Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware adversiments.


  • This topic is locked This topic is locked
6 replies to this topic

#1 BRK1

BRK1

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 18 March 2015 - 10:52 AM

i am being redirected to advertisement sites from my mobile and pc and my mobile browser keeps saying "your device has been infected" as a pop up and my pc norton internet security showed some intrusion  which showed malvertisement website redirect 9 along with the following ip : 185.75.56.52. had a similar problem with russian adds before and had adds all over my pc, mobile , laptop  :http://www.bleepingcomputer.com/forums/t/558831/russian-pop-up-virus-along-with-text-enhancements-etc/. still think its a problem with my network : ran farbar have the 2 texts:



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:03 AM

Posted 18 March 2015 - 03:58 PM

Hello BRK1 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
---------------------------------------------------------------------------------------------------------
 
Please do the following.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Good day.

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 olgun52

olgun52

  • Malware Response Team
  • 3,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:03 AM

Posted 21 March 2015 - 08:25 AM

4 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 24 hours, this thread will be closed due to inactivity.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#4 BRK1

BRK1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 22 March 2015 - 08:14 AM

hi sorry. i ran adw cleaner and it removed the malware or what ever it was form my laptop but my other devices still have the malware i think. i think its  in the network/modem ( if that's possible maybe my network has been hacked as i thought before). when ever i open any stuff in my android it automatically redirects with pop ups to some porn sies or so. the logs are as below. THe virus is still redirecting on browsers on my PC and 2 androids only on my home wifi and not on other wifi's like my college's
 
