Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware redirects


  • Please log in to reply
11 replies to this topic

#1 BRK1

BRK1

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 06 April 2015 - 07:50 PM

hi have malware directs from  rsdrv.com now on every device which connects to my wifi . i would reset my router+ modem ( same device) so i would lose my isp settings( i don't have its password).

the frst log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by RADHAKRISHNA (administrator) on BRK on 07-04-2015 05:58:21
Running from C:\Users\RADHAKRISHNA\Downloads
Loaded Profiles: RADHAKRISHNA &  (Available profiles: RADHAKRISHNA & Administrator)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-20] (IVT Corporation)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-03-06] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\Run: [OneDrive] => C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\RunOnce: [Uninstall C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDrive] => C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1707632 2012-09-10] (CyberLink Corp.)
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL13/26
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-09-20] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 107.170.168.61 8.8.8.8
Tcpip\..\Interfaces\{21E48E2F-FD28-4B76-AE61-D56F1CA47233}: [NameServer] 203.145.160.5 203.145.160.6
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-27] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-20] (IVT Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-13] (Hewlett-Packard)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-03-12] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-03] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-07 05:18 - 2015-04-07 05:32 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-07 05:18 - 2015-04-07 05:19 - 02208768 _____ () C:\Users\RADHAKRISHNA\Downloads\adwcleaner_4.200.exe
2015-04-07 05:17 - 2015-04-07 05:17 - 00001578 _____ () C:\Users\RADHAKRISHNA\Desktop\JRT.txt
2015-04-07 05:17 - 2015-04-07 05:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-07 05:17 - 2015-04-07 05:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-07 05:17 - 2015-04-07 05:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-07 05:17 - 2015-03-17 06:24 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-07 05:17 - 2015-03-17 06:24 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-07 05:17 - 2015-03-17 06:24 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-07 05:11 - 2015-04-07 05:14 - 21540904 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\mbam-setup.exe
2015-04-07 05:07 - 2015-04-07 05:11 - 16799094 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 842269.crdownload
2015-04-07 05:07 - 2015-04-07 05:07 - 00321848 _____ (Malwarebytes Corporation) C:\Users\RADHAKRISHNA\Downloads\mbam-clean-2.1.1.1001 (1).exe
2015-04-06 18:37 - 2015-04-06 18:37 - 00069611 _____ () C:\Users\RADHAKRISHNA\Downloads\OLIGOPOLY.pptx
2015-04-05 14:05 - 2015-04-07 05:30 - 00460964 _____ () C:\WINDOWS\PFRO.log
2015-04-05 14:05 - 2015-04-05 14:05 - 435222599 _____ () C:\WINDOWS\MEMORY.DMP
2015-04-05 14:05 - 2015-04-05 14:05 - 00280840 _____ () C:\WINDOWS\Minidump\040515-22875-01.dmp
2015-04-05 14:05 - 2015-04-05 14:05 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-04 20:48 - 2015-04-04 20:48 - 00057033 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]orange.is.the.new.black.season.1.complete.720p.webrip.sujaidr.pimprg.torrent
2015-04-04 11:45 - 2015-04-04 11:45 - 00773857 _____ () C:\Users\RADHAKRISHNA\Downloads\ITC_Unit-III (1).pptx
2015-04-04 11:12 - 2015-03-03 18:47 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-04-04 11:02 - 2015-04-04 11:02 - 00403419 _____ () C:\Users\RADHAKRISHNA\Downloads\convoultion codes.pptx
2015-04-03 19:36 - 2015-04-03 19:36 - 00327526 _____ () C:\Users\RADHAKRISHNA\Downloads\freqfilters.zip
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\samsung
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Samsung
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Samsung
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2015-04-02 19:37 - 2014-10-13 11:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-04-02 19:37 - 2014-10-13 11:27 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-04-02 19:34 - 2015-04-02 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-02 19:34 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2015-04-02 19:34 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2015-04-02 19:27 - 2015-04-02 19:27 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Downloaded Installations
2015-04-01 14:45 - 2015-04-01 14:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Dev-Cpp
2015-04-01 14:25 - 2015-04-01 14:46 - 00001287 _____ () C:\Users\RADHAKRISHNA\Downloads\crc2.txt
2015-03-31 17:57 - 2015-03-31 17:57 - 00004400 _____ () C:\{C2E0F175-EEF9-494B-92CB-6CAD4E9C26B2}
2015-03-28 18:01 - 2015-03-28 18:01 - 00004104 _____ () C:\{22D7EA5C-6FD0-4E97-861C-E4B195A6F50E}
2015-03-28 16:24 - 2015-03-28 16:24 - 00003392 _____ () C:\{485A3CB2-5F5E-484C-82A8-ACA9822D8306}
2015-03-24 08:36 - 2015-03-24 08:48 - 00750323 _____ () C:\Users\RADHAKRISHNA\Downloads\PRODUCT DIFFERENTIATION.pptx
2015-03-23 23:05 - 2015-03-23 23:05 - 02112092 _____ () C:\Users\RADHAKRISHNA\Downloads\productdifferentiationinindianmarket-101122110856-phpapp01.pptx
2015-03-23 22:28 - 2015-03-23 22:32 - 01922560 _____ () C:\Users\RADHAKRISHNA\Downloads\CH09 rev.ppt
2015-03-23 22:27 - 2015-03-23 22:31 - 00889344 _____ () C:\Users\RADHAKRISHNA\Downloads\Strauss_5e_09.ppt
2015-03-23 22:27 - 2015-03-23 22:29 - 00098304 _____ () C:\Users\RADHAKRISHNA\Downloads\prod_diff.ppt
2015-03-23 22:10 - 2015-03-23 22:12 - 00907264 _____ () C:\Users\RADHAKRISHNA\Downloads\12-1monopolisticcomp.ppt
2015-03-22 20:33 - 2015-03-22 20:33 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\the-theory-of-everything-2014_english-1027061
2015-03-22 19:27 - 2015-03-22 19:27 - 00005376 _____ () C:\Users\RADHAKRISHNA\AppData\Local\recently-used.xbel
2015-03-22 18:46 - 2015-03-22 18:48 - 24985220 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 8 - The One-Time Pad (12-15).mp4
2015-03-22 17:50 - 2015-03-22 17:57 - 66471196 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 7 - Perfect Secrecy Part II (31-24).mp4
2015-03-22 17:45 - 2015-03-22 17:47 - 17417772 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 6 - Perfect Secrecy (8-30).mp4
2015-03-22 17:41 - 2015-03-22 17:43 - 20667842 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 5 - Principles of Modern Cryptography (10-02).mp4
2015-03-22 17:33 - 2015-03-22 17:40 - 47596873 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 4 - Breaking the Vigenere Cipher (23-56).mp4
2015-03-22 11:08 - 2015-03-22 11:08 - 00082745 _____ () C:\Users\RADHAKRISHNA\Downloads\satn.jpeg
2015-03-22 10:58 - 2015-03-22 10:58 - 00000000 __SHD () C:\Users\RADHAKRISHNA\AppData\Local\EmieUserList
2015-03-22 10:58 - 2015-03-22 10:58 - 00000000 __SHD () C:\Users\RADHAKRISHNA\AppData\Local\EmieSiteList
2015-03-22 10:58 - 2015-03-22 10:58 - 00000000 __SHD () C:\Users\RADHAKRISHNA\AppData\Local\EmieBrowserModeList
2015-03-22 10:32 - 2015-03-22 10:32 - 00032711 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]pushing.daisies.s01e01.internal.dvdrip.x264.osiris.torrent
2015-03-21 17:59 - 2015-03-21 17:59 - 00004080 _____ () C:\{636F2A61-56B0-474E-963E-ECA6D34A9B6E}
2015-03-21 17:55 - 2015-03-21 17:55 - 00004224 _____ () C:\{DA73925E-D870-42E1-91A7-9546F20D9334}
2015-03-21 17:50 - 2015-03-21 17:50 - 00003192 _____ () C:\{8E9A5F61-C677-4A56-AEDD-B08BD546E497}
2015-03-21 11:12 - 2015-03-21 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2015-03-21 11:11 - 2015-04-01 14:43 - 00000000 ____D () C:\Dev-Cpp
2015-03-21 10:56 - 2015-03-21 11:02 - 09326468 _____ () C:\Users\RADHAKRISHNA\Downloads\devcpp-4.9.9.2_setup.exe
2015-03-21 10:30 - 2015-03-21 10:31 - 11684320 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 374661.crdownload
2015-03-20 06:25 - 2015-03-20 08:57 - 00047979 _____ () C:\Users\RADHAKRISHNA\Downloads\Image Fusion.pptx
2015-03-20 06:19 - 2015-03-20 06:19 - 00154388 _____ () C:\Users\RADHAKRISHNA\Downloads\Bilgin's Blog   Kalman Filter for Dummies.html
2015-03-20 06:19 - 2015-03-20 06:19 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Bilgin's Blog   Kalman Filter for Dummies_files
2015-03-20 06:16 - 2015-03-20 12:43 - 00623611 _____ () C:\Users\RADHAKRISHNA\Downloads\Object Motion Detection.pptx
2015-03-19 23:14 - 2015-03-19 23:22 - 32288557 _____ () C:\Users\RADHAKRISHNA\Downloads\Liu_Xiao.zip
2015-03-19 22:20 - 2015-03-19 22:20 - 00014335 _____ () C:\Users\RADHAKRISHNA\Downloads\NTHU Center for Advanced Technologies and Applications for the Next Generation Information and Communication Networking.html
2015-03-19 22:20 - 2015-03-19 22:20 - 00010628 _____ () C:\Users\RADHAKRISHNA\Downloads\Overview of Research Topics Projects in Mobile Communications Research Group at UoP.html
2015-03-19 22:20 - 2015-03-19 22:20 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Overview of Research Topics Projects in Mobile Communications Research Group at UoP_files
2015-03-19 22:20 - 2015-03-19 22:20 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\NTHU Center for Advanced Technologies and Applications for the Next Generation Information and Communication Networking_files
2015-03-19 21:10 - 2015-03-19 21:12 - 11844645 _____ () C:\Users\RADHAKRISHNA\Downloads\Khwaja_Ghosh.zip
2015-03-19 20:19 - 2015-03-19 20:19 - 00060553 _____ () C:\Users\RADHAKRISHNA\Downloads\Object Detection in a Cluttered Scene Using Point Feature Matching - MATLAB & Simulink Example - MathWorks India.html
2015-03-19 20:19 - 2015-03-19 20:19 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Object Detection in a Cluttered Scene Using Point Feature Matching - MATLAB & Simulink Example - MathWorks India_files
2015-03-19 13:31 - 2015-04-07 05:19 - 01367632 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-19 06:57 - 2015-04-07 05:30 - 00014145 _____ () C:\WINDOWS\setupact.log
2015-03-19 06:57 - 2015-03-19 06:57 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-19 06:47 - 2015-03-19 06:48 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\ccsetup503
2015-03-19 06:26 - 2015-03-19 06:27 - 05330868 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 426726.crdownload
2015-03-19 06:21 - 2015-03-19 06:21 - 02144048 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 744743.crdownload
2015-03-18 23:10 - 2015-03-18 23:11 - 01388672 _____ (Thisisu) C:\Users\RADHAKRISHNA\Downloads\JRT.exe
2015-03-18 23:10 - 2015-03-18 23:10 - 00321848 _____ (Malwarebytes Corporation) C:\Users\RADHAKRISHNA\Downloads\mbam-clean-2.1.1.1001.exe
2015-03-18 21:11 - 2015-03-18 21:13 - 00033487 _____ () C:\Users\RADHAKRISHNA\Downloads\Addition.txt
2015-03-18 21:07 - 2015-04-07 05:58 - 00018877 _____ () C:\Users\RADHAKRISHNA\Downloads\FRST.txt
2015-03-18 21:06 - 2015-03-18 21:06 - 02095616 _____ (Farbar) C:\Users\RADHAKRISHNA\Downloads\FRST64.exe
2015-03-17 19:18 - 2015-03-17 19:18 - 01088905 _____ (pendrivelinux.com) C:\Users\RADHAKRISHNA\Downloads\Universal-USB-Installer-1.9.5.9.exe
2015-03-17 18:47 - 2015-03-17 18:47 - 00003760 _____ () C:\{79F4A323-2F37-4DF0-9267-F780AE73896E}
2015-03-17 12:11 - 2015-03-17 12:11 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-03-16 08:52 - 2015-04-05 19:25 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Infomation
2015-03-15 23:20 - 2015-03-15 23:22 - 13580592 _____ () C:\Users\RADHAKRISHNA\Downloads\flandmark-master.zip
2015-03-15 15:22 - 2015-03-06 08:23 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-15 15:22 - 2015-03-06 08:03 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-15 15:22 - 2015-02-26 04:56 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-15 15:21 - 2015-02-20 08:33 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-15 15:21 - 2015-02-20 08:28 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-15 15:21 - 2015-02-20 07:50 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-15 15:21 - 2015-02-20 07:45 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-15 15:15 - 2014-06-10 03:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-15 15:15 - 2014-06-10 03:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-15 15:01 - 2015-01-31 04:50 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-15 14:57 - 2015-02-21 06:46 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-15 14:57 - 2015-02-21 05:55 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-15 14:57 - 2015-02-20 08:02 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-15 14:57 - 2015-02-20 07:13 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-15 14:56 - 2015-02-21 06:11 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-15 14:56 - 2015-02-21 05:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-15 14:56 - 2015-02-21 05:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-15 14:56 - 2015-02-21 05:28 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-15 14:56 - 2015-02-21 05:02 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-15 14:56 - 2015-02-20 08:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-15 14:56 - 2015-02-20 08:18 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-15 14:56 - 2015-02-20 08:17 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-15 14:56 - 2015-02-20 08:05 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-15 14:56 - 2015-02-20 08:04 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-15 14:56 - 2015-02-20 07:39 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-15 14:56 - 2015-02-20 07:37 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-15 14:56 - 2015-02-20 07:36 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-15 14:56 - 2015-02-20 07:35 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-15 14:56 - 2015-02-20 07:33 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-15 14:56 - 2015-02-20 07:29 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-15 14:56 - 2015-02-20 07:26 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-15 14:56 - 2015-02-20 07:22 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-15 14:56 - 2015-02-20 07:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-15 14:56 - 2015-02-20 07:19 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-15 14:56 - 2015-02-20 07:16 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-15 14:56 - 2015-02-20 07:00 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-15 14:56 - 2015-02-20 07:00 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-15 14:56 - 2015-02-20 06:59 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-15 14:56 - 2015-02-20 06:58 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-15 14:56 - 2015-02-20 06:56 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-15 14:56 - 2015-02-20 06:54 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-15 14:56 - 2015-02-20 06:54 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-15 14:56 - 2015-02-20 06:46 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-15 14:56 - 2015-02-20 06:33 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-15 14:56 - 2015-02-20 06:31 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-15 14:56 - 2015-02-20 06:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-15 14:56 - 2015-02-20 06:25 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-15 14:56 - 2015-01-27 09:52 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-15 14:56 - 2015-01-27 07:41 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-15 14:55 - 2015-01-30 07:32 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-15 14:55 - 2015-01-30 07:10 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-15 14:55 - 2015-01-30 07:07 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-15 14:55 - 2015-01-30 06:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-15 14:55 - 2015-01-30 06:54 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-15 14:55 - 2015-01-30 06:46 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-15 14:55 - 2015-01-30 06:38 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-15 14:55 - 2015-01-30 06:36 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-15 11:12 - 2015-01-28 21:11 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-15 11:12 - 2015-01-28 21:11 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-15 11:11 - 2015-01-28 21:11 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-15 10:53 - 2014-11-10 04:49 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-03-15 10:53 - 2014-11-10 04:49 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-03-15 10:53 - 2014-11-10 04:48 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-03-15 10:53 - 2014-11-10 04:48 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-03-15 10:31 - 2014-07-24 08:50 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-03-15 10:31 - 2014-07-24 08:50 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-03-15 10:25 - 2015-01-28 07:01 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-15 10:25 - 2015-01-28 06:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-15 10:25 - 2015-01-21 11:24 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-15 10:25 - 2015-01-21 10:45 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-15 10:12 - 2015-02-12 23:10 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-15 10:12 - 2015-02-12 23:04 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-15 10:12 - 2015-01-30 00:15 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-15 10:12 - 2015-01-30 00:04 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-15 10:04 - 2015-01-28 05:17 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-15 10:04 - 2015-01-28 05:11 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-15 09:51 - 2015-02-08 05:27 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-15 09:51 - 2015-02-08 05:19 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-15 09:22 - 2014-12-11 11:06 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-14 20:41 - 2015-03-14 20:41 - 00000015 _____ () C:\Users\RADHAKRISHNA\Downloads\questions.txt
