink)
Task: {AE09263D-0769-498E-9AB6-184D91726DB4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001UA => C:\Users\Kunal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-10] (Google Inc.)
Task: {B42BDF31-C71D-48A2-9607-E2C961BF1521} - System32\Tasks\AdobeAAMUpdater-1.0-Kunal-HP-Kunal => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {C373B910-6D3C-4BDC-8A01-CF8278F64ED5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {CD684EE6-FA93-4B85-A893-B6B9EFD8E086} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-10] (Google Inc.)
Task: {CF7AA679-4BF0-49C8-8C54-57AC5A2DEF75} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-674566640-1698649700-413755185-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-06] (RealNetworks, Inc.)
Task: {E1F7B7FE-B00D-4AE3-913B-6D83B06979AC} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe
Task: {EB1D6DD7-93D2-4DCB-A261-23F2245E1DB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001Core => C:\Users\Kunal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-10] (Google Inc.)
Task: {F85FC836-F902-4165-AB92-C673E15BAB44} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-07] ()
Task: {FD429A49-2217-48F7-B294-1DB197010606} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-674566640-1698649700-413755185-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001Core.job => C:\Users\Kunal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001UA.job => C:\Users\Kunal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKunal.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2010-01-19 03:34 - 2010-01-19 03:34 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2013-02-05 14:45 - 2014-03-28 18:14 - 00070952 _____ () C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
2011-12-07 02:30 - 2011-12-07 02:30 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2011-07-01 17:55 - 2011-07-01 17:36 - 00301720 _____ () C:\Program Files\Macrium\Reflect\ReflectService.exe
2010-05-17 00:05 - 2009-07-07 00:50 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-10-21 00:53 - 2010-10-21 00:53 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-12-07 02:30 - 2011-12-07 02:30 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2011-09-01 04:43 - 2011-09-01 04:43 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-10-07 15:09 - 2011-10-07 15:09 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2009-07-02 04:14 - 2009-07-02 04:14 - 00632888 ____R () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2014-01-20 23:47 - 2014-01-20 23:47 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 23:46 - 2014-01-20 23:46 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-17 08:00 - 2011-04-23 03:55 - 00050056 _____ () C:\Program Files (x86)\EASEUS\Todo Backup\bin\CodeLog.dll
2011-05-17 08:00 - 2008-11-26 02:48 - 01291264 _____ () C:\Program Files (x86)\EASEUS\Todo Backup\bin\libxml2.dll
2011-05-17 08:00 - 2004-10-05 12:38 - 00055808 _____ () C:\Program Files (x86)\EASEUS\Todo Backup\bin\zlib1.dll
2013-02-05 14:45 - 2014-03-28 18:15 - 00940400 _____ () C:\Program Files (x86)\Moborobo\DriverInstall.dll
2014-05-12 21:43 - 2014-05-12 21:43 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2013-09-14 12:21 - 2013-09-14 12:21 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 12:20 - 2013-09-14 12:20 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-01-17 09:58 - 2014-04-23 00:09 - 00645592 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2014-05-22 12:30 - 2014-05-22 12:30 - 00041984 _____ () c:\users\kunal\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpybqq0x.dll
2013-10-19 05:25 - 2013-10-19 05:25 - 25100288 _____ () C:\Users\Kunal\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-13 00:05 - 2014-05-05 10:37 - 00049744 _____ () C:\Users\Kunal\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-05-22 12:29 - 2014-05-22 12:29 - 00098816 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32api.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00110080 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\pywintypes27.dll
2014-05-22 12:29 - 2014-05-22 12:29 - 00364544 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\pythoncom27.dll
2014-05-22 12:29 - 2014-05-22 12:29 - 00045568 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\_socket.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 01159680 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\_ssl.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00320512 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32com.shell.shell.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00713216 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\_hashlib.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 01175040 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._core_.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00805888 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._gdi_.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00811008 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._windows_.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 01062400 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._controls_.pyd
2014-05-22 12:28 - 2014-05-22 12:28 - 00735232 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._misc_.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00128512 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\_elementtree.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00127488 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\pyexpat.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00557056 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\pysqlite2._sqlite.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00087552 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\_ctypes.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00119808 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32file.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00108544 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32security.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00018432 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32event.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00038912 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32inet.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00070656 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._html2.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00167936 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32gui.pyd
2014-05-22 12:28 - 2014-05-22 12:28 - 00011264 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32crypt.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00027136 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\_multiprocessing.pyd
2014-05-22 12:28 - 2014-05-22 12:28 - 00122368 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._wizard.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00010240 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\select.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00024064 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32pipe.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00686080 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\unicodedata.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00025600 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32pdh.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00525640 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\windows._lib_cacheinvalidation.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00035840 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32process.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00017408 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32profile.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00022528 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\win32ts.pyd
2014-05-22 12:29 - 2014-05-22 12:29 - 00078336 _____ () C:\Users\Kunal\AppData\Local\Temp\_MEI52802\wx._animate.pyd
2013-09-05 10:44 - 2013-09-05 10:44 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 02:16 - 2013-02-15 02:16 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-05-11 16:21 - 2014-05-11 16:28 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 10:44 - 2013-09-05 10:44 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 01:15 - 2010-10-21 01:15 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-02-18 19:34 - 2011-02-18 19:34 - 00196448 _____ () C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AntiVirSchedulerService => 2
MSCONFIG\Services: AntiVirService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: CLMLServer_For_P2G9 => "C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Remote Mouse => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\realplayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: VSee => "C:\Users\Kunal\AppData\Roaming\VSeeInstall\vsee.exe" -quiet_start

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2014 00:49:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/22/2014 00:34:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MobileMeServices.exe, version: 1.6.65.0, time stamp: 0x4cafa71a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xc06d007e
Fault offset: 0x0000c42d
Faulting process id: 0x1298
Faulting application start time: 0xMobileMeServices.exe0
Faulting application path: MobileMeServices.exe1
Faulting module path: MobileMeServices.exe2
Report Id: MobileMeServices.exe3

Error: (05/22/2014 00:34:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MobileMeServices.exe, version: 1.6.65.0, time stamp: 0x4cafa71a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xc06d007e
Fault offset: 0x0000c42d
Faulting process id: 0xc94
Faulting application start time: 0xMobileMeServices.exe0
Faulting application path: MobileMeServices.exe1
Faulting module path: MobileMeServices.exe2
Report Id: MobileMeServices.exe3

Error: (05/20/2014 07:23:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53805

Error: (05/20/2014 07:23:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53805

Error: (05/20/2014 07:23:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/20/2014 07:22:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2418

Error: (05/20/2014 07:22:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2418

Error: (05/20/2014 07:22:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/20/2014 07:22:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1280


System errors:
=============
Error: (05/22/2014 00:34:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D3F6D4DB-A482-4648-8DBB-3565EBCB7A6B}

Error: (05/22/2014 00:29:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

Error: (05/22/2014 00:05:10 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (05/20/2014 09:08:53 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.101 with the system
having network hardware address 18-26-66-5C-ED-A5. Network operations on this system may
be disrupted as a result.

Error: (05/19/2014 02:57:40 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 0.0.0.0 with the system
having network hardware address 00-00-00-00-00-00. Network operations on this system may
be disrupted as a result.

Error: (05/17/2014 04:45:09 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 192.168.1.105 with the system
having network hardware address 18-26-66-5C-ED-A5. Network operations on this system may
be disrupted as a result.

Error: (05/15/2014 02:46:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D3F6D4DB-A482-4648-8DBB-3565EBCB7A6B}

Error: (05/15/2014 02:40:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Software Framework Service service failed to start due to the following error:
%%1053

Error: (05/15/2014 02:40:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect.

Error: (05/15/2014 02:40:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053hpqwmiex{F5539356-2F02-40D4-999E-FA61F45FE12E}


Microsoft Office Sessions:
=========================
Error: (05/22/2014 00:49:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kunal\Downloads\esetsmartinstaller_enu.exe

Error: (05/22/2014 00:34:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MobileMeServices.exe1.6.65.04cafa71aKERNELBASE.dll6.1.7601.1840953159a86c06d007e0000c42d129801cf758c1b1061ffC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exeC:\Windows\syswow64\KERNELBASE.dll58c67260-e17f-11e3-b8b0-60eb692a335c

Error: (05/22/2014 00:34:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MobileMeServices.exe1.6.65.04cafa71aKERNELBASE.dll6.1.7601.1840953159a86c06d007e0000c42dc9401cf758bff8c6502C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exeC:\Windows\syswow64\KERNELBASE.dll401fc449-e17f-11e3-b8b0-60eb692a335c

Error: (05/20/2014 07:23:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53805

Error: (05/20/2014 07:23:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53805

Error: (05/20/2014 07:23:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/20/2014 07:22:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2418

Error: (05/20/2014 07:22:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2418

Error: (05/20/2014 07:22:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/20/2014 07:22:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1280