 
FRST.log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by RADHAKRISHNA (administrator) on BRK on 18-03-2015 21:07:52
Running from C:\Users\RADHAKRISHNA\Downloads
Loaded Profiles: RADHAKRISHNA (Available profiles: RADHAKRISHNA & Administrator)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccsvchst.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-20] (IVT Corporation)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-03-06] ()
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\Run: [uTorrent] => C:\Users\RADHAKRISHNA\AppData\Roaming\uTorrent\uTorrent.exe [1742928 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\Run: [OneDrive] => C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\RunOnce: [Uninstall C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL13/26
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.jp.msn.com/HPALL13/26
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll [2014-11-28] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\IPS\IPSBHO.DLL [2013-04-09] (Symantec Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\coIEPlg.dll [2014-11-28] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-09-20] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 91.194.254.105 8.8.8.8
Tcpip\..\Interfaces\{21E48E2F-FD28-4B76-AE61-D56F1CA47233}: [NameServer] 203.145.160.5 203.145.160.6
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn [2015-02-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2015-03-17]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPA39F2378-39AC-40C2-8EA0-7536C3407277&SSPV="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-07]
CHR Extension: (YouTube) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-07]
CHR Extension: (Google Search) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-07]
CHR Extension: (Google Sheets) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-02-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-07]
CHR Extension: (Gmail) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-07]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2015-02-11]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx [2015-02-11]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-27] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-20] (IVT Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-13] (Hewlett-Packard)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-03-12] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20150309.001\BHDrvx64.sys [1622744 2015-02-03] (Symantec Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-03] (Ralink Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2015-03-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-02-06] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20150317.001\IDSvia64.sys [669400 2015-02-05] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20150317.001\ENG64.SYS [129752 2015-03-09] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20150317.001\EX64.SYS [2137304 2015-03-09] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1406000.01B\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1406000.01B\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1406000.01B\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1406000.01B\SymELAM.sys [23448 2012-06-21] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2015-02-07] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1406000.01B\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-18 21:07 - 2015-03-18 21:07 - 00021075 _____ () C:\Users\RADHAKRISHNA\Downloads\FRST.txt
2015-03-18 21:06 - 2015-03-18 21:06 - 02095616 _____ (Farbar) C:\Users\RADHAKRISHNA\Downloads\FRST64.exe
2015-03-18 09:46 - 2015-03-18 09:46 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\stealth_exe
2015-03-17 23:27 - 2015-03-17 23:27 - 00045901 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]ubuntu.14.10.desktop.32bit.iso.torrent
2015-03-17 22:18 - 2015-03-17 22:18 - 00611601 _____ () C:\Users\RADHAKRISHNA\Downloads\STEALTH_source_code.zip
2015-03-17 22:17 - 2015-03-17 22:18 - 00503140 _____ () C:\Users\RADHAKRISHNA\Downloads\stealth_exe.zip
2015-03-17 22:17 - 2015-03-17 22:18 - 00229501 _____ () C:\Users\RADHAKRISHNA\Downloads\tif_example.zip
2015-03-17 22:17 - 2015-03-17 22:18 - 00229501 _____ () C:\Users\RADHAKRISHNA\Downloads\example.zip
2015-03-17 22:17 - 2015-03-17 22:17 - 00021390 _____ () C:\Users\RADHAKRISHNA\Downloads\alaa_approach-pdf1.zip
2015-03-17 22:17 - 2015-03-17 22:17 - 00021390 _____ () C:\Users\RADHAKRISHNA\Downloads\alaa_approach-1.zip
2015-03-17 19:49 - 2015-03-17 19:49 - 00000022 _____ () C:\Users\RADHAKRISHNA\Downloads\boyhood-english-yify-27131.zip
2015-03-17 19:18 - 2015-03-17 19:18 - 01088905 _____ (pendrivelinux.com) C:\Users\RADHAKRISHNA\Downloads\Universal-USB-Installer-1.9.5.9.exe
2015-03-17 19:05 - 2015-03-17 19:05 - 00018632 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]wonder.women.2011.so1eo1.pilot.pdtv.xvid.torrent
2015-03-17 18:47 - 2015-03-17 18:47 - 00003760 _____ () C:\{79F4A323-2F37-4DF0-9267-F780AE73896E}
2015-03-17 12:11 - 2015-03-17 12:11 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-03-17 09:43 - 2015-03-17 09:43 - 00101879 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]buffy.the.vampire.slayer.seasons.1.2.3.mp4.complete.torrent
2015-03-16 08:52 - 2015-03-16 09:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Infomation
2015-03-15 23:30 - 2015-03-15 23:30 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\flandmark-master
2015-03-15 23:20 - 2015-03-15 23:22 - 13580592 _____ () C:\Users\RADHAKRISHNA\Downloads\flandmark-master.zip