2015-03-12 08:57 - 2015-03-19 06:49 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-12 08:55 - 2015-03-12 08:55 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-03-12 08:55 - 2015-03-12 08:55 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-12 08:53 - 2015-03-12 08:53 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-12 08:53 - 2015-03-12 08:53 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-03-12 08:52 - 2015-03-12 08:52 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-03-12 08:52 - 2015-03-12 08:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-03-12 08:52 - 2015-03-12 08:52 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-12 08:51 - 2015-03-12 08:51 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-03-12 08:50 - 2015-03-12 08:50 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-03-12 08:50 - 2015-03-12 08:50 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-03-12 08:50 - 2015-03-12 08:50 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-03-12 08:50 - 2015-03-12 08:50 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-03-12 08:50 - 2015-03-12 08:50 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-03-12 08:50 - 2015-03-12 08:50 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-03-12 08:49 - 2015-03-12 08:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-03-12 08:48 - 2015-03-12 08:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-03-12 08:47 - 2015-03-12 08:47 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\inetpub
2015-03-12 08:42 - 2013-08-03 10:18 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:18 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:11 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:11 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-11 21:20 - 2015-04-07 05:32 - 00000000 __RDO () C:\Users\RADHAKRISHNA\OneDrive
2015-03-11 21:15 - 2015-03-13 23:11 - 00003100 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3785010019-2192401253-1565588363-1002
2015-03-11 21:12 - 2015-03-11 21:12 - 00001744 _____ () C:\{47844396-8A1E-40F3-B4D7-3FC2ED162933}
2015-03-11 21:12 - 2015-03-11 21:12 - 00001446 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-11 21:07 - 2015-03-11 21:07 - 00000020 ___SH () C:\Users\RADHAKRISHNA\ntuser.ini
2015-03-11 21:07 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2015-03-11 20:44 - 2015-03-11 20:44 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-11 20:16 - 2015-03-11 20:16 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 19:59 - 2015-03-11 19:59 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-11 19:56 - 2015-03-16 16:18 - 00000000 ____D () C:\Users\RADHAKRISHNA
2015-03-11 19:56 - 2015-03-11 20:48 - 00036198 _____ () C:\WINDOWS\diagwrn.xml
2015-03-11 19:56 - 2015-03-11 20:48 - 00036198 _____ () C:\WINDOWS\diagerr.xml
2015-03-11 19:56 - 2015-03-11 20:37 - 00000000 ____D () C:\Users\Administrator
2015-03-11 19:56 - 2015-03-11 19:58 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 19:56 - 2015-03-11 19:57 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-11 19:56 - 2013-08-22 21:06 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-11 19:56 - 2013-08-22 21:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-11 19:42 - 2015-03-11 19:42 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-03-11 19:37 - 2015-03-11 19:37 - 00060601 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201503111937207258.log
2015-03-11 19:37 - 2015-03-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-03-11 19:36 - 2015-03-11 20:06 - 00000000 ____D () C:\ProgramData\AMD
2015-03-11 19:36 - 2015-03-11 19:36 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-03-11 19:35 - 2015-03-11 19:36 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-03-11 19:35 - 2015-03-11 19:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-11 19:33 - 2015-03-11 19:33 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-03-11 19:33 - 2015-03-11 19:33 - 00001364 _____ () C:\WINDOWS\system32\RaCoInst.log
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-11 19:33 - 2012-08-20 11:15 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-03-11 19:33 - 2012-08-20 11:15 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2015-03-11 19:33 - 2012-08-20 11:15 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-03-11 19:33 - 2011-05-03 03:57 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2015-03-11 19:32 - 2015-03-11 20:25 - 00000000 ____D () C:\Program Files\IDT
2015-03-11 19:32 - 2015-03-11 19:32 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-11 19:31 - 2015-03-11 19:31 - 00000000 ____D () C:\Program Files\AMD
2015-03-10 23:25 - 2015-03-10 23:28 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\New folder
2015-03-10 22:14 - 2015-03-10 22:14 - 00258163 _____ () C:\Users\RADHAKRISHNA\Downloads\The Hitchhiker's Guide to the Galaxy.epub
2015-03-09 22:27 - 2015-03-09 22:27 - 00003760 _____ () C:\{FCB07820-B39A-4DE0-B146-DF641DF71554}
2015-03-09 20:52 - 2015-03-09 20:52 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\NBGI
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-07 05:58 - 2014-12-10 22:00 - 00000000 ____D () C:\FRST
2015-04-07 05:49 - 2015-02-03 20:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\jagexcache
2015-04-07 05:41 - 2015-02-23 05:52 - 00000568 _____ () C:\WINDOWS\Tasks\MATLAB R2014b Startup Accelerator.job
2015-04-07 05:36 - 2015-03-04 22:18 - 00004966 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for BRK-RADHAKRISHNA BRK
2015-04-07 05:36 - 2015-02-06 12:40 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3785010019-2192401253-1565588363-1002
2015-04-07 05:36 - 2014-11-10 19:29 - 00000000 ____D () C:\AdwCleaner
2015-04-07 05:33 - 2015-02-07 12:28 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-07 05:32 - 2015-02-07 12:28 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-07 05:32 - 2015-02-06 06:12 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-07 05:31 - 2013-02-20 15:44 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-04-07 05:30 - 2013-08-22 20:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-07 05:30 - 2013-08-22 18:55 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-07 05:30 - 2012-09-26 23:23 - 00000950 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-04-06 23:32 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-06 22:49 - 2015-02-06 06:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\uTorrent
2015-04-06 19:00 - 2015-01-16 16:02 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Packages
2015-04-06 06:23 - 2014-11-21 10:14 - 00960624 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-06 05:33 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-05 14:05 - 2013-02-20 16:12 - 00000000 ____D () C:\ProgramData\Norton
2015-04-04 11:14 - 2013-08-22 18:55 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-04 11:08 - 2015-02-06 20:46 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\CrashDumps
2015-04-04 09:46 - 2012-07-26 13:42 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-04-03 20:17 - 2013-09-19 18:23 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\MATLAB
2015-04-02 22:30 - 2013-09-14 19:45 - 00000000 ___HD () C:\FILES
2015-04-02 19:37 - 2015-02-15 20:56 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-04-02 19:36 - 2015-02-15 21:21 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-02 19:32 - 2012-10-21 02:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-01 18:21 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-23 20:48 - 2015-03-04 20:13 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\vlc
2015-03-22 19:37 - 2014-02-23 12:02 - 00000000 ____D () C:\Users\RADHAKRISHNA\.gimp-2.8
2015-03-22 19:27 - 2015-03-06 11:38 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\gtk-2.0
2015-03-18 23:28 - 2013-08-22 20:14 - 00497168 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-18 23:27 - 2012-07-26 13:42 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-18 13:22 - 2012-07-26 13:29 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-18 12:43 - 2015-03-03 20:08 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\DIP
2015-03-17 12:34 - 2013-08-22 21:06 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 12:32 - 2015-02-06 10:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-17 12:32 - 2015-02-06 07:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-17 12:10 - 2012-07-26 10:56 - 00000167 _____ () C:\WINDOWS\win.ini
2015-03-17 12:07 - 2015-02-16 23:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-17 11:44 - 2015-02-16 23:27 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-16 23:37 - 2015-02-24 08:32 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\New folder
2015-03-15 18:58 - 2012-10-21 02:52 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-03-15 18:58 - 2012-10-21 02:35 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-15 18:56 - 2012-10-21 02:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-03-15 18:53 - 2015-02-06 14:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\hpqlog
2015-03-14 19:22 - 2015-02-21 20:10 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-03-13 23:11 - 2015-03-07 16:43 - 00002294 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-03-13 12:20 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-12 18:55 - 2015-02-22 14:38 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-12 08:56 - 2013-08-22 21:06 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-12 08:53 - 2013-08-22 21:06 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-12 08:51 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-12 08:43 - 2014-11-21 10:46 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-03-12 08:43 - 2014-11-21 10:46 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-03-12 08:43 - 2014-11-21 10:46 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-03-12 08:43 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2015-03-12 08:43 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-03-11 21:34 - 2013-02-20 15:44 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-03-11 21:20 - 2013-09-25 21:28 - 00000000 __RDO () C:\Users\RADHAKRISHNA\OneDrive.old
2015-03-11 21:14 - 2015-02-06 06:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-03-11 20:48 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-11 20:41 - 2013-08-22 21:06 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-11 20:40 - 2013-08-22 21:06 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-11 20:25 - 2015-03-06 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-03-11 20:25 - 2015-03-04 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-11 20:25 - 2015-02-22 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-11 20:25 - 2015-02-15 21:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-03-11 20:25 - 2015-02-15 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmarThru 4
2015-03-11 20:25 - 2015-02-15 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SCX-4300 Series
2015-03-11 20:25 - 2015-02-10 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-03-11 20:25 - 2015-02-07 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2015-03-11 20:25 - 2015-02-07 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-11 20:25 - 2015-02-07 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\airtel
2015-03-11 20:25 - 2015-02-07 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-03-11 20:25 - 2015-02-06 06:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-03-11 20:25 - 2015-02-06 06:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-11 20:25 - 2015-02-06 06:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-03-11 20:25 - 2014-11-21 09:50 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-03-11 20:25 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-11 20:25 - 2013-02-20 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-11 20:25 - 2013-02-20 15:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-03-11 20:25 - 2012-10-21 03:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-11 20:25 - 2012-10-21 02:49 - 00000000 ____D () C:\WINDOWS\en
2015-03-11 20:18 - 2012-07-26 11:07 - 00000000 ____D () C:\Users\Default.migrated
2015-03-11 20:13 - 2015-03-06 12:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-11 20:13 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-11 20:13 - 2013-02-20 15:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-03-11 20:13 - 2012-10-21 02:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2015-03-11 20:12 - 2014-11-21 17:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-11 20:12 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-11 20:12 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-11 20:12 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-11 20:09 - 2015-02-21 10:36 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-11 20:09 - 2013-08-22 21:13 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-11 20:09 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\Help
2015-03-11 20:09 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-03-11 20:06 - 2015-02-23 06:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2015-03-11 20:06 - 2015-02-15 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S.  Applications
2015-03-11 20:06 - 2013-08-22 21:06 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-11 20:06 - 2012-10-21 02:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-03-11 20:06 - 2012-08-04 03:59 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-11 19:59 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-11 19:57 - 2012-08-04 03:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-03-11 19:40 - 2014-04-13 12:35 - 00000000 __SHD () C:\Recovery
2015-03-11 19:35 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-03-11 19:29 - 2013-08-22 19:06 - 00000000 __RHD () C:\Users\Default
2015-03-09 12:35 - 2015-02-06 22:46 - 00000000 ____D () C:\ProgramData\VMware
 