CodeIntegrity Errors:
===================================
  Date: 2014-04-25 20:40:11.264
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-25 20:40:11.016
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-24 16:31:20.584
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-24 16:31:20.206
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-22 15:29:24.740
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-22 15:29:24.492
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-12 18:37:44.798
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-12 18:37:44.414
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-03 19:35:54.685
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-03 19:35:53.346
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Moborobo\MoboroboAssDriver64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 7989.86 MB
Available physical RAM: 4759.46 MB
Total Pagefile: 15977.9 MB
Available Pagefile: 12294.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.53 GB) (Free:53.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.27 GB) (Free:2.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: FD5D114B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=284 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

 

 

 

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-05-2014
Ran by Kunal (administrator) on KUNAL-HP on 22-05-2014 12:49:57
Running from C:\Users\Kunal\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Moborobo\MoboRoboDeviceService.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
() C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Box, Inc.) C:\Program Files\Box Sync\BoxSyncHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Dropbox, Inc.) C:\Users\Kunal\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(SupportSoft, Inc.) C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2011-01-25] (Realtek Semiconductor)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-19] (Hewlett-Packard Company)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [BoxSyncHelper] => C:\Program Files\Box Sync\BoxSyncHelper.exe [393216 2012-10-20] (Box, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-06] (Microsoft Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-13] (Apple Inc.)
HKLM-x32\...\Run: [VERIZONDM] => C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe [206120 2011-12-01] (SupportSoft, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-18] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-11] (Fitbit, Inc.)
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\rar*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\7z*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\$Recycle.Bin\*\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\wz*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\Temp\*.zip\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\vseeinstall\vseeuninstall.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\livefilebackup\7za.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\vseeinstall\vsee.exe <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\vseeinstall\vseerestarter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\vsee\vseeupdateex.exe <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\vseeinstall\vsee.exe <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\vseeinstall\vseesip.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\vsee\vseeupdateex.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\vseeinstall\vseerestarter.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\vseeinstall\vseeupload.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\vseeinstall\vseeuninstall.exe <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\livefilebackup\7za.exe <====== ATTENTION
HKLM Group Policy restriction on software: %localappdata%\vseeinstall\vseeupload.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\vseeinstall\vseesip.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-674566640-1698649700-413755185-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-674566640-1698649700-413755185-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-15] (SUPERAntiSpyware)
HKU\S-1-5-21-674566640-1698649700-413755185-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google)
HKU\S-1-5-21-674566640-1698649700-413755185-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-18] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-674566640-1698649700-413755185-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-21] (Apple Inc.)
HKU\S-1-5-21-674566640-1698649700-413755185-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-21] (Apple Inc.)
HKU\S-1-5-21-674566640-1698649700-413755185-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kunal\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

ProxyServer: 173.194.65.101:80
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/hpnot/1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=US&ver=2014&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSS&chn=retail&geo=US&ver=2014&locale=en_US&gct=kwd&qsrc=2869
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.47\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab
DPF: HKLM-x32 {96816368-C1E3-414D-A193-63C3CC921990} http://johnhopkinsuniversity-baltimore.remotemanager.co.uk/common/activex/MJPEGRender.ocx
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://sslconnect.johnshopkins.edu/dana-cached/sc/JuniperSetupClient.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 202.88.131.90 202.88.131.89