2015-03-15 15:15 - 2014-06-10 03:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-15 15:15 - 2014-06-10 03:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-15 14:57 - 2015-02-21 06:46 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-15 14:57 - 2015-02-21 05:55 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-15 14:57 - 2015-02-20 08:02 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-15 14:57 - 2015-02-20 07:13 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-15 14:56 - 2015-02-21 06:11 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-15 14:56 - 2015-02-21 05:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-15 14:56 - 2015-02-21 05:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-15 14:56 - 2015-02-21 05:28 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-15 14:56 - 2015-02-21 05:02 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-15 14:56 - 2015-02-20 08:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-15 14:56 - 2015-02-20 08:18 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-15 14:56 - 2015-02-20 08:17 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-15 14:56 - 2015-02-20 08:05 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-15 14:56 - 2015-02-20 08:04 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-15 14:56 - 2015-02-20 07:39 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-15 14:56 - 2015-02-20 07:37 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-15 14:56 - 2015-02-20 07:36 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-15 14:56 - 2015-02-20 07:35 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-15 14:56 - 2015-02-20 07:33 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-15 14:56 - 2015-02-20 07:29 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-15 14:56 - 2015-02-20 07:26 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-15 14:56 - 2015-02-20 07:22 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-15 14:56 - 2015-02-20 07:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-15 14:56 - 2015-02-20 07:19 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-15 14:56 - 2015-02-20 07:16 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-15 14:56 - 2015-02-20 07:00 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-15 14:56 - 2015-02-20 07:00 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-15 14:56 - 2015-02-20 06:59 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-15 14:56 - 2015-02-20 06:58 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-15 14:56 - 2015-02-20 06:56 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-15 14:56 - 2015-02-20 06:54 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-15 14:56 - 2015-02-20 06:54 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-15 14:56 - 2015-02-20 06:46 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-15 14:56 - 2015-02-20 06:33 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-15 14:56 - 2015-02-20 06:31 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-15 14:56 - 2015-02-20 06:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-15 14:56 - 2015-02-20 06:25 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-15 14:56 - 2015-01-27 09:52 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-15 14:56 - 2015-01-27 07:41 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-15 14:55 - 2015-01-30 07:32 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-15 14:55 - 2015-01-30 07:10 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-15 14:55 - 2015-01-30 07:07 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-15 14:55 - 2015-01-30 06:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-15 14:55 - 2015-01-30 06:54 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-15 14:55 - 2015-01-30 06:46 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-15 14:55 - 2015-01-30 06:38 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-15 14:55 - 2015-01-30 06:36 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-15 11:02 - 2015-02-13 07:08 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-15 11:02 - 2015-02-13 06:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-15 10:53 - 2014-11-10 04:49 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-03-15 10:53 - 2014-11-10 04:49 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-03-15 10:53 - 2014-11-10 04:48 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-03-15 10:53 - 2014-11-10 04:48 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-03-15 10:47 - 2015-03-15 10:47 - 00071636 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]wonder.woman.1975.complete.season.1.1080p.web.dl.aac.2.0.h264.rarbg.torrent
2015-03-15 10:47 - 2015-03-15 10:47 - 00071636 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]wonder.woman.1975.complete.season.1.1080p.web.dl.aac.2.0.h264.rarbg (1).torrent
2015-03-15 10:46 - 2015-03-15 10:46 - 00014892 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]wonder.woman.2009.720p.brrip.x264.yify.torrent