==================== Files in the root of some directories =======
 
2015-03-22 19:27 - 2015-03-22 19:27 - 0005376 _____ () C:\Users\RADHAKRISHNA\AppData\Local\recently-used.xbel
2015-02-16 13:59 - 2015-02-16 13:59 - 0000000 _____ () C:\Users\RADHAKRISHNA\AppData\Local\{2724EFA1-4118-42A2-BC66-6CD963825F4F}
2013-02-20 16:00 - 2013-02-20 16:00 - 0000525 _____ () C:\ProgramData\CyberlinkOutput.txt
 
Files to move or delete:
====================
C:\Users\RADHAKRISHNA\jagex_cl_runescape_LIVE.dat
C:\Users\RADHAKRISHNA\random.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-01 17:10
 
==================== End Of Log ============================
 
and the adwere cleaner log : the redirects still occur

Attached Files



BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 AM

Posted 07 April 2015 - 10:01 AM

Hello BRK1 and Welcome to the BleepingComputer. :welcome:  
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
---------------------------------------------------------------------------------------------------------

I don't see Additional the logfile ?

--------------------------------------------------------------------

Do you use the Internet, now through this modem ?
When you reset the modem ? Date and time ......  approximately ?

 

Have a nice day.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#3 BRK1

BRK1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 08 April 2015 - 02:12 AM

hi

the administrator of computer runs. 

the additional log file::

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by RADHAKRISHNA at 2015-03-18 21:11:40
Running from C:\Users\RADHAKRISHNA\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Reader X (10.0.1) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
airtel (HKLM-x32\...\airtel) (Version: 23.009.05.04.284 - Huawei Technologies Co.,Ltd)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{3CEC10BE-CD7C-8E99-E3AC-DD31F4416C1C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2110 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4528 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dying Light (HKLM-x32\...\Dying Light_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{6821D775-9303-46DD-977A-2D97CA18B054}) (Version: 4.2.8.1 - Hewlett-Packard Company)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{8704FEEF-A6A8-4E7E-B124-BD6122C66E2C}) (Version: 2.10.42 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{A2E95309-79F3-41E5-94C7-6D7FD6D7BBC3}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
MATLAB R2014b (HKLM\...\Matlab R2014b) (Version: 8.4 - The MathWorks, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.6.0.27 - Symantec Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Readiris (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.0.0 - VMware, Inc)
VMware Player (Version: 7.0.0 - VMware, Inc.) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.95 - NCH Software)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
13-03-2015 22:09:35 Windows Update
15-03-2015 18:52:29 Removed HP Support Assistant.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02BAB288-038F-4350-A444-45EED829B40F} - System32\Tasks\MATLAB R2014b Startup Accelerator => C:\Program Files\MATLAB\R2014b\bin\win64\MATLABStartupAccelerator.exe [2014-07-26] ()
Task: {279DBA44-1B25-452E-9167-D75973F9E203} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {29D24529-2996-4770-89BD-E1E88A7C6AEC} - System32\Tasks\Microsoft Office 15 Sync Maintenance for BRK-RADHAKRISHNA BRK => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {3CDB4293-CA2B-4E53-8E16-B167D2A146A7} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {3E54D4F9-E3F4-49E8-AC24-2960E90E7D22} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-13] (CyberLink)
Task: {4ADF8F7C-AE3F-46F6-A2C9-CFC55D68D95C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {5843AA93-B26A-47AC-8126-7258AC69EC87} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {80BED1E3-E7D3-474B-B068-DCCF954191D1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe [2014-12-06] (Symantec Corporation)
Task: {8237B466-FC4D-4B14-8585-336F1A2195E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {8571DEC5-03D7-4B45-AE7F-3EF8C32830B9} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {BD771CBF-EFB3-499F-BE5F-2FC3A49B3F9B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3785010019-2192401253-1565588363-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {C409C37B-2A17-4A60-8B81-F7BF4592CA42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {C8C209DE-A8AF-4A15-84B8-AE3B45C6B6BE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-17] (Microsoft Corporation)
Task: {D734CFC3-DCC3-406A-A3E7-FAA7C004C3AC} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-25] (Synaptics Incorporated)
Task: {DB7844A5-11DF-42A8-8790-1D062C03F5AA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {E14B0CFF-D6C1-43BD-B66E-017C803CB003} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2014b Startup Accelerator.job => C:\Program Files\MATLAB\R2014b\bin\win64\MATLABStartupAccelerator.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-03-14 20:57 - 2011-03-14 20:57 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-02-15 21:23 - 2014-11-26 16:37 - 00118576 _____ () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2012-09-20 08:07 - 2012-09-20 08:07 - 00017160 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-09-20 08:07 - 2012-09-20 08:07 - 00029960 _____ () C:\Windows\system32\BsTrace.dll
2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 00289672 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
2014-11-20 18:44 - 2014-11-20 18:44 - 01299136 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2012-09-20 08:07 - 2012-09-20 08:07 - 00029960 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2015-02-06 13:07 - 2014-11-12 00:17 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-06 13:07 - 2014-12-02 05:59 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-06 13:07 - 2015-02-19 05:21 - 02360000 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-06 13:07 - 2014-12-02 05:59 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-06 13:07 - 2014-12-02 05:59 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-02-06 13:06 - 2015-02-19 05:21 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-20 15:58 - 2012-06-08 09:04 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-09 01:04 - 2012-06-09 01:04 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-02-06 13:06 - 2015-01-28 07:00 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-06 13:06 - 2015-01-28 07:00 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-01-17 22:15 - 2015-03-12 19:45 - 00224136 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\launcher.dll
2015-01-17 11:31 - 2015-03-12 19:45 - 00414088 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\tier0.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 00344968 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\vstdlib.dll
2015-01-17 11:31 - 2015-03-12 19:45 - 00402312 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\filesystem_stdio.dll
2015-01-17 11:31 - 2015-03-12 19:45 - 05968776 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\engine.dll
2015-01-17 11:31 - 2015-03-17 09:39 - 01031048 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\networksystem.dll
2015-01-17 22:15 - 2015-03-12 19:45 - 00905096 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\inputsystem.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 01179016 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\materialsystem.dll
2015-01-17 11:31 - 2015-03-12 19:45 - 00496008 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\datacache.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 00638344 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\studiorender.dll
2015-01-17 22:13 - 2015-03-12 19:45 - 00179592 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\soundemittersystem.dll
2015-01-17 11:31 - 2015-03-12 19:47 - 01184136 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vphysics.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 00928648 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vscript.dll
2015-01-17 11:31 - 2015-03-12 19:47 - 01442184 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vguimatsurface.dll
2015-01-17 11:31 - 2015-03-12 19:47 - 00475528 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vgui2.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 05618568 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\scaleformui_4.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 00978312 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\shaderapidx9.dll
2015-01-17 22:14 - 2015-03-12 19:45 - 00158600 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\localize.dll
2015-01-17 22:14 - 2015-03-12 19:46 - 00244616 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\stdshader_dbg.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 01142152 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\stdshader_dx9.dll
2015-01-17 11:31 - 2015-03-17 09:40 - 21856136 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\dota\bin\client.dll
2015-01-17 11:31 - 2015-03-17 09:41 - 19159432 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\dota\bin\server.dll
2015-01-17 22:14 - 2015-03-12 19:46 - 00197000 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\scenefilecache.dll
2015-01-17 22:15 - 2015-03-12 19:46 - 00106888 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vaudio_miles.dll
2015-01-17 22:13 - 2015-01-17 22:13 - 00071680 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\mssmp3.asi
2015-01-17 22:13 - 2015-01-17 22:13 - 00153088 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\mssvoice.asi
2015-01-17 22:14 - 2015-01-17 22:14 - 00013312 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\mssds3d.flt
2015-01-17 22:14 - 2015-01-17 22:14 - 00055808 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\msseax.flt
2015-01-17 22:15 - 2015-03-12 19:46 - 00181640 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vaudio_celt.dll
2015-03-14 10:35 - 2015-03-07 11:42 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libglesv2.dll
2015-03-14 10:35 - 2015-03-07 11:42 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libegl.dll
2015-03-14 10:35 - 2015-03-07 11:43 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll
2015-03-14 10:35 - 2015-03-07 11:43 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\RADHAKRISHNA\OneDrive:ms-properties
AlternateDataStreams: C:\Users\RADHAKRISHNA\OneDrive.old:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 91.194.254.105 - 8.8.8.8
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Samsung PanelMgr"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\StartupApproved\Run: => "OneDrive"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3785010019-2192401253-1565588363-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3785010019-2192401253-1565588363-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3785010019-2192401253-1565588363-1010 - Limited - Enabled)
RADHAKRISHNA (S-1-5-21-3785010019-2192401253-1565588363-1002 - Administrator - Enabled) => C:\Users\RADHAKRISHNA
 