FireFox:
========
FF ProfilePath: C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default
FF Homepage: hxxp://www.google.com/ig
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll No File
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Kunal\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Kunal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Kunal\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kunal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kunal\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: samsung.com/AllSharePlayPCPlugin - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Users\Kunal\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kunal\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default\searchplugins\safesearch.xml
FF Extension: Garmin Communicator - C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-25]
FF Extension: Heartbleed Notifier - C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default\Extensions\heartbleed@dactyl.googlecode.com.xpi [2014-05-11]
FF Extension: Save Session - C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default\Extensions\savesession@noasobi.net.xpi [2012-08-17]
FF Extension: Session Manager - C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2012-08-17]
FF Extension: Adblock Plus - C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-08]
FF Extension: Greasemonkey - C:\Users\Kunal\AppData\Roaming\Mozilla\Firefox\Profiles\jjgyf69c.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-06-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-05-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-11]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.0.43\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKCU\...\Firefox\Extensions: [{62AA1784-0DDB-11E2-8271-B8AC6F996F26}] - C:\Users\Kunal\AppData\Local\{62AA1784-0DDB-11E2-8271-B8AC6F996F26}\
FF Extension: Mozilla Safe Browsing - C:\Users\Kunal\AppData\Local\{62AA1784-0DDB-11E2-8271-B8AC6F996F26}\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Users\Kunal\AppData\Local\Google\Chrome\Application\34.0.1847.137\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealNetworks™ RealPlayer Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kunal\AppData\Local\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kunal\AppData\Local\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader\npnitromozilla.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Docs Offline Background Page) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-08-02]
CHR Extension: (YouTube) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-22]
CHR Extension: (Google Cast) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2013-11-05]
CHR Extension: (HelloFax: 50 Free Fax Pages) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2012-08-02]
CHR Extension: (Google Search) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-22]
CHR Extension: (backgroundPage) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2012-08-02]
CHR Extension: (Google Calendar) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-08-02]
CHR Extension: (Springpad) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2013-05-16]
CHR Extension: (Google Keep) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-05-16]
CHR Extension: (RealPlayer Downloader) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-13]
CHR Extension: (WeatherBug (Legacy App)) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak [2012-08-02]
CHR Extension: (Scratchpad) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjebfhglflhjjjiceimfkgicifkhjlnm [2012-08-02]
CHR Extension: (Skype Click to Call) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-09-17]
CHR Extension: (Google Maps) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2012-08-02]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2012-08-02]
CHR Extension: (Google Mail Checker) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-08-02]
CHR Extension: (AT_Delbuck) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\neghaibmbjedngldjldidfoobmkkfkle [2010-09-20]
CHR Extension: (Norton Identity Safe) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgpiocdhdmnglomggfjkkonjjfahnom [2014-04-19]
CHR Extension: (Google Wallet) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Norton Identity Safe for Google Chromeâ„¢) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-04-19]
CHR Extension: (Gmail) - C:\Users\Kunal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-22]
CHR HKLM-x32\...\Chrome\Extension: [cdjbnddbclciabnckgeahmneohjlahdm] - C:\Users\Kunal\AppData\Local\chromeupdate.crx [2011-12-22]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\Exts\Chrome.crx [2014-05-21]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-12] (SUPERAntiSpyware.com)
S4 #UpdateService; C:\Program Files\Box Sync\UpdateService.exe [8704 2012-10-20] (Box, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
S4 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [124496 2014-05-05] (Avira Operations GmbH & Co. KG)
S4 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-19] (Research In Motion Limited)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9960240 2014-02-24] (DisplayLink Corp.)
R2 EASEUS Agent; C:\Program Files (x86)\EASEUS\Todo Backup\bin\Agent.exe [56200 2011-04-23] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-11] (Fitbit, Inc.)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-19] ()
R2 MoboroboDeviceService; C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70952 2014-03-28] ()
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-07] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\NST.exe [130104 2014-05-14] (Symantec Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S4 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-27] (Nitro PDF Software)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [345600 2010-01-15] (Pharos Systems International)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-12] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] ()
R2 ReflectService; C:\Program Files\Macrium\Reflect\ReflectService.exe [301720 2011-07-01] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-18] (Sandboxie Holdings, LLC)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-02-11] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-02-11] (Seagate Technology LLC)
R2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe [206120 2011-12-01] (SupportSoft, Inc.)
R2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe [185640 2011-12-01] (SupportSoft, Inc.)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07000.02F\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R3 CLVirtualBus01; C:\Windows\System32\DRIVERS\CLVirtualBus01.sys [96008 2014-03-12] (CyberLink)
S3 DLCopyFilter; C:\Windows\System32\Drivers\wsr_tbf.sys [51712 2010-02-22] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [42888 2011-04-23] ()
R3 EUDISK; C:\Windows\system32\drivers\eudisk.sys [193928 2011-04-23] (CHENGDU YIWO Tech Development Co., Ltd)
R0 EUFS; C:\Windows\System32\drivers\eufs.sys [26504 2011-04-23] (CHENGDU YIWO Tech Development Co., Ltd)
S3 hwa; C:\Windows\System32\DRIVERS\WSR_HWA.SYS [911360 2010-03-17] ()
S3 HWARadio; C:\Windows\System32\DRIVERS\WSR_RCI.SYS [159232 2010-03-17] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 PSMounter; C:\Windows\system32\drivers\psmounter.sys [40600 2011-07-01] (Macrium Software)
S3 PSVolAcc; C:\Windows\System32\Drivers\PSVolAcc.sys [13464 2011-07-01] (Paramount Software UK Ltd)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-04] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-11] (Research in Motion Ltd)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-18] (Sandboxie Holdings, LLC)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_5.2.23219.0.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-22 12:49 - 2014-05-22 12:50 - 00053339 _____ () C:\Users\Kunal\Downloads\FRST.txt
2014-05-22 12:48 - 2014-05-22 12:48 - 02067456 _____ (Farbar) C:\Users\Kunal\Downloads\FRST64.exe
2014-05-21 14:59 - 2014-05-21 14:59 - 00509440 _____ (Tech Support Guy System) C:\Users\Kunal\Downloads\SysInfo.exe
2014-05-18 19:24 - 2014-05-20 22:10 - 00000000 ____D () C:\Users\Kunal\Desktop\gmat
2014-05-18 01:10 - 2014-05-18 01:10 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\GMATPrep
2014-05-18 01:09 - 2014-05-18 01:10 - 00000000 ____D () C:\Program Files (x86)\GMATPrep2012
2014-05-18 01:09 - 2014-05-18 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep
2014-05-18 01:09 - 2013-10-21 22:25 - 00071280 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
2014-05-18 00:54 - 2014-05-18 01:08 - 54662896 _____ (Graduate Management Admission Council (GMAC)) C:\Users\Kunal\Downloads\GMATPrep-2.2.317-Windows.exe
2014-05-17 19:31 - 2014-05-21 15:33 - 00008881 _____ () C:\Users\Kunal\Desktop\India 14.xlsx
2014-05-15 21:47 - 2014-05-15 21:47 - 00707354 _____ () C:\Windows\unins000.exe
2014-05-15 21:47 - 2014-05-15 21:47 - 00001531 _____ () C:\Windows\unins000.dat
2014-05-15 17:45 - 2014-05-15 17:45 - 00001625 _____ () C:\Users\Kunal\Downloads\Manhattan_Full_Length_Tests.7571691.TPB.torrent
2014-05-15 17:43 - 2014-05-15 17:43 - 00005904 _____ () C:\Users\Kunal\Downloads\[TorrentDownloads.me]_Kaplan GMAT Math Workbook 2012 PDF rar.torrent
2014-05-15 16:46 - 2014-05-15 17:01 - 54711296 _____ () C:\Users\Kunal\Downloads\FontPack11000_XtdAlf_Lang.msi
2014-05-15 15:07 - 2014-05-15 15:07 - 00012555 _____ () C:\Users\Kunal\Downloads\[kickass.to]complete.manhattan.gmat.5th.edition.official.guide.13th.edition.torrent
2014-05-15 14:39 - 2014-05-15 14:39 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-674566640-1698649700-413755185-1001
2014-05-15 14:39 - 2014-05-15 14:39 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-674566640-1698649700-413755185-1001
2014-05-15 14:02 - 2014-05-15 14:02 - 00347816 _____ (Microsoft Corporation) C:\Users\Kunal\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.160323573549212477.1.1.Run.exe
2014-05-15 13:48 - 2001-08-23 13:00 - 00034871 _____ () C:\Windows\system32\gpedit.msc
2014-05-15 13:46 - 2014-05-15 21:47 - 00000000 ____D () C:\Windows\SysWOW64\GPBAK
2014-05-15 13:46 - 2014-05-15 13:46 - 00000000 ____D () C:\Users\Kunal\Downloads\add_gpedit_msc_by_jwils876-d3kh6vm
2014-05-15 13:46 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2014-05-15 13:46 - 2001-08-23 13:00 - 00034871 _____ () C:\Windows\SysWOW64\gpedit.msc
2014-05-15 13:45 - 2014-05-15 13:46 - 00875012 _____ () C:\Users\Kunal\Downloads\add_gpedit_msc_by_jwils876-d3kh6vm.zip
2014-05-15 13:35 - 2014-05-15 13:35 - 00001794 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2014-05-15 13:35 - 2014-05-15 13:35 - 00000000 ____D () C:\Program Files\Vuze
2014-05-15 13:29 - 2014-05-15 13:29 - 00072008 _____ (Azureus Software, Inc.) C:\Users\Kunal\Downloads\VuzeBittorrentClientInstaller.exe
2014-05-15 13:28 - 2014-05-15 13:28 - 00003126 _____ () C:\Windows\System32\Tasks\{FE4EDEE9-A23C-4341-A1AA-86B75611E636}
2014-05-15 13:26 - 2014-05-21 17:12 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\uTorrent
2014-05-15 13:26 - 2014-05-15 13:26 - 00000793 _____ () C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-15 13:25 - 2014-05-15 13:25 - 01272400 _____ (BitTorrent Inc.) C:\Users\Kunal\Downloads\uTorrent.exe
2014-05-15 01:13 - 2014-05-06 10:10 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 01:13 - 2014-05-06 09:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 01:13 - 2014-05-06 08:55 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 01:13 - 2014-05-06 08:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 01:13 - 2014-05-06 08:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 01:13 - 2014-05-06 07:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 13:39 - 2014-05-09 11:44 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 13:39 - 2014-05-09 11:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 13:39 - 2014-03-25 08:13 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 13:39 - 2014-03-25 07:39 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 13:29 - 2014-04-12 07:52 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 13:29 - 2014-04-12 07:52 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 13:29 - 2014-04-12 07:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 13:29 - 2014-04-12 07:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 13:29 - 2014-04-12 07:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 13:29 - 2014-04-12 07:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 13:29 - 2014-04-12 07:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 13:29 - 2014-04-12 07:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 13:29 - 2014-04-12 07:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 13:29 - 2014-03-04 15:17 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 13:29 - 2014-03-04 15:14 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 13:29 - 2014-03-04 15:14 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 13:29 - 2014-03-04 15:14 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 13:29 - 2014-03-04 15:14 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 13:29 - 2014-03-04 15:14 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 13:29 - 2014-03-04 15:14 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 13:29 - 2014-03-04 15:14 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 13:29 - 2014-03-04 15:14 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 13:29 - 2014-03-04 15:13 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 13:29 - 2014-03-04 15:13 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 13:29 - 2014-03-04 15:13 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 13:29 - 2014-03-04 15:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 13:29 - 2014-03-04 15:13 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 13:29 - 2014-03-04 15:13 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 13:29 - 2014-03-04 15:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 13:29 - 2014-03-04 14:50 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 13:29 - 2014-03-04 14:50 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 13:29 - 2014-03-04 14:47 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 13:29 - 2014-03-04 14:47 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 13:29 - 2014-03-04 14:46 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 12:26 - 2014-05-14 12:26 - 00462848 _____ (Benjamin Bentmann) C:\Users\Kunal\Downloads\BeCyPDFMetaEdit-2.37.0-en.exe