2015-03-15 10:31 - 2014-07-24 08:50 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-03-15 10:31 - 2014-07-24 08:50 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-03-15 10:25 - 2015-01-28 07:01 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-15 10:25 - 2015-01-28 06:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-15 10:25 - 2015-01-21 11:24 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-15 10:25 - 2015-01-21 10:45 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-15 10:12 - 2015-02-12 23:10 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-15 10:12 - 2015-02-12 23:04 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-15 10:12 - 2015-01-30 00:15 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-15 10:12 - 2015-01-30 00:04 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-15 10:04 - 2015-01-28 05:17 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-15 10:04 - 2015-01-28 05:11 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-15 09:51 - 2015-02-08 05:27 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-15 09:51 - 2015-02-08 05:19 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-15 09:22 - 2014-12-11 11:06 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-14 20:41 - 2015-03-14 20:41 - 00000015 _____ () C:\Users\RADHAKRISHNA\Downloads\questions.txt
2015-03-14 20:02 - 2015-03-14 20:02 - 00012193 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]billboard.hot.100.singles.chart.21st.march.2015.itake.glodls.torrent
2015-03-14 20:01 - 2015-03-14 20:01 - 00008952 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]wild.2014.720p.brrip.x264.yify.torrent
2015-03-14 20:01 - 2015-03-14 20:01 - 00007801 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]song.one.2014.720p.brrip.x264.yify.torrent
2015-03-14 19:14 - 2015-03-14 19:14 - 00010066 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]the.big.bang.theory.s08e17.hdtv.x264.lol.ettv.torrent
2015-03-14 19:14 - 2015-03-14 19:14 - 00009965 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]the.big.bang.theory.s08e16.hdtv.x264.lol.ettv.torrent
2015-03-14 19:12 - 2015-03-14 19:12 - 00010286 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]the.big.bang.theory.s08e18.hdtv.x264.lol.ettv.torrent
2015-03-13 08:57 - 2015-03-13 08:57 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\CP_RichNguyen_Project
2015-03-12 08:57 - 2015-03-11 21:13 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-12 08:56 - 2015-03-12 08:56 - 00000000 ____D () C:\Windows.old
2015-03-12 08:55 - 2015-03-12 08:55 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-03-12 08:55 - 2015-03-12 08:55 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-12 08:53 - 2015-03-12 08:53 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-12 08:53 - 2015-03-12 08:53 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-12 08:52 - 2015-03-12 08:52 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-03-12 08:52 - 2015-03-12 08:52 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-03-12 08:52 - 2015-03-12 08:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-03-12 08:52 - 2015-03-12 08:52 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-12 08:51 - 2015-03-12 08:51 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-03-12 08:50 - 2015-03-12 08:50 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-03-12 08:50 - 2015-03-12 08:50 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-03-12 08:50 - 2015-03-12 08:50 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-03-12 08:50 - 2015-03-12 08:50 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-03-12 08:50 - 2015-03-12 08:50 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-03-12 08:50 - 2015-03-12 08:50 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-03-12 08:49 - 2015-03-12 08:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-03-12 08:48 - 2015-03-12 08:48 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-03-12 08:47 - 2015-03-12 08:47 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\inetpub
2015-03-12 08:42 - 2013-08-03 10:18 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:18 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:11 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:11 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-11 21:20 - 2015-03-18 19:44 - 00000000 __RDO () C:\Users\RADHAKRISHNA\OneDrive
2015-03-11 21:15 - 2015-03-13 23:11 - 00003100 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3785010019-2192401253-1565588363-1002
2015-03-11 21:13 - 2015-03-11 21:13 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2015-03-11 21:12 - 2015-03-11 21:12 - 00001744 _____ () C:\{47844396-8A1E-40F3-B4D7-3FC2ED162933}
2015-03-11 21:12 - 2015-03-11 21:12 - 00001446 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-11 21:07 - 2015-03-11 21:07 - 00000020 ___SH () C:\Users\RADHAKRISHNA\ntuser.ini
2015-03-11 21:07 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2015-03-11 20:44 - 2015-03-11 20:44 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-11 20:16 - 2015-03-11 20:16 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 19:59 - 2015-03-11 19:59 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-11 19:56 - 2015-03-16 16:18 - 00000000 ____D () C:\Users\RADHAKRISHNA
2015-03-11 19:56 - 2015-03-11 20:48 - 00036198 _____ () C:\WINDOWS\diagwrn.xml
2015-03-11 19:56 - 2015-03-11 20:48 - 00036198 _____ () C:\WINDOWS\diagerr.xml
2015-03-11 19:56 - 2015-03-11 20:37 - 00000000 ____D () C:\Users\Administrator
2015-03-11 19:56 - 2015-03-11 19:58 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 19:56 - 2015-03-11 19:57 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-11 19:56 - 2013-08-22 21:06 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-11 19:56 - 2013-08-22 21:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-11 19:42 - 2015-03-11 19:42 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-03-11 19:40 - 2015-03-11 19:58 - 00012096 _____ () C:\WINDOWS\iis.log
2015-03-11 19:37 - 2015-03-11 19:37 - 00060601 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201503111937207258.log
2015-03-11 19:37 - 2015-03-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-03-11 19:36 - 2015-03-11 20:06 - 00000000 ____D () C:\ProgramData\AMD