==================== Faulty Device Manager Devices =============
 
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/18/2015 04:39:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12047
 
Error: (03/18/2015 04:39:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12047
 
Error: (03/18/2015 04:39:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/18/2015 02:01:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14313
 
Error: (03/18/2015 02:01:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14313
 
Error: (03/18/2015 02:01:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/18/2015 01:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BlueSoleilCS.exe, version: 9.0.723.0, time stamp: 0x5062b290
Faulting module name: tl_filter.dll, version: 0.0.0.0, time stamp: 0x505fc6a9
Exception code: 0xc0000094
Fault offset: 0x0000d53d
Faulting process id: 0x1e0
Faulting application start time: 0xBlueSoleilCS.exe0
Faulting application path: BlueSoleilCS.exe1
Faulting module path: BlueSoleilCS.exe2
Report Id: BlueSoleilCS.exe3
Faulting package full name: BlueSoleilCS.exe4
Faulting package-relative application ID: BlueSoleilCS.exe5
 
Error: (03/18/2015 00:49:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12609
 
Error: (03/18/2015 00:49:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12609
 
Error: (03/18/2015 00:49:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (03/18/2015 04:39:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/18/2015 04:36:02 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.
 
Error: (03/18/2015 04:36:01 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.
 
Error: (03/18/2015 04:36:01 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.
 
Error: (03/18/2015 04:36:00 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.
 
Error: (03/18/2015 04:36:00 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.
 
Error: (03/18/2015 02:01:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/18/2015 01:31:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueSoleilCS service terminated unexpectedly.  It has done this 5 time(s).
 
Error: (03/18/2015 00:09:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Connected Remote Service service failed to start due to the following error: 
%%1053
 
Error: (03/18/2015 00:09:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Connected Remote Service service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (03/18/2015 04:39:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12047
 
Error: (03/18/2015 04:39:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12047
 
Error: (03/18/2015 04:39:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/18/2015 02:01:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14313
 
Error: (03/18/2015 02:01:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14313
 
Error: (03/18/2015 02:01:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/18/2015 01:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BlueSoleilCS.exe9.0.723.05062b290tl_filter.dll0.0.0.0505fc6a9c00000940000d53d1e001d06151620640f6C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exeC:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dllaa881792-cd44-11e4-be9c-38eaa7f28f2b
 
Error: (03/18/2015 00:49:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12609
 
Error: (03/18/2015 00:49:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12609
 
Error: (03/18/2015 00:49:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-4500M APU with Radeon™ HD Graphics 
Percentage of memory in use: 78%
Total physical RAM: 3554.26 MB
Available physical RAM: 770.34 MB
Total Pagefile: 5282.26 MB
Available Pagefile: 1492.4 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive a: (New Volume) (Fixed) (Total:102.04 GB) (Free:11.96 GB) NTFS
Drive c: () (Fixed) (Total:338.46 GB) (Free:181.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.05 GB) (Free:2.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C0027069)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
yes i am using the internet through this modem only 
 
and i didn't reset it yet  after the problem has arisen . i am waiting for my isp guy to come to reset as he needs to reload the settings in it ( he takes some time to do so and donsn't tell us the settings . i should save them next time)


#4 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 AM

Posted 08 April 2015 - 06:07 AM

Hi BRK1,

 he takes some time to do so and donsn't tell us the settings .

I am sorry.  Who  does not tell ?
(As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.)

-----------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by RADHAKRISHNA at 2015-03-18 21:11:40
Running from C:\Users\RADHAKRISHNA\Downloads
Boot Mode: Normal

This report old. Please post a fresh report.

 

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#5 BRK1

BRK1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 09 April 2015 - 02:32 AM

err sry my english was bad. reading it again i myself couldn't understand it again. what i meant was the isp provider guy doesn't tell me the settings over phone/net

 

the new addition.txt:Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015

Ran by RADHAKRISHNA at 2015-04-09 12:58:00
Running from C:\Users\RADHAKRISHNA\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Reader X (10.0.1) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA0000000001}) (Version: 10.0.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.)
airtel (HKLM-x32\...\airtel) (Version: 23.009.05.04.284 - Huawei Technologies Co.,Ltd)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{3CEC10BE-CD7C-8E99-E3AC-DD31F4416C1C}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Crazy Chicken Soccer (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5712 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2110 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4528 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Dying Light (HKLM-x32\...\Dying Light_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, ProZorg_tm)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Gardenscapes: Mansion Makeover (x32 Version: 3.0.2.32 - WildTangent) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{6821D775-9303-46DD-977A-2D97CA18B054}) (Version: 4.2.8.1 - Hewlett-Packard Company)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{8704FEEF-A6A8-4E7E-B124-BD6122C66E2C}) (Version: 2.10.42 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{A2E95309-79F3-41E5-94C7-6D7FD6D7BBC3}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MATLAB R2014b (HKLM\...\Matlab R2014b) (Version: 8.4 - The MathWorks, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Ralink Bluetooth Stack64 (HKLM\...\{95DF815D-BE2D-9118-F549-39794C5869CF}) (Version: 9.0.725.0 - Ralink Corporation)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Readiris (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Royal Envoy 2 Collector's Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.0.0 - VMware, Inc)
VMware Player (Version: 7.0.0 - VMware, Inc.) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.95 - NCH Software)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
15-03-2015 18:52:29 Removed HP Support Assistant.
01-04-2015 18:10:31 Scheduled Checkpoint
02-04-2015 19:29:08 Installed Samsung Kies
07-04-2015 05:46:02 Removed RuneScape Launcher 1.2.3
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02BAB288-038F-4350-A444-45EED829B40F} - System32\Tasks\MATLAB R2014b Startup Accelerator => C:\Program Files\MATLAB\R2014b\bin\win64\MATLABStartupAccelerator.exe [2014-07-26] ()
Task: {112B18E7-670B-49F9-89E2-0DE846CB6F4F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-17] (Microsoft Corporation)
Task: {279DBA44-1B25-452E-9167-D75973F9E203} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {29D24529-2996-4770-89BD-E1E88A7C6AEC} - System32\Tasks\Microsoft Office 15 Sync Maintenance for BRK-RADHAKRISHNA BRK => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {3E54D4F9-E3F4-49E8-AC24-2960E90E7D22} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-10-13] (CyberLink)
Task: {5843AA93-B26A-47AC-8126-7258AC69EC87} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8237B466-FC4D-4B14-8585-336F1A2195E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {BD771CBF-EFB3-499F-BE5F-2FC3A49B3F9B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3785010019-2192401253-1565588363-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {C409C37B-2A17-4A60-8B81-F7BF4592CA42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.)
Task: {D734CFC3-DCC3-406A-A3E7-FAA7C004C3AC} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-25] (Synaptics Incorporated)
Task: {DB7844A5-11DF-42A8-8790-1D062C03F5AA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {E14B0CFF-D6C1-43BD-B66E-017C803CB003} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2014b Startup Accelerator.job => C:\Program Files\MATLAB\R2014b\bin\win64\MATLABStartupAccelerator.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-03-14 20:57 - 2011-03-14 20:57 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-02-15 21:23 - 2014-11-26 16:37 - 00118576 _____ () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2012-09-20 08:07 - 2012-09-20 08:07 - 00017160 _____ () C:\Windows\system32\BsHelpCSps.dll
2012-09-20 08:07 - 2012-09-20 08:07 - 00029960 _____ () C:\Windows\system32\BsTrace.dll
2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-01-17 11:31 - 2015-03-12 19:46 - 00289672 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
2014-11-20 18:44 - 2014-11-20 18:44 - 01299136 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-02-20 15:58 - 2012-06-08 09:04 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-09 01:04 - 2012-06-09 01:04 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-09-20 08:07 - 2012-09-20 08:07 - 00029960 _____ () C:\Windows\SYSTEM32\BsTrace.dll
2015-04-03 20:34 - 2015-03-31 02:37 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-03 20:34 - 2015-03-31 02:37 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-03 20:34 - 2015-03-31 02:37 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-02-06 13:07 - 2015-03-10 12:07 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-06 13:07 - 2014-12-02 05:59 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-06 13:07 - 2015-03-24 09:52 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-06 13:07 - 2014-12-02 05:59 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-06 13:07 - 2014-12-02 05:59 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-02-06 13:06 - 2014-12-02 03:01 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-02-06 13:06 - 2015-03-24 09:52 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-02-06 13:06 - 2015-02-25 07:28 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-04-03 20:34 - 2015-03-31 02:37 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll
2015-02-06 13:06 - 2015-02-25 07:28 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-01-17 22:15 - 2015-03-28 09:56 - 00224136 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\launcher.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 00415624 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\tier0.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 00344968 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\vstdlib.dll
2015-01-17 11:31 - 2015-03-28 09:55 - 00402312 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\filesystem_stdio.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 05969288 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\engine.dll
2015-01-17 11:31 - 2015-04-03 14:15 - 01071496 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\networksystem.dll
2015-01-17 22:15 - 2015-03-28 09:56 - 00905096 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\inputsystem.dll
2015-01-17 11:31 - 2015-03-28 09:55 - 01179016 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\materialsystem.dll
2015-01-17 11:31 - 2015-03-28 09:55 - 00496008 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\datacache.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 00638344 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\studiorender.dll
2015-01-17 22:13 - 2015-03-28 09:55 - 00179592 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\soundemittersystem.dll
2015-01-17 11:31 - 2015-03-28 09:57 - 01184136 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vphysics.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 00928648 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vscript.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 01442184 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vguimatsurface.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 00475528 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vgui2.dll
2015-01-17 11:31 - 2015-03-28 09:57 - 05618056 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\scaleformui_4.dll
2015-01-17 11:31 - 2015-03-28 09:56 - 00978312 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\shaderapidx9.dll
2015-01-17 22:14 - 2015-03-28 09:55 - 00158600 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\localize.dll
2015-01-17 22:14 - 2015-03-28 09:55 - 00244616 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\stdshader_dbg.dll
2015-01-17 11:31 - 2015-03-28 09:55 - 01142152 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\stdshader_dx9.dll
2015-01-17 11:31 - 2015-04-03 14:16 - 21867912 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\dota\bin\client.dll
2015-01-17 11:31 - 2015-04-03 14:16 - 19163528 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\dota\bin\server.dll
2015-01-17 22:14 - 2015-03-28 09:55 - 00197000 _____ () C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\bin\scenefilecache.dll
2015-01-17 22:15 - 2015-03-28 09:56 - 00106888 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\vaudio_miles.dll
2015-01-17 22:13 - 2015-01-17 22:13 - 00071680 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\mssmp3.asi
2015-01-17 22:13 - 2015-01-17 22:13 - 00153088 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\mssvoice.asi
2015-01-17 22:14 - 2015-01-17 22:14 - 00013312 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\mssds3d.flt
2015-01-17 22:14 - 2015-01-17 22:14 - 00055808 _____ () c:\files\games\steamlibrary\steamapps\common\dota 2 beta\bin\msseax.flt
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\RADHAKRISHNA\OneDrive:ms-properties
AlternateDataStreams: C:\Users\RADHAKRISHNA\OneDrive.old:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Samsung PanelMgr"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "OneDrive"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3785010019-2192401253-1565588363-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3785010019-2192401253-1565588363-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3785010019-2192401253-1565588363-1010 - Limited - Enabled)
RADHAKRISHNA (S-1-5-21-3785010019-2192401253-1565588363-1002 - Administrator - Enabled) => C:\Users\RADHAKRISHNA
 