2014-05-13 00:25 - 2014-05-13 00:25 - 00000000 ____D () C:\Windows\pss
2014-05-13 00:21 - 2014-05-13 00:21 - 00000000 ____D () C:\Users\Kunal\AppData\Local\Power2Go9
2014-05-13 00:07 - 2014-05-13 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-05-13 00:07 - 2014-05-13 00:07 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-05-13 00:06 - 2014-05-13 00:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2014-05-13 00:03 - 2014-05-13 00:04 - 06245840 _____ (Auslogics Labs Pty Ltd ) C:\Users\Kunal\Downloads\disk-defrag-setup (1).exe
2014-05-13 00:03 - 2014-05-13 00:04 - 04530888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kunal\Downloads\avira_en_av___ws.exe
2014-05-13 00:03 - 2014-05-13 00:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9
2014-05-13 00:03 - 2014-05-13 00:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_CLVirtualBus01_01009.Wdf
2014-05-13 00:00 - 2014-05-13 00:01 - 04745984 _____ (Piriform Ltd) C:\Users\Kunal\Downloads\ccsetup413.exe
2014-05-12 23:59 - 2014-05-13 00:06 - 00000000 ____D () C:\ProgramData\install_clap
2014-05-12 23:56 - 2014-05-12 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-12 23:56 - 2014-05-12 23:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-12 23:54 - 2014-05-12 23:55 - 01376768 _____ () C:\Users\Kunal\Downloads\7z920-x64.msi
2014-05-12 22:34 - 2014-05-12 22:34 - 01029080 _____ (CyberLink) C:\Users\Kunal\Downloads\CyberLink_Power2Go_Downloader.exe
2014-05-12 22:21 - 2014-05-12 22:21 - 00316152 _____ (Dropbox, Inc.) C:\Users\Kunal\Downloads\DropboxInstaller.exe
2014-05-12 22:18 - 2014-05-12 22:46 - 39187992 _____ (Foxit Corporation ) C:\Users\Kunal\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-12 22:14 - 2014-05-12 22:14 - 00918672 _____ (Google Inc.) C:\Users\Kunal\Downloads\GoogleEarthSetup.exe
2014-05-12 22:08 - 2014-05-15 16:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-12 22:08 - 2014-05-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-12 22:08 - 2014-05-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-12 22:08 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 22:08 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 22:06 - 2014-05-12 22:06 - 00000000 ____D () C:\ProgramData\LightScribe
2014-05-12 22:05 - 2014-05-12 22:07 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kunal\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-12 21:47 - 2014-05-12 21:47 - 00001062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-12 21:45 - 2014-05-12 21:45 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-05-12 21:45 - 2014-05-12 21:45 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-05-12 21:44 - 2014-05-12 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-05-12 21:44 - 2014-05-12 21:44 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-05-12 21:44 - 2014-05-12 21:44 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-05-12 21:43 - 2014-05-12 21:43 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-05-12 21:43 - 2014-05-12 21:43 - 00353864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-05-12 21:40 - 2014-05-12 21:41 - 00000000 ____D () C:\Program Files\WinRAR
2014-05-12 21:40 - 2014-05-12 21:40 - 01917376 _____ () C:\Users\Kunal\Downloads\winrar-x64-51b4.exe
2014-05-12 18:41 - 2014-05-12 18:41 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Kunal\Downloads\SkypeSetup.exe
2014-05-12 15:24 - 2014-05-12 15:24 - 00001045 _____ () C:\Users\Kunal\Desktop\Firefox.lnk
2014-05-11 23:47 - 2014-05-11 23:56 - 00016700 _____ () C:\Users\Kunal\Desktop\Jenny - Colleges.xlsx
2014-05-11 16:43 - 2014-05-11 16:43 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-11 16:43 - 2014-05-11 16:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-11 16:43 - 2014-05-11 16:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-11 16:43 - 2014-05-11 16:43 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-11 16:38 - 2014-05-11 16:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-11 16:38 - 2014-05-11 16:38 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-11 16:38 - 2014-05-11 16:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-11 16:38 - 2014-05-11 16:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-11 16:34 - 2014-05-11 16:37 - 30818216 _____ (Oracle Corporation) C:\Users\Kunal\Downloads\jre-7u55-windows-x64.exe
2014-05-11 16:32 - 2014-05-11 16:34 - 29164456 _____ (Oracle Corporation) C:\Users\Kunal\Downloads\jre-7u55-windows-i586.exe
2014-05-11 16:21 - 2014-05-11 16:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 16:11 - 2014-05-10 16:14 - 00000000 ____D () C:\Users\Kunal\Downloads\MinesweeperX__1.15
2014-05-10 16:09 - 2014-05-10 16:09 - 00228788 _____ () C:\Users\Kunal\Downloads\MinesweeperX__1.15.zip
2014-05-08 17:18 - 2014-05-08 17:18 - 00894464 _____ () C:\Users\Kunal\Downloads\StarToken.msi
2014-05-08 17:09 - 2014-05-08 17:09 - 01130024 _____ (BillP Studios) C:\Users\Kunal\Downloads\wpsetup (2).exe
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 __SHD () C:\Users\Kunal\AppData\Local\EmieUserList
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 __SHD () C:\Users\Kunal\AppData\Local\EmieSiteList
2014-05-07 19:48 - 2014-03-06 15:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-07 19:48 - 2014-03-06 14:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-07 19:48 - 2014-03-06 14:27 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-07 19:48 - 2014-03-06 14:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-07 19:48 - 2014-03-06 14:23 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-07 19:48 - 2014-03-06 14:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-07 19:48 - 2014-03-06 14:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-07 19:48 - 2014-03-06 14:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-07 19:48 - 2014-03-06 13:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-07 19:48 - 2014-03-06 13:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-07 19:48 - 2014-03-06 13:58 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-07 19:48 - 2014-03-06 13:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-07 19:48 - 2014-03-06 13:39 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-07 19:48 - 2014-03-06 13:33 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-07 19:48 - 2014-03-06 13:32 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-07 19:48 - 2014-03-06 13:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-07 19:48 - 2014-03-06 13:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-07 19:48 - 2014-03-06 13:26 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-07 19:48 - 2014-03-06 13:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-07 19:48 - 2014-03-06 13:17 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-07 19:48 - 2014-03-06 13:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-07 19:48 - 2014-03-06 13:15 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-07 19:48 - 2014-03-06 13:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-07 19:48 - 2014-03-06 13:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-07 19:48 - 2014-03-06 13:08 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-07 19:48 - 2014-03-06 13:06 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-07 19:48 - 2014-03-06 12:52 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-07 19:48 - 2014-03-06 12:51 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-07 19:48 - 2014-03-06 12:43 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-07 19:48 - 2014-03-06 12:41 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-07 19:48 - 2014-03-06 12:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-07 19:48 - 2014-03-06 12:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-07 19:48 - 2014-03-06 12:23 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-07 19:48 - 2014-03-06 12:16 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-07 19:48 - 2014-03-06 12:10 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-07 19:48 - 2014-03-06 11:52 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-07 19:48 - 2014-03-06 11:28 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-07 19:48 - 2014-03-06 11:20 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-07 19:48 - 2014-03-06 11:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-07 19:48 - 2014-03-06 11:11 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-07 19:48 - 2014-03-06 11:06 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-07 19:47 - 2014-05-15 01:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-07 19:47 - 2014-03-06 13:41 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-07 19:47 - 2014-03-06 13:16 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-07 19:47 - 2014-03-06 12:06 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-05 16:15 - 2014-05-05 16:15 - 00003152 _____ () C:\Windows\System32\Tasks\{73395473-35BD-4CF8-8C83-87F5704803E9}
2014-05-05 14:05 - 2014-05-05 14:05 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\DropboxMaster
2014-05-02 15:37 - 2014-05-20 21:52 - 00012119 _____ () C:\Users\Kunal\Desktop\Running Account.xlsx
2014-05-01 18:58 - 2014-05-08 01:36 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-01 18:58 - 2014-05-01 19:12 - 00000000 ____D () C:\Users\Kunal\AppData\Local\Plex Media Server
2014-05-01 18:58 - 2014-05-01 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-01 18:57 - 2014-05-01 18:57 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-01 18:55 - 2014-05-01 18:55 - 00002118 _____ () C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-05-01 18:48 - 2014-05-01 18:53 - 63290992 _____ (Plex, Inc.) C:\Users\Kunal\Downloads\Plex-Media-Server-0.9.907.429-f80a8d6-en-US.exe
2014-04-24 21:32 - 2014-04-24 21:41 - 00000000 ____D () C:\Program Files (x86)\Excel Save Each Row, Column or Cell As Text or Excel File Software
2014-04-24 21:32 - 2005-06-15 03:00 - 00102400 _____ (TechSmith Corporation) C:\Windows\SysWOW64\tsccvid.dll
2014-04-24 21:29 - 2014-04-24 21:30 - 10444473 _____ (Sobolsoft ) C:\Users\Kunal\Downloads\setup.exe
2014-04-22 20:18 - 2014-04-22 20:45 - 50286720 _____ () C:\Users\Kunal\Downloads\NokiaSoftwareUpdaterSetup_EN_US.exe
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2014-04-22 20:16 - 2014-04-22 20:18 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Nokia
2014-04-22 20:16 - 2014-04-22 20:17 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\PC Suite
2014-04-22 20:16 - 2014-04-22 20:17 - 00000000 ____D () C:\ProgramData\PC Suite
2014-04-22 20:16 - 2014-04-22 20:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2014-04-22 20:15 - 2014-04-22 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2014-04-22 20:15 - 2014-04-22 20:15 - 00000000 ____D () C:\Program Files\DIFX
2014-04-22 20:15 - 2014-04-22 20:15 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2014-04-22 20:15 - 2012-06-11 11:33 - 00026112 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfdx64.sys
2014-04-22 20:14 - 2014-04-22 20:15 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-04-22 20:14 - 2012-01-09 17:28 - 00057856 _____ (Nokia) C:\Windows\system32\nmwcdclsX64.dll
2014-04-22 20:13 - 2014-04-22 20:45 - 00000000 ____D () C:\ProgramData\Installations
2014-04-22 20:07 - 2014-04-22 20:12 - 67963216 _____ () C:\Users\Kunal\Downloads\Nokia_PC_Suite_ALL.exe
2014-04-22 17:34 - 2014-04-22 17:34 - 36221841 _____ () C:\Users\Kunal\Downloads\Files_downloaded_by_AirDroid (1).zip
2014-04-22 17:34 - 2014-04-22 17:34 - 00000254 _____ () C:\Users\Kunal\Downloads\Files_downloaded_by_AirDroid.zip
2014-04-22 16:45 - 2014-04-22 16:45 - 00000000 ____D () C:\ProgramData\91 Harbor
2014-04-22 16:28 - 2014-04-22 16:28 - 00024136 _____ () C:\Users\Kunal\Downloads\Helium Backup Extractor-SOURCE.zip