2015-03-11 19:36 - 2015-03-11 19:36 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-03-11 19:35 - 2015-03-11 19:36 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-03-11 19:35 - 2015-03-11 19:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-11 19:33 - 2015-03-11 19:33 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-03-11 19:33 - 2015-03-11 19:33 - 00001364 _____ () C:\WINDOWS\system32\RaCoInst.log
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-11 19:33 - 2012-08-20 11:15 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-03-11 19:33 - 2012-08-20 11:15 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2015-03-11 19:33 - 2012-08-20 11:15 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-03-11 19:33 - 2011-05-03 03:57 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2015-03-11 19:32 - 2015-03-18 20:13 - 01116692 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-11 19:32 - 2015-03-11 20:25 - 00000000 ____D () C:\Program Files\IDT
2015-03-11 19:32 - 2015-03-11 19:32 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-11 19:31 - 2015-03-11 19:31 - 00000000 ____D () C:\Program Files\AMD
2015-03-10 23:25 - 2015-03-10 23:28 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\New folder
2015-03-10 22:14 - 2015-03-10 22:14 - 00258163 _____ () C:\Users\RADHAKRISHNA\Downloads\The Hitchhiker's Guide to the Galaxy.epub
2015-03-10 20:47 - 2015-03-10 20:47 - 00016705 _____ () C:\Users\RADHAKRISHNA\Downloads\AckSlip.aspx.html
2015-03-10 20:47 - 2015-03-10 20:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\AckSlip.aspx_files
2015-03-09 22:27 - 2015-03-09 22:27 - 00003760 _____ () C:\{FCB07820-B39A-4DE0-B146-DF641DF71554}
2015-03-09 20:52 - 2015-03-09 20:52 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\NBGI
2015-03-07 16:43 - 2015-03-13 23:11 - 00002294 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-03-07 16:42 - 2015-03-07 16:42 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-03-07 16:39 - 2015-03-07 16:39 - 00000000 ___RD () C:\Users\RADHAKRISHNA\SkyDrive
2015-03-06 18:27 - 2015-03-06 18:27 - 00020008 _____ () C:\Users\RADHAKRISHNA\Downloads\f.txt
2015-03-06 17:46 - 2015-03-06 19:33 - 00000504 _____ () C:\Users\RADHAKRISHNA\Downloads\notpron_levels.txt
2015-03-06 17:35 - 2015-03-06 19:33 - 00000789 _____ () C:\Users\RADHAKRISHNA\Downloads\notpron.txt
2015-03-06 12:28 - 2015-03-06 12:28 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\Games for Windows - LIVE Demos
2015-03-06 12:26 - 2015-03-11 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-03-06 12:26 - 2015-03-11 20:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2015-03-06 12:26 - 2015-03-06 12:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-03-06 12:23 - 2015-03-06 12:25 - 01597952 _____ () C:\Users\RADHAKRISHNA\Downloads\Chapter 1 - Keiser.ppt
2015-03-06 12:23 - 2015-03-06 12:24 - 01016832 _____ () C:\Users\RADHAKRISHNA\Downloads\Polarrization.ppt
2015-03-06 11:52 - 2015-03-06 11:53 - 00642712 _____ (Microsoft Corporation) C:\Users\RADHAKRISHNA\Downloads\gfwlivesetup.exe
2015-03-06 11:43 - 2015-03-11 20:48 - 00009714 _____ () C:\WINDOWS\comsetup.log
2015-03-06 11:39 - 2015-03-06 11:39 - 00002812 _____ () C:\Users\RADHAKRISHNA\AppData\Local\recently-used.xbel
2015-03-06 11:38 - 2015-03-06 11:38 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\gtk-2.0
2015-03-06 11:02 - 2015-03-06 11:02 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\gegl-0.2
2015-03-05 22:54 - 2015-03-05 22:54 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\NBGI
2015-03-05 20:51 - 2015-03-05 20:51 - 01665376 _____ () C:\Users\RADHAKRISHNA\Downloads\dragon.zip
2015-03-05 19:27 - 2015-03-05 20:17 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\NCH Software
2015-03-05 19:27 - 2015-03-05 19:34 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software
2015-03-05 19:27 - 2015-03-05 19:27 - 00001134 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
2015-03-05 19:27 - 2015-03-05 19:27 - 00000000 ____D () C:\ProgramData\NCH Software
2015-03-05 19:27 - 2015-03-05 19:27 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2015-03-04 22:18 - 2015-03-18 20:12 - 00004964 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for BRK-RADHAKRISHNA BRK
2015-03-04 20:51 - 2015-03-04 20:51 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Windows Live
2015-03-04 20:13 - 2015-03-04 20:17 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\vlc
2015-03-04 20:00 - 2015-03-11 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-04 19:57 - 2015-03-04 19:57 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-03-04 18:00 - 2015-03-05 06:27 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\MICROWAVE
2015-03-03 20:08 - 2015-03-18 12:43 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\DIP
2015-03-03 18:17 - 2015-03-03 18:27 - 00000023 _____ () C:\Users\RADHAKRISHNA\jagexappletviewer.preferences
2015-03-03 18:17 - 2015-03-03 18:17 - 00000000 ____D () C:\.jagex_cache_32
2015-03-03 18:05 - 2015-03-03 18:05 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2015-03-03 18:02 - 2015-03-03 18:05 - 23810048 _____ () C:\Users\RADHAKRISHNA\Downloads\RuneScape.msi
2015-03-01 18:40 - 2015-03-01 21:03 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\wireless mobile communication
2015-03-01 05:46 - 2015-03-01 05:46 - 00057683 _____ () C:\Users\RADHAKRISHNA\Downloads\Production Function (1).pptx
2015-02-28 21:04 - 2015-02-28 21:04 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\chat
2015-02-28 17:58 - 2015-02-28 17:58 - 00068920 _____ () C:\Users\RADHAKRISHNA\Downloads\importance of time element in demand theory.pptx