==================== Faulty Device Manager Devices =============
 
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/09/2015 00:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPConnectedRemoteService.exe, version: 1.0.1218.0, time stamp: 0x5078a573
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process id: 0x16b8
Faulting application start time: 0xHPConnectedRemoteService.exe0
Faulting application path: HPConnectedRemoteService.exe1
Faulting module path: HPConnectedRemoteService.exe2
Report Id: HPConnectedRemoteService.exe3
Faulting package full name: HPConnectedRemoteService.exe4
Faulting package-relative application ID: HPConnectedRemoteService.exe5
 
Error: (04/09/2015 00:59:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPConnectedRemoteService.exe, version: 1.0.1218.0, time stamp: 0x5078a573
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process id: 0x1054
Faulting application start time: 0xHPConnectedRemoteService.exe0
Faulting application path: HPConnectedRemoteService.exe1
Faulting module path: HPConnectedRemoteService.exe2
Report Id: HPConnectedRemoteService.exe3
Faulting package full name: HPConnectedRemoteService.exe4
Faulting package-relative application ID: HPConnectedRemoteService.exe5
 
Error: (04/09/2015 00:59:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPConnectedRemoteService.exe, version: 1.0.1218.0, time stamp: 0x5078a573
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process id: 0x538
Faulting application start time: 0xHPConnectedRemoteService.exe0
Faulting application path: HPConnectedRemoteService.exe1
Faulting module path: HPConnectedRemoteService.exe2
Report Id: HPConnectedRemoteService.exe3
Faulting package full name: HPConnectedRemoteService.exe4
Faulting package-relative application ID: HPConnectedRemoteService.exe5
 
Error: (04/09/2015 00:59:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPConnectedRemoteService.exe, version: 1.0.1218.0, time stamp: 0x5078a573
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process id: 0x1bcc
Faulting application start time: 0xHPConnectedRemoteService.exe0
Faulting application path: HPConnectedRemoteService.exe1
Faulting module path: HPConnectedRemoteService.exe2
Report Id: HPConnectedRemoteService.exe3
Faulting package full name: HPConnectedRemoteService.exe4
Faulting package-relative application ID: HPConnectedRemoteService.exe5
 
Error: (04/09/2015 00:59:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPConnectedRemoteService.exe, version: 1.0.1218.0, time stamp: 0x5078a573
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process id: 0x1eac
Faulting application start time: 0xHPConnectedRemoteService.exe0
Faulting application path: HPConnectedRemoteService.exe1
Faulting module path: HPConnectedRemoteService.exe2
Report Id: HPConnectedRemoteService.exe3
Faulting package full name: HPConnectedRemoteService.exe4
Faulting package-relative application ID: HPConnectedRemoteService.exe5
 
Error: (04/09/2015 00:59:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
 
System errors:
=============
Error: (04/09/2015 00:59:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 92 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:59:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 91 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:59:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 90 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:59:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 89 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:59:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 88 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:59:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 87 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:58:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 86 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:58:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 85 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:58:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 84 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (04/09/2015 00:58:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Connected Remote Service service terminated unexpectedly.  It has done this 83 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (04/09/2015 00:59:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPConnectedRemoteService.exe1.0.1218.05078a573KERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c16b801d07296f57ecd30C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\WINDOWS\system32\KERNELBASE.dll341c27e9-de8a-11e4-bea7-38eaa7f28f2b
 
Error: (04/09/2015 00:59:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPConnectedRemoteService.exe1.0.1218.05078a573KERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c105401d07296f0be5720C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\WINDOWS\system32\KERNELBASE.dll2f5d90f9-de8a-11e4-bea7-38eaa7f28f2b
 
Error: (04/09/2015 00:59:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPConnectedRemoteService.exe1.0.1218.05078a573KERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c53801d07296ec05ca95C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\WINDOWS\system32\KERNELBASE.dll2aab95b5-de8a-11e4-bea7-38eaa7f28f2b
 
Error: (04/09/2015 00:59:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPConnectedRemoteService.exe1.0.1218.05078a573KERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c1bcc01d07296e758c306C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\WINDOWS\system32\KERNELBASE.dll25f75046-de8a-11e4-bea7-38eaa7f28f2b
 
Error: (04/09/2015 00:59:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (04/09/2015 00:59:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPConnectedRemoteService.exe1.0.1218.05078a573KERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c1eac01d07296e272e830C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exeC:\WINDOWS\system32\KERNELBASE.dll212de8aa-de8a-11e4-bea7-38eaa7f28f2b
 
Error: (04/09/2015 00:59:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HPConnectedRemoteService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   at System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   at SwitchBoard.Utils.WCFServiceHostUtil.setupService(System.Object, System.Type, Int32, Boolean)
   at SwitchBoard.SwitchBoardService.RunService()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
 