==================== One Month Modified Files and Folders =======

2014-05-22 12:50 - 2014-05-22 12:49 - 00053339 _____ () C:\Users\Kunal\Downloads\FRST.txt
2014-05-22 12:50 - 2010-09-03 20:06 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0E5E46B7-0295-445E-9CFA-9B1166AE7FA2}
2014-05-22 12:49 - 2012-07-15 06:13 - 00000000 ____D () C:\FRST
2014-05-22 12:48 - 2014-05-22 12:48 - 02067456 _____ (Farbar) C:\Users\Kunal\Downloads\FRST64.exe
2014-05-22 12:46 - 2011-03-28 21:34 - 00000000 ____D () C:\Users\Kunal\Documents\Outlook Files
2014-05-22 12:38 - 2009-07-14 10:15 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-22 12:38 - 2009-07-14 10:15 - 00027568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-22 12:34 - 2010-09-19 02:27 - 00000000 ____D () C:\Users\Kunal\AppData\Local\CrashDumps
2014-05-22 12:32 - 2011-04-17 07:42 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Dropbox
2014-05-22 12:31 - 2012-11-05 01:24 - 00000000 ___RD () C:\Users\Kunal\Dropbox
2014-05-22 12:31 - 2012-05-21 10:45 - 00000000 ___RD () C:\Users\Kunal\Google Drive
2014-05-22 12:27 - 2010-09-10 11:48 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-22 12:27 - 2010-07-20 13:47 - 01309098 _____ () C:\Windows\WindowsUpdate.log
2014-05-22 12:24 - 2014-04-19 16:21 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2014-05-22 12:24 - 2014-04-19 16:21 - 00000000 ____D () C:\Windows\system32\Drivers\NSTx64
2014-05-22 12:23 - 2009-07-14 10:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-22 12:23 - 2009-07-14 10:21 - 00239743 _____ () C:\Windows\setupact.log
2014-05-22 12:22 - 2010-09-03 18:27 - 10544870 _____ () C:\Windows\PFRO.log
2014-05-22 00:05 - 2010-09-03 15:32 - 00000000 ____D () C:\Users\Kunal
2014-05-21 23:59 - 2014-01-24 11:17 - 00025482 _____ () C:\Users\Kunal\Desktop\General Plan.xlsx
2014-05-21 23:54 - 2013-06-05 06:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-21 23:54 - 2010-09-20 00:34 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001UA.job
2014-05-21 23:54 - 2010-09-10 11:48 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-21 22:08 - 2010-09-10 10:39 - 00000000 ____D () C:\kunal
2014-05-21 18:47 - 2010-09-03 15:46 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\HpUpdate
2014-05-21 17:12 - 2014-05-15 13:26 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\uTorrent
2014-05-21 17:11 - 2010-09-20 00:34 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001Core.job
2014-05-21 15:33 - 2014-05-17 19:31 - 00008881 _____ () C:\Users\Kunal\Desktop\India 14.xlsx
2014-05-21 14:59 - 2014-05-21 14:59 - 00509440 _____ (Tech Support Guy System) C:\Users\Kunal\Downloads\SysInfo.exe
2014-05-21 00:12 - 2010-09-03 15:54 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Mozilla
2014-05-20 22:10 - 2014-05-18 19:24 - 00000000 ____D () C:\Users\Kunal\Desktop\gmat
2014-05-20 21:52 - 2014-05-02 15:37 - 00012119 _____ () C:\Users\Kunal\Desktop\Running Account.xlsx
2014-05-20 13:30 - 2013-04-03 10:21 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-20 13:30 - 2013-04-03 10:21 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-19 14:05 - 2009-07-14 10:43 - 00800226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-18 01:10 - 2014-05-18 01:10 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\GMATPrep
2014-05-18 01:10 - 2014-05-18 01:09 - 00000000 ____D () C:\Program Files (x86)\GMATPrep2012
2014-05-18 01:09 - 2014-05-18 01:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep
2014-05-18 01:08 - 2014-05-18 00:54 - 54662896 _____ (Graduate Management Admission Council (GMAC)) C:\Users\Kunal\Downloads\GMATPrep-2.2.317-Windows.exe
2014-05-15 21:47 - 2014-05-15 21:47 - 00707354 _____ () C:\Windows\unins000.exe
2014-05-15 21:47 - 2014-05-15 21:47 - 00001531 _____ () C:\Windows\unins000.dat
2014-05-15 21:47 - 2014-05-15 13:46 - 00000000 ____D () C:\Windows\SysWOW64\GPBAK
2014-05-15 19:22 - 2011-10-01 06:05 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Azureus
2014-05-15 17:45 - 2014-05-15 17:45 - 00001625 _____ () C:\Users\Kunal\Downloads\Manhattan_Full_Length_Tests.7571691.TPB.torrent
2014-05-15 17:43 - 2014-05-15 17:43 - 00005904 _____ () C:\Users\Kunal\Downloads\[TorrentDownloads.me]_Kaplan GMAT Math Workbook 2012 PDF rar.torrent
2014-05-15 17:37 - 2013-03-03 03:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 17:01 - 2014-05-15 16:46 - 54711296 _____ () C:\Users\Kunal\Downloads\FontPack11000_XtdAlf_Lang.msi
2014-05-15 16:46 - 2014-05-12 22:08 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 15:07 - 2014-05-15 15:07 - 00012555 _____ () C:\Users\Kunal\Downloads\[kickass.to]complete.manhattan.gmat.5th.edition.official.guide.13th.edition.torrent
2014-05-15 14:39 - 2014-05-15 14:39 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-674566640-1698649700-413755185-1001
2014-05-15 14:39 - 2014-05-15 14:39 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-674566640-1698649700-413755185-1001
2014-05-15 14:02 - 2014-05-15 14:02 - 00347816 _____ (Microsoft Corporation) C:\Users\Kunal\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.160323573549212477.1.1.Run.exe
2014-05-15 13:51 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-15 13:49 - 2009-07-14 08:50 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-15 13:46 - 2014-05-15 13:46 - 00000000 ____D () C:\Users\Kunal\Downloads\add_gpedit_msc_by_jwils876-d3kh6vm
2014-05-15 13:46 - 2014-05-15 13:45 - 00875012 _____ () C:\Users\Kunal\Downloads\add_gpedit_msc_by_jwils876-d3kh6vm.zip
2014-05-15 13:35 - 2014-05-15 13:35 - 00001794 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2014-05-15 13:35 - 2014-05-15 13:35 - 00000000 ____D () C:\Program Files\Vuze
2014-05-15 13:34 - 2013-06-19 10:03 - 00000000 _____ () C:\END
2014-05-15 13:29 - 2014-05-15 13:29 - 00072008 _____ (Azureus Software, Inc.) C:\Users\Kunal\Downloads\VuzeBittorrentClientInstaller.exe
2014-05-15 13:28 - 2014-05-15 13:28 - 00003126 _____ () C:\Windows\System32\Tasks\{FE4EDEE9-A23C-4341-A1AA-86B75611E636}
2014-05-15 13:26 - 2014-05-15 13:26 - 00000793 _____ () C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-05-15 13:25 - 2014-05-15 13:25 - 01272400 _____ (BitTorrent Inc.) C:\Users\Kunal\Downloads\uTorrent.exe
2014-05-15 11:54 - 2010-09-03 15:38 - 00000000 ___RD () C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 11:54 - 2010-09-03 15:38 - 00000000 ___RD () C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 01:18 - 2014-05-07 19:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 01:17 - 2010-09-04 10:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 01:11 - 2013-07-17 09:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 01:11 - 2013-06-05 06:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 01:11 - 2012-06-18 06:28 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 01:11 - 2012-06-18 06:28 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 01:05 - 2010-09-08 08:52 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 12:26 - 2014-05-14 12:26 - 00462848 _____ (Benjamin Bentmann) C:\Users\Kunal\Downloads\BeCyPDFMetaEdit-2.37.0-en.exe
2014-05-13 00:25 - 2014-05-13 00:25 - 00000000 ____D () C:\Windows\pss
2014-05-13 00:25 - 2009-07-14 08:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-13 00:21 - 2014-05-13 00:21 - 00000000 ____D () C:\Users\Kunal\AppData\Local\Power2Go9
2014-05-13 00:14 - 2009-07-14 10:15 - 00460800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-13 00:13 - 2010-09-06 00:11 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-05-13 00:12 - 2010-09-10 16:37 - 00038934 _____ () C:\ProgramData\hpzinstall.log
2014-05-13 00:07 - 2014-05-13 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-05-13 00:07 - 2014-05-13 00:07 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-05-13 00:06 - 2014-05-13 00:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2014-05-13 00:06 - 2014-05-12 23:59 - 00000000 ____D () C:\ProgramData\install_clap
2014-05-13 00:05 - 2012-07-28 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-13 00:05 - 2010-05-17 00:01 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-13 00:05 - 2010-05-16 22:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-13 00:04 - 2014-05-13 00:03 - 06245840 _____ (Auslogics Labs Pty Ltd ) C:\Users\Kunal\Downloads\disk-defrag-setup (1).exe
2014-05-13 00:04 - 2014-05-13 00:03 - 04530888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kunal\Downloads\avira_en_av___ws.exe
2014-05-13 00:04 - 2013-07-25 08:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-13 00:04 - 2011-11-08 12:29 - 00000000 ____D () C:\ProgramData\Avira
2014-05-13 00:04 - 2011-11-08 12:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-13 00:04 - 2010-05-17 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-05-13 00:03 - 2014-05-13 00:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 9
2014-05-13 00:03 - 2014-05-13 00:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_CLVirtualBus01_01009.Wdf
2014-05-13 00:01 - 2014-05-13 00:00 - 04745984 _____ (Piriform Ltd) C:\Users\Kunal\Downloads\ccsetup413.exe
2014-05-13 00:01 - 2012-07-15 07:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-12 23:56 - 2014-05-12 23:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-12 23:56 - 2014-05-12 23:56 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-12 23:56 - 2012-10-06 10:51 - 00002036 _____ () C:\Windows\Sandboxie.ini
2014-05-12 23:55 - 2014-05-12 23:54 - 01376768 _____ () C:\Users\Kunal\Downloads\7z920-x64.msi
2014-05-12 22:46 - 2014-05-12 22:18 - 39187992 _____ (Foxit Corporation ) C:\Users\Kunal\Downloads\FoxitReader620.0429_enu_Setup.exe
2014-05-12 22:34 - 2014-05-12 22:34 - 01029080 _____ (CyberLink) C:\Users\Kunal\Downloads\CyberLink_Power2Go_Downloader.exe
2014-05-12 22:34 - 2010-05-17 00:01 - 00000000 ____D () C:\ProgramData\CyberLink
2014-05-12 22:30 - 2013-11-01 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-05-12 22:30 - 2012-11-05 01:21 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-12 22:30 - 2010-09-12 15:25 - 00000000 ____D () C:\Program Files\DivX
2014-05-12 22:30 - 2010-09-12 15:23 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-05-12 22:30 - 2010-09-12 15:22 - 00000000 ____D () C:\ProgramData\DivX
2014-05-12 22:29 - 2010-09-12 15:25 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\DivX
2014-05-12 22:26 - 2010-09-03 20:16 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\TeamViewer
2014-05-12 22:21 - 2014-05-12 22:21 - 00316152 _____ (Dropbox, Inc.) C:\Users\Kunal\Downloads\DropboxInstaller.exe
2014-05-12 22:15 - 2010-05-17 00:16 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-12 22:14 - 2014-05-12 22:14 - 00918672 _____ (Google Inc.) C:\Users\Kunal\Downloads\GoogleEarthSetup.exe
2014-05-12 22:13 - 2010-05-17 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-12 22:08 - 2014-05-12 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-12 22:08 - 2014-05-12 22:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-12 22:08 - 2010-09-18 13:34 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Malwarebytes
2014-05-12 22:08 - 2010-09-18 13:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 22:08 - 2010-09-18 13:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-12 22:07 - 2014-05-12 22:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kunal\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-12 22:06 - 2014-05-12 22:06 - 00000000 ____D () C:\ProgramData\LightScribe