2015-02-28 17:58 - 2015-02-28 17:58 - 00057683 _____ () C:\Users\RADHAKRISHNA\Downloads\Production Function.pptx
2015-02-28 17:58 - 2015-02-28 17:58 - 00048829 _____ () C:\Users\RADHAKRISHNA\Downloads\importance of elasticity of demand.pptx
2015-02-28 17:51 - 2015-02-28 17:51 - 00903168 _____ () C:\Users\RADHAKRISHNA\Downloads\ELASTICITY OD DEMAND.ppt
2015-02-27 19:16 - 2015-02-27 19:17 - 03024807 _____ () C:\Users\RADHAKRISHNA\Downloads\Unit-II_ITC.pptx
2015-02-27 19:16 - 2015-02-27 19:16 - 01941606 _____ () C:\Users\RADHAKRISHNA\Downloads\Unit-I_ITC.pptx
2015-02-27 19:16 - 2015-02-27 19:16 - 00773857 _____ () C:\Users\RADHAKRISHNA\Downloads\ITC_Unit-III.pptx
2015-02-25 22:15 - 2015-03-02 19:05 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\computer communications
2015-02-24 08:32 - 2015-03-16 23:37 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\New folder
2015-02-23 19:26 - 2015-02-23 19:26 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Subversion
2015-02-23 19:23 - 2015-02-23 19:23 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\MathWorks
2015-02-23 19:23 - 2015-02-23 19:23 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\MathWorks
2015-02-23 06:12 - 2015-02-23 06:12 - 00001299 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2014b.lnk
2015-02-23 06:11 - 2015-03-11 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2015-02-23 05:54 - 2015-02-23 05:54 - 00000000 ____D () C:\ProgramData\MathWorks
2015-02-23 05:52 - 2015-03-18 19:54 - 00000568 _____ () C:\WINDOWS\Tasks\MATLAB R2014b Startup Accelerator.job
2015-02-23 05:52 - 2015-02-23 05:52 - 00003736 _____ () C:\WINDOWS\System32\Tasks\MATLAB R2014b Startup Accelerator
2015-02-22 21:26 - 2015-02-22 21:26 - 00000000 ____D () C:\Program Files\MATLAB
2015-02-22 20:05 - 2015-03-11 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-22 20:05 - 2015-02-22 20:05 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2015-02-22 14:38 - 2015-03-12 18:55 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-21 20:10 - 2015-03-14 19:22 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-02-21 10:36 - 2015-03-11 20:09 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-20 20:24 - 2015-01-29 14:00 - 00011056 _____ () C:\WINDOWS\system32\AutoconfigV2.cab
2015-02-19 19:43 - 2015-02-19 19:43 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Steam
2015-02-18 19:36 - 2015-02-18 19:36 - 00000047 _____ () C:\Users\RADHAKRISHNA\Downloads\New Text Document.txt
2015-02-17 15:30 - 2015-02-17 15:30 - 01691808 _____ (Microsoft Corporation) C:\WINDOWS\system32\FM20.DLL
2015-02-16 23:27 - 2015-03-17 12:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-16 23:27 - 2015-03-17 11:44 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-16 13:59 - 2015-02-16 13:59 - 00000000 _____ () C:\Users\RADHAKRISHNA\AppData\Local\{2724EFA1-4118-42A2-BC66-6CD963825F4F}
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-18 21:08 - 2014-12-10 22:00 - 00000000 ____D () C:\FRST
2015-03-18 20:33 - 2015-02-07 12:28 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-18 20:30 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-18 20:09 - 2015-02-06 06:12 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-18 19:48 - 2014-11-21 10:14 - 00960624 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-18 19:47 - 2015-02-07 12:28 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-18 16:26 - 2013-08-22 20:16 - 00351597 _____ () C:\WINDOWS\setupact.log
2015-03-18 13:29 - 2013-02-20 15:44 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-03-18 13:29 - 2012-09-26 23:23 - 00000950 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-03-18 13:22 - 2012-07-26 13:29 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-18 12:47 - 2015-02-06 12:40 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3785010019-2192401253-1565588363-1002
2015-03-18 09:21 - 2015-02-06 06:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\uTorrent
2015-03-17 12:40 - 2013-08-22 20:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-17 12:38 - 2013-08-22 18:55 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-17 12:34 - 2013-08-22 21:06 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 12:32 - 2015-02-06 10:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-17 12:32 - 2015-02-06 07:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-17 12:10 - 2012-07-26 10:56 - 00000167 _____ () C:\WINDOWS\win.ini
2015-03-17 11:45 - 2013-08-22 18:55 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-16 08:32 - 2013-09-19 18:23 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\MATLAB
2015-03-16 08:31 - 2015-02-06 20:46 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\CrashDumps
2015-03-15 18:58 - 2012-10-21 02:52 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-03-15 18:58 - 2012-10-21 02:35 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-15 18:56 - 2012-10-21 02:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-03-15 18:53 - 2015-02-06 14:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\hpqlog
2015-03-15 14:28 - 2012-07-26 13:42 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-03-15 11:24 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-03-14 10:48 - 2015-01-16 16:02 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Packages
2015-03-13 12:20 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-12 18:55 - 2014-11-21 10:01 - 00005588 _____ () C:\WINDOWS\PFRO.log