==================== Memory info =========================== 
 
Processor: AMD A8-4500M APU with Radeon™ HD Graphics 
Percentage of memory in use: 65%
Total physical RAM: 3554.26 MB
Available physical RAM: 1211.46 MB
Total Pagefile: 7138.26 MB
Available Pagefile: 3641.18 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive a: (New Volume) (Fixed) (Total:102.04 GB) (Free:9.83 GB) NTFS
Drive c: () (Fixed) (Total:338.46 GB) (Free:200.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.05 GB) (Free:2.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C0027069)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
and the frst.txt (i ran it again):
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by RADHAKRISHNA (administrator) on BRK on 09-04-2015 12:53:54
Running from C:\Users\RADHAKRISHNA\Downloads
Loaded Profiles: RADHAKRISHNA &  (Available profiles: RADHAKRISHNA & Administrator)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\FILES\games\SteamLibrary\steamapps\common\dota 2 beta\dota.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-25] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-20] (IVT Corporation)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-03-06] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\Run: [OneDrive] => C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\RunOnce: [Uninstall C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDrive] => C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDrive] => C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\OneDrive.exe [281248 2015-03-13] (Microsoft Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RADHAKRISHNA\AppData\Local\Microsoft\OneDrive\17.3.4724.0224\amd64"
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1707632 2012-09-10] (CyberLink Corp.)
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1707632 2012-09-10] (CyberLink Corp.)
HKU\S-1-5-21-3785010019-2192401253-1565588363-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL13/26
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL13/26
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2012-09-20] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 107.170.168.61 8.8.8.8
Tcpip\..\Interfaces\{21E48E2F-FD28-4B76-AE61-D56F1CA47233}: [NameServer] 203.145.160.5 203.145.160.6
Tcpip\..\Interfaces\{779C888E-7DEC-4E1D-8B6B-E740860696D3}: [NameServer] 8.8.8.8,8.8.4.4
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPA39F2378-39AC-40C2-8EA0-7536C3407277&SSPV="
CHR Profile: C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2015-04-08]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-04-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\RADHAKRISHNA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-27] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-20] (IVT Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-13] (Hewlett-Packard)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-03-12] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-16] (IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-20] (Ralink Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-03] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-08 22:05 - 2015-04-08 22:05 - 00022397 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]2.broke.girls.s01.season.1.complete.720p.hdtv.reenc.maximersk.torrent
2015-04-08 19:37 - 2015-04-08 19:37 - 00020875 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]firefly.complete.series.720p.mkv.compression.mkvgod.torrent
2015-04-08 19:29 - 2015-04-08 19:29 - 00001256 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]world.war.z.max.brooks.epub.torrent
2015-04-08 19:28 - 2015-04-08 19:28 - 00012346 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]world.war.z.96.unabridged.torrent
2015-04-08 19:05 - 2015-04-08 19:06 - 00297791 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]lost.the.complete.series.season.1.2.3.4.5.6.english.subs.torrent
2015-04-08 18:39 - 2015-04-08 18:39 - 00021222 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]castle.season.6.all.episodes.480p.mkv.with.subtitles.torrent
2015-04-08 17:42 - 2015-04-08 17:42 - 00001491 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]p.j.haarsma.the.softwire.virus.on.orbis.1.the.softwire.1.epub.plex.torrent
2015-04-07 22:14 - 2015-04-07 22:15 - 01394140 _____ () C:\Users\RADHAKRISHNA\Downloads\Trunking Theory_ppt.pptx
2015-04-07 21:00 - 2015-04-07 21:00 - 00019364 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]noragami.complete.season.1.with.ova.1.2.eng.sub.480p.l.mbert.torrent
2015-04-07 05:18 - 2015-04-08 19:29 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-07 05:18 - 2015-04-07 05:19 - 02208768 _____ () C:\Users\RADHAKRISHNA\Downloads\adwcleaner_4.200.exe
2015-04-07 05:17 - 2015-04-07 05:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-07 05:17 - 2015-04-07 05:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-07 05:17 - 2015-04-07 05:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-07 05:17 - 2015-03-17 06:24 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-07 05:17 - 2015-03-17 06:24 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-07 05:17 - 2015-03-17 06:24 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-07 05:11 - 2015-04-07 05:14 - 21540904 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\mbam-setup.exe
2015-04-07 05:07 - 2015-04-07 05:11 - 16799094 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 842269.crdownload
2015-04-07 05:07 - 2015-04-07 05:07 - 00321848 _____ (Malwarebytes Corporation) C:\Users\RADHAKRISHNA\Downloads\mbam-clean-2.1.1.1001 (1).exe
2015-04-06 18:37 - 2015-04-06 18:37 - 00069611 _____ () C:\Users\RADHAKRISHNA\Downloads\OLIGOPOLY.pptx
2015-04-05 14:05 - 2015-04-07 05:30 - 00460964 _____ () C:\WINDOWS\PFRO.log
2015-04-05 14:05 - 2015-04-05 14:05 - 435222599 _____ () C:\WINDOWS\MEMORY.DMP
2015-04-05 14:05 - 2015-04-05 14:05 - 00280840 _____ () C:\WINDOWS\Minidump\040515-22875-01.dmp
2015-04-05 14:05 - 2015-04-05 14:05 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-04 20:48 - 2015-04-04 20:48 - 00057033 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]orange.is.the.new.black.season.1.complete.720p.webrip.sujaidr.pimprg.torrent
2015-04-04 11:45 - 2015-04-04 11:45 - 00773857 _____ () C:\Users\RADHAKRISHNA\Downloads\ITC_Unit-III (1).pptx
2015-04-04 11:12 - 2015-03-03 18:47 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-04-04 11:02 - 2015-04-04 11:02 - 00403419 _____ () C:\Users\RADHAKRISHNA\Downloads\convoultion codes.pptx
2015-04-03 19:36 - 2015-04-03 19:36 - 00327526 _____ () C:\Users\RADHAKRISHNA\Downloads\freqfilters.zip
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\samsung
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Samsung
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Samsung
2015-04-02 19:39 - 2015-04-02 19:39 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2015-04-02 19:37 - 2014-10-13 11:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-04-02 19:37 - 2014-10-13 11:27 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-04-02 19:34 - 2015-04-02 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-02 19:34 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2015-04-02 19:34 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2015-04-02 19:27 - 2015-04-02 19:27 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Downloaded Installations
2015-04-01 14:45 - 2015-04-01 14:56 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Dev-Cpp
2015-04-01 14:25 - 2015-04-01 14:46 - 00001287 _____ () C:\Users\RADHAKRISHNA\Downloads\crc2.txt
2015-03-31 17:57 - 2015-03-31 17:57 - 00004400 _____ () C:\{C2E0F175-EEF9-494B-92CB-6CAD4E9C26B2}
2015-03-28 18:01 - 2015-03-28 18:01 - 00004104 _____ () C:\{22D7EA5C-6FD0-4E97-861C-E4B195A6F50E}
2015-03-28 16:24 - 2015-03-28 16:24 - 00003392 _____ () C:\{485A3CB2-5F5E-484C-82A8-ACA9822D8306}
2015-03-24 08:36 - 2015-03-24 08:48 - 00750323 _____ () C:\Users\RADHAKRISHNA\Downloads\PRODUCT DIFFERENTIATION.pptx
2015-03-23 23:05 - 2015-03-23 23:05 - 02112092 _____ () C:\Users\RADHAKRISHNA\Downloads\productdifferentiationinindianmarket-101122110856-phpapp01.pptx
2015-03-23 22:28 - 2015-03-23 22:32 - 01922560 _____ () C:\Users\RADHAKRISHNA\Downloads\CH09 rev.ppt
2015-03-23 22:27 - 2015-03-23 22:31 - 00889344 _____ () C:\Users\RADHAKRISHNA\Downloads\Strauss_5e_09.ppt
2015-03-23 22:27 - 2015-03-23 22:29 - 00098304 _____ () C:\Users\RADHAKRISHNA\Downloads\prod_diff.ppt
2015-03-23 22:10 - 2015-03-23 22:12 - 00907264 _____ () C:\Users\RADHAKRISHNA\Downloads\12-1monopolisticcomp.ppt
2015-03-22 20:33 - 2015-03-22 20:33 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\the-theory-of-everything-2014_english-1027061
2015-03-22 19:27 - 2015-03-22 19:27 - 00005376 _____ () C:\Users\RADHAKRISHNA\AppData\Local\recently-used.xbel
2015-03-22 18:46 - 2015-03-22 18:48 - 24985220 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 8 - The One-Time Pad (12-15).mp4
2015-03-22 17:50 - 2015-03-22 17:57 - 66471196 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 7 - Perfect Secrecy Part II (31-24).mp4
2015-03-22 17:45 - 2015-03-22 17:47 - 17417772 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 6 - Perfect Secrecy (8-30).mp4
2015-03-22 17:41 - 2015-03-22 17:43 - 20667842 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 5 - Principles of Modern Cryptography (10-02).mp4
2015-03-22 17:33 - 2015-03-22 17:40 - 47596873 _____ () C:\Users\RADHAKRISHNA\Downloads\3 - 4 - Breaking the Vigenere Cipher (23-56).mp4
2015-03-22 11:08 - 2015-03-22 11:08 - 00082745 _____ () C:\Users\RADHAKRISHNA\Downloads\satn.jpeg
2015-03-22 10:58 - 2015-03-22 10:58 - 00000000 __SHD () C:\Users\RADHAKRISHNA\AppData\Local\EmieUserList
2015-03-22 10:58 - 2015-03-22 10:58 - 00000000 __SHD () C:\Users\RADHAKRISHNA\AppData\Local\EmieSiteList
2015-03-22 10:58 - 2015-03-22 10:58 - 00000000 __SHD () C:\Users\RADHAKRISHNA\AppData\Local\EmieBrowserModeList
2015-03-22 10:32 - 2015-03-22 10:32 - 00032711 _____ () C:\Users\RADHAKRISHNA\Downloads\[kickass.to]pushing.daisies.s01e01.internal.dvdrip.x264.osiris.torrent
2015-03-21 17:59 - 2015-03-21 17:59 - 00004080 _____ () C:\{636F2A61-56B0-474E-963E-ECA6D34A9B6E}
2015-03-21 17:55 - 2015-03-21 17:55 - 00004224 _____ () C:\{DA73925E-D870-42E1-91A7-9546F20D9334}
2015-03-21 17:50 - 2015-03-21 17:50 - 00003192 _____ () C:\{8E9A5F61-C677-4A56-AEDD-B08BD546E497}
2015-03-21 11:12 - 2015-03-21 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2015-03-21 11:11 - 2015-04-01 14:43 - 00000000 ____D () C:\Dev-Cpp
2015-03-21 10:56 - 2015-03-21 11:02 - 09326468 _____ () C:\Users\RADHAKRISHNA\Downloads\devcpp-4.9.9.2_setup.exe
2015-03-21 10:30 - 2015-03-21 10:31 - 11684320 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 374661.crdownload
2015-03-20 06:25 - 2015-03-20 08:57 - 00047979 _____ () C:\Users\RADHAKRISHNA\Downloads\Image Fusion.pptx
2015-03-20 06:19 - 2015-03-20 06:19 - 00154388 _____ () C:\Users\RADHAKRISHNA\Downloads\Bilgin's Blog   Kalman Filter for Dummies.html
2015-03-20 06:19 - 2015-03-20 06:19 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Bilgin's Blog   Kalman Filter for Dummies_files
2015-03-20 06:16 - 2015-03-20 12:43 - 00623611 _____ () C:\Users\RADHAKRISHNA\Downloads\Object Motion Detection.pptx
2015-03-19 23:14 - 2015-03-19 23:22 - 32288557 _____ () C:\Users\RADHAKRISHNA\Downloads\Liu_Xiao.zip
2015-03-19 22:20 - 2015-03-19 22:20 - 00014335 _____ () C:\Users\RADHAKRISHNA\Downloads\NTHU Center for Advanced Technologies and Applications for the Next Generation Information and Communication Networking.html
2015-03-19 22:20 - 2015-03-19 22:20 - 00010628 _____ () C:\Users\RADHAKRISHNA\Downloads\Overview of Research Topics Projects in Mobile Communications Research Group at UoP.html
2015-03-19 22:20 - 2015-03-19 22:20 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Overview of Research Topics Projects in Mobile Communications Research Group at UoP_files
2015-03-19 22:20 - 2015-03-19 22:20 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\NTHU Center for Advanced Technologies and Applications for the Next Generation Information and Communication Networking_files
2015-03-19 21:10 - 2015-03-19 21:12 - 11844645 _____ () C:\Users\RADHAKRISHNA\Downloads\Khwaja_Ghosh.zip
2015-03-19 20:19 - 2015-03-19 20:19 - 00060553 _____ () C:\Users\RADHAKRISHNA\Downloads\Object Detection in a Cluttered Scene Using Point Feature Matching - MATLAB & Simulink Example - MathWorks India.html
2015-03-19 20:19 - 2015-03-19 20:19 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Object Detection in a Cluttered Scene Using Point Feature Matching - MATLAB & Simulink Example - MathWorks India_files
2015-03-19 13:31 - 2015-04-09 12:50 - 01558797 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-19 06:57 - 2015-04-07 05:30 - 00014145 _____ () C:\WINDOWS\setupact.log
2015-03-19 06:57 - 2015-03-19 06:57 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-19 06:47 - 2015-03-19 06:48 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\ccsetup503
2015-03-19 06:26 - 2015-03-19 06:27 - 05330868 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 426726.crdownload
2015-03-19 06:21 - 2015-03-19 06:21 - 02144048 _____ (Malwarebytes Corporation ) C:\Users\RADHAKRISHNA\Downloads\Unconfirmed 744743.crdownload
2015-03-18 23:10 - 2015-03-18 23:11 - 01388672 _____ (Thisisu) C:\Users\RADHAKRISHNA\Downloads\JRT.exe
2015-03-18 23:10 - 2015-03-18 23:10 - 00321848 _____ (Malwarebytes Corporation) C:\Users\RADHAKRISHNA\Downloads\mbam-clean-2.1.1.1001.exe
2015-03-18 21:11 - 2015-03-18 21:13 - 00033487 _____ () C:\Users\RADHAKRISHNA\Downloads\Addition.txt
2015-03-18 21:07 - 2015-04-09 12:55 - 00021831 _____ () C:\Users\RADHAKRISHNA\Downloads\FRST.txt
2015-03-18 21:06 - 2015-03-18 21:06 - 02095616 _____ (Farbar) C:\Users\RADHAKRISHNA\Downloads\FRST64.exe
2015-03-17 19:18 - 2015-03-17 19:18 - 01088905 _____ (pendrivelinux.com) C:\Users\RADHAKRISHNA\Downloads\Universal-USB-Installer-1.9.5.9.exe
2015-03-17 18:47 - 2015-03-17 18:47 - 00003760 _____ () C:\{79F4A323-2F37-4DF0-9267-F780AE73896E}
2015-03-17 12:11 - 2015-03-17 12:11 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-03-16 08:52 - 2015-04-05 19:25 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\Infomation
2015-03-15 23:20 - 2015-03-15 23:22 - 13580592 _____ () C:\Users\RADHAKRISHNA\Downloads\flandmark-master.zip
2015-03-15 15:22 - 2015-03-06 08:23 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-15 15:22 - 2015-03-06 08:03 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-15 15:22 - 2015-02-26 04:56 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-15 15:21 - 2015-02-20 08:33 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-03-15 15:21 - 2015-02-20 08:28 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-03-15 15:21 - 2015-02-20 07:50 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-03-15 15:21 - 2015-02-20 07:45 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-03-15 15:15 - 2014-06-10 03:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-15 15:15 - 2014-06-10 03:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-15 15:01 - 2015-01-31 04:50 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-03-15 14:57 - 2015-02-21 06:46 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-15 14:57 - 2015-02-21 05:55 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-15 14:57 - 2015-02-20 08:02 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-15 14:57 - 2015-02-20 07:13 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-15 14:56 - 2015-02-21 06:11 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-15 14:56 - 2015-02-21 05:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-15 14:56 - 2015-02-21 05:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-15 14:56 - 2015-02-21 05:28 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-15 14:56 - 2015-02-21 05:02 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-15 14:56 - 2015-02-20 08:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-15 14:56 - 2015-02-20 08:18 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-15 14:56 - 2015-02-20 08:17 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-15 14:56 - 2015-02-20 08:05 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-15 14:56 - 2015-02-20 08:04 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-03-15 14:56 - 2015-02-20 07:39 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-15 14:56 - 2015-02-20 07:37 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-15 14:56 - 2015-02-20 07:36 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-15 14:56 - 2015-02-20 07:35 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-15 14:56 - 2015-02-20 07:33 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-15 14:56 - 2015-02-20 07:29 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-15 14:56 - 2015-02-20 07:26 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-15 14:56 - 2015-02-20 07:22 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-15 14:56 - 2015-02-20 07:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-15 14:56 - 2015-02-20 07:19 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-15 14:56 - 2015-02-20 07:16 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-15 14:56 - 2015-02-20 07:00 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-15 14:56 - 2015-02-20 07:00 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-15 14:56 - 2015-02-20 06:59 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-15 14:56 - 2015-02-20 06:58 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-15 14:56 - 2015-02-20 06:56 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-15 14:56 - 2015-02-20 06:54 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-15 14:56 - 2015-02-20 06:54 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-15 14:56 - 2015-02-20 06:46 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-15 14:56 - 2015-02-20 06:33 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-15 14:56 - 2015-02-20 06:31 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-15 14:56 - 2015-02-20 06:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-15 14:56 - 2015-02-20 06:25 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-15 14:56 - 2015-01-27 09:52 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-03-15 14:56 - 2015-01-27 07:41 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-03-15 14:55 - 2015-01-30 07:32 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-03-15 14:55 - 2015-01-30 07:10 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-03-15 14:55 - 2015-01-30 07:07 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-03-15 14:55 - 2015-01-30 06:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-03-15 14:55 - 2015-01-30 06:54 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-03-15 14:55 - 2015-01-30 06:46 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-03-15 14:55 - 2015-01-30 06:38 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-03-15 14:55 - 2015-01-30 06:36 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-03-15 11:12 - 2015-01-28 21:11 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-15 11:12 - 2015-01-28 21:11 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-15 11:11 - 2015-01-28 21:11 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-15 10:53 - 2014-11-10 04:49 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-03-15 10:53 - 2014-11-10 04:49 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-03-15 10:53 - 2014-11-10 04:48 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-03-15 10:53 - 2014-11-10 04:48 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-03-15 10:31 - 2014-07-24 08:50 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-03-15 10:31 - 2014-07-24 08:50 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-03-15 10:25 - 2015-01-28 07:01 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-03-15 10:25 - 2015-01-28 06:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-03-15 10:25 - 2015-01-21 11:24 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-03-15 10:25 - 2015-01-21 10:45 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-03-15 10:12 - 2015-02-12 23:10 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-03-15 10:12 - 2015-02-12 23:04 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-03-15 10:12 - 2015-01-30 00:15 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-15 10:12 - 2015-01-30 00:04 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-15 10:04 - 2015-01-28 05:17 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-03-15 10:04 - 2015-01-28 05:11 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-03-15 09:51 - 2015-02-08 05:27 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-15 09:51 - 2015-02-08 05:19 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-15 09:22 - 2014-12-11 11:06 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-03-14 20:41 - 2015-03-14 20:41 - 00000015 _____ () C:\Users\RADHAKRISHNA\Downloads\questions.txt