2014-05-12 22:00 - 2013-05-06 18:31 - 00118840 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-05-12 21:58 - 2013-05-06 04:27 - 00118840 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-05-12 21:56 - 2014-01-17 11:01 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-05-12 21:47 - 2014-05-12 21:47 - 00001062 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-05-12 21:47 - 2010-09-03 20:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-05-12 21:46 - 2014-02-02 00:56 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\RealNetworks
2014-05-12 21:46 - 2010-09-10 11:57 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Real
2014-05-12 21:45 - 2014-05-12 21:45 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-05-12 21:45 - 2014-05-12 21:45 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-05-12 21:45 - 2014-05-12 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-05-12 21:45 - 2010-09-10 11:57 - 00000000 ____D () C:\Program Files (x86)\Real
2014-05-12 21:44 - 2014-05-12 21:44 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-05-12 21:44 - 2014-05-12 21:44 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-05-12 21:44 - 2010-09-10 11:57 - 00000000 ____D () C:\ProgramData\Real
2014-05-12 21:43 - 2014-05-12 21:43 - 00505416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2014-05-12 21:43 - 2014-05-12 21:43 - 00353864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2014-05-12 21:41 - 2014-05-12 21:40 - 00000000 ____D () C:\Program Files\WinRAR
2014-05-12 21:40 - 2014-05-12 21:40 - 01917376 _____ () C:\Users\Kunal\Downloads\winrar-x64-51b4.exe
2014-05-12 21:37 - 2010-11-03 15:47 - 00000000 ____D () C:\Users\Kunal\AppData\Local\Apple Computer
2014-05-12 21:35 - 2014-02-06 07:26 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Vertcoin
2014-05-12 21:34 - 2012-05-11 12:03 - 00003206 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-674566640-1698649700-413755185-1001
2014-05-12 21:34 - 2012-04-17 08:58 - 00003340 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-674566640-1698649700-413755185-1001
2014-05-12 21:32 - 2011-03-20 06:46 - 00000000 ____D () C:\Program Files (x86)\Tidebreak
2014-05-12 21:28 - 2011-01-03 13:03 - 00000600 _____ () C:\Users\Kunal\AppData\Roaming\winscp.rnd
2014-05-12 19:14 - 2011-09-06 04:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-05-12 19:03 - 2010-09-03 15:54 - 00000000 ____D () C:\ProgramData\Skype
2014-05-12 19:01 - 2013-06-06 08:04 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-05-12 19:01 - 2013-06-06 08:04 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-05-12 18:58 - 2011-12-10 09:27 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-05-12 18:58 - 2011-12-10 09:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-05-12 18:57 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\Registration
2014-05-12 18:41 - 2014-05-12 18:41 - 01678496 _____ (Skype Technologies S.A.) C:\Users\Kunal\Downloads\SkypeSetup.exe
2014-05-12 18:40 - 2010-09-03 15:54 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Skype
2014-05-12 18:37 - 2010-09-10 16:37 - 00000000 ____D () C:\ProgramData\HP
2014-05-12 18:35 - 2012-05-05 22:28 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-05-12 18:34 - 2013-09-22 00:40 - 00000000 ____D () C:\ProgramData\Garmin
2014-05-12 18:28 - 2012-11-08 10:33 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-05-12 18:25 - 2012-11-08 10:33 - 00000000 ____D () C:\ProgramData\Samsung
2014-05-12 16:06 - 2013-02-17 09:44 - 00000000 ____D () C:\AllShare Play
2014-05-12 16:01 - 2012-05-05 07:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 15:24 - 2014-05-12 15:24 - 00001045 _____ () C:\Users\Kunal\Desktop\Firefox.lnk
2014-05-11 23:56 - 2014-05-11 23:47 - 00016700 _____ () C:\Users\Kunal\Desktop\Jenny - Colleges.xlsx
2014-05-11 16:55 - 2011-03-25 05:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-11 16:43 - 2014-05-11 16:43 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-11 16:43 - 2014-05-11 16:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-11 16:43 - 2014-05-11 16:43 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-11 16:43 - 2014-05-11 16:43 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-05-11 16:40 - 2010-05-16 23:29 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-11 16:38 - 2014-05-11 16:38 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-11 16:38 - 2014-05-11 16:38 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-11 16:38 - 2014-05-11 16:38 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-11 16:38 - 2014-05-11 16:38 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-11 16:38 - 2013-11-01 08:20 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-11 16:37 - 2014-05-11 16:34 - 30818216 _____ (Oracle Corporation) C:\Users\Kunal\Downloads\jre-7u55-windows-x64.exe
2014-05-11 16:34 - 2014-05-11 16:32 - 29164456 _____ (Oracle Corporation) C:\Users\Kunal\Downloads\jre-7u55-windows-i586.exe
2014-05-11 16:28 - 2014-05-11 16:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-10 16:14 - 2014-05-10 16:11 - 00000000 ____D () C:\Users\Kunal\Downloads\MinesweeperX__1.15
2014-05-10 16:09 - 2014-05-10 16:09 - 00228788 _____ () C:\Users\Kunal\Downloads\MinesweeperX__1.15.zip
2014-05-09 23:06 - 2010-09-10 11:48 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 23:06 - 2010-09-10 11:48 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 20:36 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\rescache
2014-05-09 11:44 - 2014-05-14 13:39 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 11:41 - 2014-05-14 13:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 17:34 - 2010-12-11 05:10 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Nitro PDF
2014-05-08 17:18 - 2014-05-08 17:18 - 00894464 _____ () C:\Users\Kunal\Downloads\StarToken.msi
2014-05-08 17:09 - 2014-05-08 17:09 - 01130024 _____ (BillP Studios) C:\Users\Kunal\Downloads\wpsetup (2).exe
2014-05-08 17:09 - 2014-01-17 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2014-05-08 17:09 - 2012-07-16 01:38 - 00000000 ____D () C:\ProgramData\InstallMate
2014-05-08 17:06 - 2010-09-20 00:34 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001UA
2014-05-08 17:06 - 2010-09-20 00:34 - 00003486 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-674566640-1698649700-413755185-1001Core
2014-05-08 01:36 - 2014-05-01 18:58 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 __SHD () C:\Users\Kunal\AppData\Local\EmieUserList
2014-05-08 01:11 - 2014-05-08 01:11 - 00000000 __SHD () C:\Users\Kunal\AppData\Local\EmieSiteList
2014-05-07 23:40 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-07 16:39 - 2012-05-21 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-06 10:10 - 2014-05-15 01:13 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 09:47 - 2014-05-15 01:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 08:55 - 2014-05-15 01:13 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 08:37 - 2014-05-15 01:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 08:30 - 2014-05-15 01:13 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 07:40 - 2014-05-15 01:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 17:30 - 2012-06-09 04:12 - 00001309 _____ () C:\Users\Kunal\AppData\Roaming\Rim.Transcoder.Exception.log
2014-05-05 17:30 - 2011-06-17 07:52 - 00004697 _____ () C:\Users\Kunal\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-05-05 17:30 - 2010-10-09 10:25 - 00058172 _____ () C:\Users\Kunal\AppData\Roaming\Rim.Desktop.Exception.log
2014-05-05 16:15 - 2014-05-05 16:15 - 00003152 _____ () C:\Windows\System32\Tasks\{73395473-35BD-4CF8-8C83-87F5704803E9}
2014-05-05 14:05 - 2014-05-05 14:05 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\DropboxMaster
2014-05-02 15:27 - 2014-04-19 16:11 - 00008896 _____ () C:\Users\Kunal\Desktop\Total Hisaab.xlsx
2014-05-02 13:03 - 2011-01-19 03:11 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKunal
2014-05-02 13:03 - 2011-01-19 03:11 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForKunal.job
2014-05-01 19:12 - 2014-05-01 18:58 - 00000000 ____D () C:\Users\Kunal\AppData\Local\Plex Media Server
2014-05-01 18:58 - 2014-05-01 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2014-05-01 18:57 - 2014-05-01 18:57 - 00000000 ____D () C:\Program Files (x86)\Plex
2014-05-01 18:55 - 2014-05-01 18:55 - 00002118 _____ () C:\Users\Kunal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-05-01 18:53 - 2014-05-01 18:48 - 63290992 _____ (Plex, Inc.) C:\Users\Kunal\Downloads\Plex-Media-Server-0.9.907.429-f80a8d6-en-US.exe
2014-05-01 15:43 - 2010-09-09 23:39 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
2014-05-01 15:43 - 2010-09-09 23:39 - 00000000 ____D () C:\Program Files\Paint.NET
2014-04-25 20:40 - 2013-02-05 14:45 - 00000000 ____D () C:\ProgramData\Moborobo
2014-04-24 21:41 - 2014-04-24 21:32 - 00000000 ____D () C:\Program Files (x86)\Excel Save Each Row, Column or Cell As Text or Excel File Software
2014-04-24 21:30 - 2014-04-24 21:29 - 10444473 _____ (Sobolsoft ) C:\Users\Kunal\Downloads\setup.exe
2014-04-22 20:45 - 2014-04-22 20:18 - 50286720 _____ () C:\Users\Kunal\Downloads\NokiaSoftwareUpdaterSetup_EN_US.exe
2014-04-22 20:45 - 2014-04-22 20:13 - 00000000 ____D () C:\ProgramData\Installations
2014-04-22 20:18 - 2014-04-22 20:16 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Nokia
2014-04-22 20:17 - 2014-04-22 20:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2014-04-22 20:17 - 2014-04-22 20:16 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\PC Suite
2014-04-22 20:17 - 2014-04-22 20:16 - 00000000 ____D () C:\ProgramData\PC Suite
2014-04-22 20:16 - 2014-04-22 20:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2014-04-22 20:15 - 2014-04-22 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2014-04-22 20:15 - 2014-04-22 20:15 - 00000000 ____D () C:\Program Files\DIFX
2014-04-22 20:15 - 2014-04-22 20:15 - 00000000 ____D () C:\Program Files (x86)\PC Connectivity Solution
2014-04-22 20:15 - 2014-04-22 20:14 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-04-22 20:15 - 2010-07-20 13:45 - 00091778 _____ () C:\Windows\DPINST.LOG
2014-04-22 20:12 - 2014-04-22 20:07 - 67963216 _____ () C:\Users\Kunal\Downloads\Nokia_PC_Suite_ALL.exe
2014-04-22 17:34 - 2014-04-22 17:34 - 36221841 _____ () C:\Users\Kunal\Downloads\Files_downloaded_by_AirDroid (1).zip
2014-04-22 17:34 - 2014-04-22 17:34 - 00000254 _____ () C:\Users\Kunal\Downloads\Files_downloaded_by_AirDroid.zip
2014-04-22 16:45 - 2014-04-22 16:45 - 00000000 ____D () C:\ProgramData\91 Harbor
2014-04-22 16:28 - 2014-04-22 16:28 - 00024136 _____ () C:\Users\Kunal\Downloads\Helium Backup Extractor-SOURCE.zip
2014-04-22 15:29 - 2013-02-10 01:43 - 00000000 ____D () C:\Users\Kunal\Documents\moborobo
2014-04-22 15:29 - 2013-02-05 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo
2014-04-22 15:29 - 2013-02-05 14:45 - 00000000 ____D () C:\Program Files (x86)\Moborobo
2014-04-22 14:21 - 2013-06-06 09:05 - 00000000 ____D () C:\Users\Kunal\AppData\Roaming\Nitro