2015-03-12 08:56 - 2013-08-22 21:06 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-12 08:53 - 2013-08-22 21:06 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-12 08:51 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-12 08:43 - 2014-11-21 10:46 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-03-12 08:43 - 2014-11-21 10:46 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-03-12 08:43 - 2014-11-21 10:46 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-03-12 08:43 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2015-03-12 08:43 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-03-11 21:34 - 2013-02-20 15:44 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-03-11 21:32 - 2012-07-26 13:42 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-11 21:20 - 2013-09-25 21:28 - 00000000 __RDO () C:\Users\RADHAKRISHNA\OneDrive.old
2015-03-11 21:14 - 2015-02-06 06:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-03-11 21:07 - 2013-02-20 16:14 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-03-11 20:51 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-11 20:48 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-11 20:41 - 2013-08-22 21:06 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-11 20:40 - 2013-08-22 21:06 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-11 20:29 - 2013-08-22 20:14 - 00497168 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-11 20:25 - 2015-02-15 21:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-03-11 20:25 - 2015-02-15 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmarThru 4
2015-03-11 20:25 - 2015-02-15 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SCX-4300 Series
2015-03-11 20:25 - 2015-02-10 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-03-11 20:25 - 2015-02-07 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2015-03-11 20:25 - 2015-02-07 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-11 20:25 - 2015-02-07 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\airtel
2015-03-11 20:25 - 2015-02-07 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-03-11 20:25 - 2015-02-06 06:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-03-11 20:25 - 2015-02-06 06:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-11 20:25 - 2015-02-06 06:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-03-11 20:25 - 2014-11-21 09:50 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-03-11 20:25 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-11 20:25 - 2013-02-20 16:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-03-11 20:25 - 2013-02-20 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-11 20:25 - 2013-02-20 15:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-03-11 20:25 - 2012-10-21 03:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-11 20:25 - 2012-10-21 02:49 - 00000000 ____D () C:\WINDOWS\en
2015-03-11 20:18 - 2013-08-22 21:07 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-03-11 20:18 - 2012-07-26 11:07 - 00000000 ____D () C:\Users\Default.migrated
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-11 20:13 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-11 20:13 - 2013-02-20 15:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-03-11 20:13 - 2012-10-21 02:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2015-03-11 20:12 - 2014-11-21 17:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-11 20:12 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-11 20:12 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-11 20:12 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-11 20:09 - 2013-08-22 21:13 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-11 20:09 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\Help
2015-03-11 20:09 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-03-11 20:06 - 2015-02-15 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S.  Applications
2015-03-11 20:06 - 2013-08-22 21:06 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-11 20:06 - 2012-10-21 02:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-03-11 20:06 - 2012-08-04 03:59 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-11 19:59 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-11 19:57 - 2012-08-04 03:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-03-11 19:40 - 2014-04-13 12:35 - 00000000 __SHD () C:\Recovery
2015-03-11 19:35 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-03-11 19:33 - 2013-08-22 20:16 - 00000084 _____ () C:\WINDOWS\setuperr.log
2015-03-11 19:29 - 2013-08-22 19:06 - 00000000 __RHD () C:\Users\Default
2015-03-10 22:07 - 2015-02-05 22:50 - 01538067 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-03-09 13:18 - 2014-11-22 03:33 - 00000000 ___HD () C:\$Windows.~BT
2015-03-09 12:35 - 2015-02-06 22:46 - 00000000 ____D () C:\ProgramData\VMware
2015-03-06 11:42 - 2014-02-23 12:02 - 00000000 ____D () C:\Users\RADHAKRISHNA\.gimp-2.8
2015-03-05 02:54 - 2014-11-21 17:57 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-03-05 02:54 - 2014-11-21 17:57 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-04 21:54 - 2012-10-21 03:00 - 00000000 ____D () C:\ProgramData\WildTangent
2015-03-03 19:20 - 2015-02-03 20:47 - 00000024 _____ () C:\Users\RADHAKRISHNA\random.dat
2015-03-03 18:20 - 2015-02-03 20:47 - 00000051 _____ () C:\Users\RADHAKRISHNA\jagex_cl_runescape_LIVE.dat
2015-03-03 18:05 - 2015-02-03 20:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\jagexcache
2015-03-03 14:07 - 2012-07-26 13:42 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-25 22:27 - 2015-02-07 09:12 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\VMware
2015-02-25 21:55 - 2015-02-07 08:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\VMware
 