2015-03-12 08:57 - 2015-03-19 06:49 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-12 08:55 - 2015-03-12 08:55 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-03-12 08:55 - 2015-03-12 08:55 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-03-12 08:55 - 2015-03-12 08:55 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-12 08:53 - 2015-03-12 08:53 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-12 08:53 - 2015-03-12 08:53 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-03-12 08:53 - 2015-03-12 08:53 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-12 08:53 - 2015-03-12 08:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-03-12 08:52 - 2015-03-12 08:52 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-03-12 08:52 - 2015-03-12 08:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-03-12 08:52 - 2015-03-12 08:52 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-03-12 08:52 - 2015-03-12 08:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-03-12 08:51 - 2015-03-12 08:51 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-12 08:51 - 2015-03-12 08:51 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-03-12 08:50 - 2015-03-12 08:50 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-03-12 08:50 - 2015-03-12 08:50 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-03-12 08:50 - 2015-03-12 08:50 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-03-12 08:50 - 2015-03-12 08:50 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-03-12 08:50 - 2015-03-12 08:50 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-03-12 08:50 - 2015-03-12 08:50 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-03-12 08:49 - 2015-03-12 08:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-03-12 08:48 - 2015-03-12 08:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-03-12 08:48 - 2015-03-12 08:48 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-03-12 08:48 - 2015-03-12 08:48 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-03-12 08:47 - 2015-03-12 08:47 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-12 08:43 - 2015-03-12 08:43 - 00000000 ____D () C:\inetpub
2015-03-12 08:42 - 2013-08-03 10:18 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:18 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:11 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-12 08:42 - 2013-08-03 10:11 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-11 21:20 - 2015-04-09 12:47 - 00000000 __RDO () C:\Users\RADHAKRISHNA\OneDrive
2015-03-11 21:15 - 2015-03-13 23:11 - 00003100 _____ () C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3785010019-2192401253-1565588363-1002
2015-03-11 21:12 - 2015-03-11 21:12 - 00001744 _____ () C:\{47844396-8A1E-40F3-B4D7-3FC2ED162933}
2015-03-11 21:12 - 2015-03-11 21:12 - 00001446 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-11 21:07 - 2015-03-11 21:07 - 00000020 ___SH () C:\Users\RADHAKRISHNA\ntuser.ini
2015-03-11 21:07 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2015-03-11 20:44 - 2015-03-11 20:44 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2015-03-11 20:18 - 2015-03-11 20:18 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-11 20:16 - 2015-03-11 20:16 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 19:59 - 2015-03-11 19:59 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-11 19:56 - 2015-03-16 16:18 - 00000000 ____D () C:\Users\RADHAKRISHNA
2015-03-11 19:56 - 2015-03-11 20:48 - 00036198 _____ () C:\WINDOWS\diagwrn.xml
2015-03-11 19:56 - 2015-03-11 20:48 - 00036198 _____ () C:\WINDOWS\diagerr.xml
2015-03-11 19:56 - 2015-03-11 20:37 - 00000000 ____D () C:\Users\Administrator
2015-03-11 19:56 - 2015-03-11 19:58 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 19:56 - 2015-03-11 19:57 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-11 19:56 - 2014-11-21 17:48 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-11 19:56 - 2014-11-21 10:22 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-11 19:56 - 2013-08-22 21:06 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-11 19:56 - 2013-08-22 21:06 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-11 19:42 - 2015-03-11 19:42 - 00930400 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-03-11 19:37 - 2015-03-11 19:37 - 00060601 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201503111937207258.log
2015-03-11 19:37 - 2015-03-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-03-11 19:36 - 2015-03-11 20:06 - 00000000 ____D () C:\ProgramData\AMD
2015-03-11 19:36 - 2015-03-11 19:36 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-03-11 19:35 - 2015-03-11 19:36 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-03-11 19:35 - 2015-03-11 19:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-11 19:33 - 2015-03-11 19:33 - 00002982 _____ () C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-03-11 19:33 - 2015-03-11 19:33 - 00001364 _____ () C:\WINDOWS\system32\RaCoInst.log
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2015-03-11 19:33 - 2015-03-11 19:33 - 00000000 ____D () C:\Program Files\Synaptics
2015-03-11 19:33 - 2012-08-20 11:15 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-03-11 19:33 - 2012-08-20 11:15 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2015-03-11 19:33 - 2012-08-20 11:15 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-03-11 19:33 - 2011-05-03 03:57 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2015-03-11 19:33 - 2011-05-03 03:57 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2015-03-11 19:32 - 2015-03-11 20:25 - 00000000 ____D () C:\Program Files\IDT
2015-03-11 19:32 - 2015-03-11 19:32 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-11 19:31 - 2015-03-11 19:31 - 00000000 ____D () C:\Program Files\AMD
2015-03-10 23:25 - 2015-03-10 23:28 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\New folder
2015-03-10 22:14 - 2015-03-10 22:14 - 00258163 _____ () C:\Users\RADHAKRISHNA\Downloads\The Hitchhiker's Guide to the Galaxy.epub
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-09 12:54 - 2014-12-10 22:00 - 00000000 ____D () C:\FRST
2015-04-09 12:53 - 2015-02-23 05:52 - 00000568 _____ () C:\WINDOWS\Tasks\MATLAB R2014b Startup Accelerator.job
2015-04-09 12:52 - 2015-02-06 12:40 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3785010019-2192401253-1565588363-1002
2015-04-09 12:51 - 2015-03-04 22:18 - 00004966 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for BRK-RADHAKRISHNA BRK
2015-04-09 12:51 - 2015-02-06 06:12 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-09 12:47 - 2015-02-07 12:28 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-09 12:47 - 2014-11-21 10:14 - 00960624 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-09 12:47 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-09 05:57 - 2015-02-06 06:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\uTorrent
2015-04-09 05:35 - 2015-02-07 12:28 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-09 05:29 - 2015-02-25 22:15 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\computer communications
2015-04-08 19:20 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-08 12:29 - 2014-08-21 06:22 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\HMM with skips and single Diagonal Gaussian
2015-04-07 22:27 - 2013-02-20 15:44 - 00003620 _____ () C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-04-07 22:26 - 2012-09-26 23:23 - 00000950 _____ () C:\WINDOWS\SysWOW64\bscs.ini
2015-04-07 22:17 - 2015-01-16 16:02 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\Packages
2015-04-07 20:10 - 2015-03-01 18:40 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\wireless mobile communication
2015-04-07 18:43 - 2014-11-10 19:29 - 00000000 ____D () C:\AdwCleaner
2015-04-07 05:49 - 2015-02-03 20:47 - 00000000 ____D () C:\Users\RADHAKRISHNA\jagexcache
2015-04-07 05:30 - 2013-08-22 20:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-07 05:30 - 2013-08-22 18:55 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-05 14:05 - 2013-02-20 16:12 - 00000000 ____D () C:\ProgramData\Norton
2015-04-04 11:14 - 2013-08-22 18:55 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-04-04 11:08 - 2015-02-06 20:46 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\CrashDumps
2015-04-04 10:00 - 2012-07-26 13:42 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-04-04 09:47 - 2012-07-26 13:42 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-04-03 20:17 - 2013-09-19 18:23 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\MATLAB
2015-04-02 22:30 - 2013-09-14 19:45 - 00000000 ___HD () C:\FILES
2015-04-02 19:37 - 2015-02-15 20:56 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-04-02 19:36 - 2015-02-15 21:21 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-02 19:32 - 2012-10-21 02:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-01 18:21 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\rescache
2015-03-23 20:48 - 2015-03-04 20:13 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\vlc
2015-03-22 19:37 - 2014-02-23 12:02 - 00000000 ____D () C:\Users\RADHAKRISHNA\.gimp-2.8
2015-03-22 19:27 - 2015-03-06 11:38 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Local\gtk-2.0
2015-03-18 23:28 - 2013-08-22 20:14 - 00497168 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-18 13:22 - 2012-07-26 13:29 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-18 12:43 - 2015-03-03 20:08 - 00000000 ____D () C:\Users\RADHAKRISHNA\Downloads\DIP
2015-03-17 12:34 - 2013-08-22 21:06 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-03-17 12:32 - 2015-02-06 10:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-17 12:32 - 2015-02-06 07:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-17 12:10 - 2012-07-26 10:56 - 00000167 _____ () C:\WINDOWS\win.ini
2015-03-17 12:07 - 2015-02-16 23:27 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-17 11:44 - 2015-02-16 23:27 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-16 23:37 - 2015-02-24 08:32 - 00000000 ____D () C:\Users\RADHAKRISHNA\Documents\New folder
2015-03-15 18:58 - 2012-10-21 02:52 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-03-15 18:58 - 2012-10-21 02:35 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-15 18:56 - 2012-10-21 02:56 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-03-15 18:53 - 2015-02-06 14:39 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\hpqlog
2015-03-14 19:22 - 2015-02-21 20:10 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-03-13 23:11 - 2015-03-07 16:43 - 00002294 _____ () C:\Users\RADHAKRISHNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-03-13 12:20 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-12 18:55 - 2015-02-22 14:38 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-12 08:56 - 2013-08-22 21:06 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-12 08:53 - 2013-08-22 21:06 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-12 08:51 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-12 08:43 - 2014-11-21 10:46 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-03-12 08:43 - 2014-11-21 10:46 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-03-12 08:43 - 2014-11-21 10:46 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-03-12 08:43 - 2014-11-21 10:46 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-03-12 08:43 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2015-03-12 08:43 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-03-11 21:34 - 2013-02-20 15:44 - 00000043 _____ () C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-03-11 21:20 - 2013-09-25 21:28 - 00000000 __RDO () C:\Users\RADHAKRISHNA\OneDrive.old
2015-03-11 21:14 - 2015-02-06 06:08 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-03-11 20:48 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-11 20:41 - 2013-08-22 21:06 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-11 20:40 - 2013-08-22 21:06 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-11 20:25 - 2015-03-06 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-03-11 20:25 - 2015-03-04 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-03-11 20:25 - 2015-02-22 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-03-11 20:25 - 2015-02-15 21:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-03-11 20:25 - 2015-02-15 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmarThru 4
2015-03-11 20:25 - 2015-02-15 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SCX-4300 Series
2015-03-11 20:25 - 2015-02-10 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-03-11 20:25 - 2015-02-07 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2015-03-11 20:25 - 2015-02-07 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-11 20:25 - 2015-02-07 12:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\airtel
2015-03-11 20:25 - 2015-02-07 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-03-11 20:25 - 2015-02-06 06:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-03-11 20:25 - 2015-02-06 06:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-11 20:25 - 2015-02-06 06:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-03-11 20:25 - 2014-11-21 09:50 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-03-11 20:25 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-11 20:25 - 2013-02-20 15:55 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-11 20:25 - 2013-02-20 15:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-03-11 20:25 - 2012-10-21 03:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-11 20:25 - 2012-10-21 02:49 - 00000000 ____D () C:\WINDOWS\en
2015-03-11 20:18 - 2012-07-26 11:07 - 00000000 ____D () C:\Users\Default.migrated
2015-03-11 20:13 - 2015-03-06 12:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-11 20:13 - 2014-11-21 09:20 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-11 20:13 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-11 20:13 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-11 20:13 - 2013-02-20 15:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-03-11 20:13 - 2012-10-21 02:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2015-03-11 20:12 - 2014-11-21 17:47 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-11 20:12 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-11 20:12 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-11 20:12 - 2013-08-22 19:06 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-03-11 20:09 - 2015-02-21 10:36 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-11 20:09 - 2013-08-22 21:13 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-11 20:09 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\Help
2015-03-11 20:09 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-03-11 20:06 - 2015-02-23 06:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2015-03-11 20:06 - 2015-02-15 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S.  Applications
2015-03-11 20:06 - 2013-08-22 21:06 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-11 20:06 - 2012-10-21 02:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-03-11 20:06 - 2012-08-04 03:59 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-11 20:05 - 2013-08-22 21:06 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-11 19:59 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-11 19:57 - 2012-08-04 03:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
2015-03-11 19:40 - 2014-04-13 12:35 - 00000000 __SHD () C:\Recovery
2015-03-11 19:35 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-03-11 19:29 - 2013-08-22 19:06 - 00000000 __RHD () C:\Users\Default
 