Files to move or delete:
====================
C:\ProgramData\ISTask.dll


Some content of TEMP:
====================
C:\Users\Kunal\AppData\Local\Temp\AskSLib.dll
C:\Users\Kunal\AppData\Local\Temp\avgnt.exe
C:\Users\Kunal\AppData\Local\Temp\aw1qngax.dll
C:\Users\Kunal\AppData\Local\Temp\bitool.dll
C:\Users\Kunal\AppData\Local\Temp\certutil.exe
C:\Users\Kunal\AppData\Local\Temp\Checkupdate.exe
C:\Users\Kunal\AppData\Local\Temp\DivXSetup.exe
C:\Users\Kunal\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpybqq0x.dll
C:\Users\Kunal\AppData\Local\Temp\dsNCInst64.exe
C:\Users\Kunal\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Kunal\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Kunal\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Kunal\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Kunal\AppData\Local\Temp\lowproc.exe
C:\Users\Kunal\AppData\Local\Temp\msvcr71.dll
C:\Users\Kunal\AppData\Local\Temp\nitro_pro8_x64.exe
C:\Users\Kunal\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\Kunal\AppData\Local\Temp\nls-checker-xp.exe
C:\Users\Kunal\AppData\Local\Temp\nls-smart-installer-xp.exe
C:\Users\Kunal\AppData\Local\Temp\nspr4.dll
C:\Users\Kunal\AppData\Local\Temp\nss3.dll
C:\Users\Kunal\AppData\Local\Temp\ose00000.exe
C:\Users\Kunal\AppData\Local\Temp\plc4.dll
C:\Users\Kunal\AppData\Local\Temp\plds4.dll
C:\Users\Kunal\AppData\Local\Temp\RemoteMouse.exe
C:\Users\Kunal\AppData\Local\Temp\rrgkbdiy.dll
C:\Users\Kunal\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Kunal\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Kunal\AppData\Local\Temp\sfextra.dll
C:\Users\Kunal\AppData\Local\Temp\smime3.dll
C:\Users\Kunal\AppData\Local\Temp\softokn3.dll
C:\Users\Kunal\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Kunal\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Kunal\AppData\Local\Temp\VSUSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 20:24

==================== End Of Log ============================


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:08 PM

Posted 22 May 2014 - 05:44 PM

Hello again, :)
 
There are various sources of Group Policy restrictions that can be enforced on a machine. In your case, you have the following software installed:

CryptoPrevent v3.0.0

The purpose of this software is preventing CryptoLocker Ransomeware from infecting your system. You can read about the infection here: http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
 
And information about the (outdated) software you're using to prevent this infection can be found here: http://www.foolishit.com/vb6-projects/cryptoprevent/
 
==========
 
There are a few things you could do to try and get around this issue:

  • Update the CryptoPrevent software to the latest version
  • Add a whitelist to CryptoPrevent to allow changes/modifications to certain programs or file/folder locations
  • Temporarily disable CryptoPrevent to uninstall µTorrent

==========
 
Now, I'd like to give you some information based on what I'm seeing in your logs:

:step1:
 
Firstly, I see you have more than one antivirus software installed on your machine:

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore I'd recommend you go to Programs and Features, and uninstall Avira.
 
:step2:

I'm glad you're trying to remove µTorrent...here is some information about that:
 
µTorrent is a P2P file sharing program.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected.

:step3:

Online Gaming Warning!

Online gaming sites are a security risk which can make your computer susceptible to a large number of malware infections, remote attacks, exposure of personal information, and identity theft. They can lead to other sites containing malware which you can inadvertently download without knowledge. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Gaming sites can put you at risk to fraud, phishing and theft of personal data. Even if the gaming site is a clean site, there is always the potential of some type of malware making its way there and then onto your system. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. In those cases, recovery is not possible and the only option is to reformat/reinstall the OS.

More specifically, I noticed you had WildTangent on your computer.
WildTangent Program Warning

Wild Tangent is a video game software company specializing in online games. It has even made a partnership with AOL to include itself as part of the AOL Instant Messenger for their AIM games section. The WildTangent Web Driver is their technology that allows you to play 3D games over the Internet. Although its not technically considered spyware it does have built in components to update itself and gather information about the computer system including:

  • Operating System Version
  • CPU Type and Speed
  • Memory Amount
  • Video Card type and Driver Version
  • Sound Card type and Driver Version
  • DirectX Version
  • Location that the Web Driver was installed from
  • For that reason I would suggest you uninstalled it via add/remove.

Reboot after the uninstallation.<- Important.

====================

 

See what you'd like to do about my suggestions regarding your CryptoPrevent software, and the other suggestions, and let me know how that goes! :thumbup2:

 

bloopie



#9 kunalthechamp

kunalthechamp
  • Topic Starter

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:38 PM

Posted 23 May 2014 - 02:25 AM

Bloopie thanks for reviewing my logs. I'm such a dumb#$@# lol, I forgot I had Cryptoprevent installed. Disabling it worked perfectly. WildTangent came with the laptop from HP. Never used it never will, uninstalled. Yes I hate P2P clients too, someone else installed it while my laptop was unattended.

Questions:

What is the best Real time antivirus according to you? You suggested uninstalling Avira, will MSE do fine?