==================== Files in the root of some directories =======
 
2015-03-06 11:39 - 2015-03-06 11:39 - 0002812 _____ () C:\Users\RADHAKRISHNA\AppData\Local\recently-used.xbel
2015-02-16 13:59 - 2015-02-16 13:59 - 0000000 _____ () C:\Users\RADHAKRISHNA\AppData\Local\{2724EFA1-4118-42A2-BC66-6CD963825F4F}
2013-02-20 16:00 - 2013-02-20 16:00 - 0000525 _____ () C:\ProgramData\CyberlinkOutput.txt
 
Files to move or delete:
====================
C:\Users\RADHAKRISHNA\jagex_cl_runescape_LIVE.dat
C:\Users\RADHAKRISHNA\random.dat
 
 
Some content of TEMP:
====================
C:\Users\RADHAKRISHNA\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\RADHAKRISHNA\AppData\Local\Temp\Resource.exe
C:\Users\RADHAKRISHNA\AppData\Local\Temp\UninstallHPSA.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-11 19:29
 
==================== End Of Log ============================

 

 

 

 

 

and the adw cleaner logs ( which i think cleaned  up my laptop/pc)

are also attached as ADWCleaner[R0] and ADWCleaner[S0].

 

 

 

Attached Files



#5 olgun52

olgun52

  • Malware Response Team
  • 3,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:03 AM

Posted 22 March 2015 - 12:26 PM

Hi BRK1,
 
DelFix run:
In any case please download delfix to your desktop.

  • Close all other programms and start delfix.
  • Please check all the boxes and run the tool.
  • Delfix will now delete all found traces of our removal process.

----------------------------------------------------------------------------------------------------------------

Ensure your external and/or USB drives are inserted during the scan

Step 1:
FRST Script:
Please download this attached txt.gif  fixlist.txt   3.57KB   0 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

NOT : It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
and fixlist.txt are in the same location or the fix will not work.
 
Step 2:
Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search, then Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 3:
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Step 4:

Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Double-click mbam-setup-2.1.4.1018.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • At the end of the installation, a database update will be performed.
  • Click on Scan Now.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Remove Selected to allow MBAM to clean what was detected.
  • In most cases, a restart will be required and a prompt will be shown.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export.
  • Click Text file (*.txt)
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named File Saved should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

Already installed:
Threat Scan

  • On the Dashboard, click the Scan Now button.
  • A check for database updates will be performed.
  • After the update check completes, a Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Remove Selected to allow MBAM to clean what was detected.
  • In most cases, a restart will be required and a prompt will be shown.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export.
  • Click Text file (*.txt)
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named File Saved should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

Have a nice day.

Attached Files


Edited by olgun52, 22 March 2015 - 12:33 PM.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#6 olgun52

olgun52

  • Malware Response Team
  • 3,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:03 AM

Posted 26 March 2015 - 04:17 PM

4 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 24 hours, this thread will be closed due to inactivity.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#7 olgun52

olgun52

  • Malware Response Team
  • 3,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:03 AM

Posted 30 March 2015 - 11:26 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users