 

Now that we have this issue sorted, I'll move on to my other issues that I am facing, if you dont mind:

 

1) Long time to go from the windows startup screen to login screen and long time to go from login screen to desktop. This issue must have started very recently, maybe a week back.

 

2) My USB ports dont work. This issue is since a year at the least. I did get them to work in between by changing power management or something, but I cant get them to work again. USB drives work erratically, detecting when they feel like it, wireless USB mouse works fine too which I have plugged in forever now. Hard drives almost always are never detected. I did find a workaround once was to plug in the hard drive, put the computer to sleep and log back in

 

3) External hard drives dont stop spinning even after safely ejecting them. I cringe everytime I have to plug them out while they are still spinning always scared for my data!

 

4) I almost never paid attention to this message from Windows action center until yesterday:

   Windows

Problem: Video hardware error

Files that help describe the problem:

WD-20120801-2322.dmp

sysdata.xml

WERInternalMetadata.xml

View a temporary copy of these files

Warning: If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.

 

I did update the graphics driver from the Intel website, not sure if this issue still exists.

 

5) Since two days back: Windows has detected an IP conflict, this popped up almost every two hours, nothing since the last five hours. What are the possible causes for this? This sorted itself out, as in the popup used to come and disappear automatically

 

Sorry for the bombarding, but I dont want to lose your attention while I have it :)

 

Thanks.


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:08 PM

Posted 23 May 2014 - 05:52 PM

Hello again Kunal,

 

Bloopie thanks for reviewing my logs.

It's my pleasure! :thumbup2:

 

What is the best Real time antivirus according to you? You suggested uninstalling Avira, will MSE do fine?

Which one is best, is certainly debatable. It really depends on which software works best for you and your habits. You are completely fine keeping either one. Personally, I like MSE because it's quite user friendly, and doesn't take up a lot of resources to run. I see you have some games installed, so a low resource AV protection is probably best for you (and that's the reason I suggested to uninstall the other).

 

MSE will also never give you a nag screen asking you to upgrade to the "paid" version, and on top of all of that, it's quite user friendly because it's very easy to use. ...But you may certainly keep whichever one you are more comfortable with. :wink:

 

==========

 

I noticed you have many different items disabled in msconfig:

 

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AntiVirSchedulerService => 2
MSCONFIG\Services: AntiVirService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: CLMLServer_For_P2G9 => "C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: Remote Mouse => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\realplayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: VSee => "C:\Users\Kunal\AppData\Roaming\VSeeInstall\vsee.exe" -quiet_start

Is there any reason for these?

 

 

==========

 

I hate to say it, but unfortunately, the rest of your issues are not my area of expertise, and I don't want to send you on a wild goose chase checking things that may or may not be the right way to go. I'd prefer to just make sure your machine is malware free (this is the malware removal sub-forum), and then send you over to the other forums for the best help from our staff that better fits your situation. I'd just like to run another scan to check for any leftovers that don't show up in the logs.

 

But don't worry, I know you've already been waiting a while for help here and as soon as we're finished here, I will post a note to the staff to make sure your other issues get looked at in a timely fashion. Sound good? :)

 

====================

 

I see you have Malwarebytes Antimalware (aka MBAM) installed. I'd like you to update it, run a quick scan (removing anything it finds), and paste the resultant log in your next reply for review.

 

==========

 

Once I see the latest MBAM log, and am confident we don't need to go any further in this forum, I'll ask you to post a new topic in the forum of your operating system (Windows 7), then post back here once more with a link to your new topic. Then I'll post a note to the rest of the staff and you should get a response fairly quickly on your other issues. Is that okay with you? :)

 

bloopie



#11 kunalthechamp

kunalthechamp
  • Topic Starter

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:38 PM

Posted 24 May 2014 - 01:46 AM

The games came with the computer, never am going to use them. Avira out, MSE in :)

I disabled the startup services to have a faster load time, my computer behaves better with these startup programs disabled, otherwise it takes super long after the desktop loads. i don't really need these programs at startup but I open them when I need any program.

 

Thanks for being honest, I feel special with all that you are offering to do, lol. Here's my MBAM log: (I ignored two exe's that I knew were safe, one is a file unlocker by File Hippo and the other a setup for WinZip 18)

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 24/05/14
Scan Time: 12:14:08 PM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.24.01
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kunal

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 380269
Time Elapsed: 1 hr, 38 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 3
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct3297861, Quarantined, [1021da7b5b20bb7b1f2ef28436cc45bb],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct2504091, Quarantined, [e44d7dd8d8a3be7852fbbfb756acb14f],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct3288691, Quarantined, [8ba687ce9fdc21159bb262147a888b75],

Files: 11
PUP.Optional.Babylon.A, C:\Users\Kunal\Downloads\Unlocker1.9.2(1).exe, No Action By User, [56dbdb7a8eede15589d6c83eab56ad53],
PUP.Optional.InstallCore.A, C:\Users\Kunal\Downloads\winzip18.exe, No Action By User, [e948292c6219a5918ea652f8db29a15f],
PUP.Optional.Somoto, C:\Users\Kunal\AppData\Local\Temp\nsmF4BE.tmp, Quarantined, [9b96ce87106bc1751904d90d9b6822de],
PUP.Optional.Somoto, C:\Users\Kunal\AppData\Local\Temp\bitool.dll, Quarantined, [e948b0a5671465d18a0722ed956df30d],
PUP.Optional.BMiner, C:\Users\Kunal\AppData\Local\Temp\Temp1_xptminer.zip\64bit\xptMiner.exe, Quarantined, [e05105507209e0565d04f592ce336898],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct3297861\chromeid.txt, Quarantined, [1021da7b5b20bb7b1f2ef28436cc45bb],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct3297861\setup.ini.txt, Quarantined, [1021da7b5b20bb7b1f2ef28436cc45bb],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct2504091\ism.exe, Quarantined, [e44d7dd8d8a3be7852fbbfb756acb14f],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct3288691\chromeid.txt, Quarantined, [8ba687ce9fdc21159bb262147a888b75],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct3288691\ism.exe, Quarantined, [8ba687ce9fdc21159bb262147a888b75],
PUP.Optional.Conduit.A, C:\Users\Kunal\AppData\Local\Temp\ct3288691\setup.ini.txt, Quarantined, [8ba687ce9fdc21159bb262147a888b75],

Physical Sectors: 0
(No malicious items detected)


(end)


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:08 PM

Posted 24 May 2014 - 10:37 AM

Hello again,

 

I ignored two exe's that I knew were safe, one is a file unlocker by File Hippo and the other a setup for WinZip 18

As of now, safe...but on the contrary, that file unlocker is part of Babylon software which is a Potentially Unwanted Program. ...And that WinZip setup file is part of InstallCore...a Potentially Unwanted Application. Also, once setup, you no longer need the setup file of a program. As of now, the WinZip setup file is a leftover and should not be kept. Anytime you want to re-install the program, you will still have to download the new installer file anyway. :wink:

 

...All in all, they are not terribly harmful to leave on your system...this was really just some "FYI" for ya! :)

 

==========

 

Now, back to business:

 

I disabled the startup services to have a faster load time, my computer behaves better with these startup programs disabled, otherwise it takes super long after the desktop loads. i don't really need these programs at startup but I open them when I need any program.

All of these programs have registry startup locations that we can remove, so that they won't start and load when the computer starts. Msconfig is primarily used for troubleshooting, and it's best to keep msconfig at a "normal boot" unless you have boot issues.

 

This is really up to you, but If you'd like, we can easily remove these registry entries using FRST as well. Just enable all of them in msconfig (or just set the computer to boot "normal" from msconfig) so that their lines will show up in the log, then run a fresh scan with FRST, and copy/paste the latest log in your next reply. I will then provide you with a script to remove only the startup registry entries for those programs, and you will no longer need to use msconfig for that purpose.

 

==========

 

If you'd like to skip clearing msconfig like I mentioned above, then you're free to create a new topic about your other problems in the Windows 7 forum. Just reply back with a link to your new topic, and I will ask for someone else to look at it. I'll close this topic once your new topic is created. :thumbup2:

 

bloopie



#13 kunalthechamp

kunalthechamp
  • Topic Starter

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:38 PM

Posted 25 May 2014 - 08:57 AM

Both exe's deleted, thanks for offering to stick around to remove the registry entries, I think I'll pass that offer and have my other issues solved :)

The link:

http://www.bleepingcomputer.com/forums/t/535462/multiple-windows-issues/


If I am helping you with a problem and I have not responded within 48 hours please send me a PM.

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:08 PM

Posted 25 May 2014 - 10:08 AM

Hello again,

 

It's my pleasure! :wink:

 

I have posted a note in the staff forum and wish you the best of luck! If you have not received a reply to your new topic in two days (worst case scenario), please send me a PM.

 

Stay safe and best regards,

 

bloopie



#15 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:12:08 PM

Posted 25 May 2014 - 11:21 AM

Since this issue is not malware related, I'm closing this topic. If you feel that is not the case, and you want or need this topic re-opened, please send me a PM and I will open it for you. Any other issues, please begin a new topic.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users