==================== Files in the root of some directories =======
 
2015-03-22 19:27 - 2015-03-22 19:27 - 0005376 _____ () C:\Users\RADHAKRISHNA\AppData\Local\recently-used.xbel
2015-02-16 13:59 - 2015-02-16 13:59 - 0000000 _____ () C:\Users\RADHAKRISHNA\AppData\Local\{2724EFA1-4118-42A2-BC66-6CD963825F4F}
2013-02-20 16:00 - 2013-02-20 16:00 - 0000525 _____ () C:\ProgramData\CyberlinkOutput.txt
 
Files to move or delete:
====================
C:\Users\RADHAKRISHNA\jagex_cl_runescape_LIVE.dat
C:\Users\RADHAKRISHNA\random.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-01 17:10
 
==================== End Of Log ============================


#6 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 AM

Posted 09 April 2015 - 06:15 PM

Hi BRK1,

err sry my english was bad. reading it again i myself couldn't understand it again. what i meant was the isp provider guy doesn't tell me the settings over phone/net

English no problem. i think we can  a deal and progress.
For now need not  modem reset.
---------------------------------------------------------------------------------------------------
Going over your logs I noticed that you have uTorrent - BitTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent - BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
----------------------------------------------------------------------------------------------------------

* IMPORTANT :  Ensure your external and/or USB drives are inserted during the scan
 
Step 1:
FRST Script:
Please download this attached txt.gif  fixlist.txt   3.75KB   0 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

NOT : It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
and fixlist.txt are in the same location or the fix will not work.
 
Step 2:
Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search, then Clean.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 3:
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista / 7 / 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Good work

Attached Files


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#7 BRK1

BRK1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 12 April 2015 - 01:32 AM

hi again,
the redirects had stopped after i had mbam installed and after running the jrt and adwcleaner a couple of times . i have the logs of adw cleaner if u need them i had uploaded along with the 1st post the adwcleaner log which had detected some thing . . i ran all those again . Thank you so much for helping me.
the logs
fixlog.txt:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by RADHAKRISHNA at 2015-04-12 11:16:01 Run:2
Running from C:\Users\RADHAKRISHNA\Downloads
Loaded Profiles: RADHAKRISHNA &  (Available profiles: RADHAKRISHNA & Administrator)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: F - "F:\AutoRun.exe" 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} - "F:\AutoRun.exe" 
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} ->  No File
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
2015-03-23 20:48 - 2015-03-04 20:13 - 00000000 ____D () C:\Users\RADHAKRISHNA\AppData\Roaming\vlc
AlternateDataStreams: C:\Users\RADHAKRISHNA\OneDrive:ms-properties
AlternateDataStreams: C:\Users\RADHAKRISHNA\OneDrive.old:ms-properties
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3321459&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPA39F2378-39AC-40C2-8EA0-7536C3407277&SSPV="
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
 
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully.
"HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf7aa6df-29d4-11e3-be81-38eaa7f28f2b}" => Key deleted successfully.
HKCR\CLSID\{bf7aa6df-29d4-11e3-be81-38eaa7f28f2b} => Key not found. 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
HKCR\CLSID\{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4} => Key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Key not found. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key not found. 
"HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => Key deleted successfully.
HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => Key not found. 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 
HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value not found.
HKCR\CLSID\Toolbar: HKU\S-1-5-21-3785010019-2192401253-1565588363-1002-{{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 
"C:\Users\RADHAKRISHNA\AppData\Roaming\vlc" => File/Directory not found.
"C:\Users\RADHAKRISHNA\OneDrive" => ":ms-properties" ADS not found.
"C:\Users\RADHAKRISHNA\OneDrive.old" => ":ms-properties" ADS not found.
Chrome StartupUrls deleted successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset all =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
EmptyTemp: => Removed 740.3 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 11:21:34 ====
 
the adw cleaner logs:
# AdwCleaner v4.201 - Logfile created 12/04/2015 at 11:32:41
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Local]
# Operating system : Windows 8.1 Single Language  (x64)
# Username : RADHAKRISHNA - BRK
# Running from : C:\Users\RADHAKRISHNA\Downloads\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v41.0.2272.118
 
 
*************************
 
AdwCleaner[R0].txt - [10196 bytes] - [10/11/2014 19:29:13]
AdwCleaner[R1].txt - [2729 bytes] - [11/11/2014 14:08:10]
AdwCleaner[R2].txt - [982 bytes] - [21/03/2015 10:25:47]
AdwCleaner[R3].txt - [21444 bytes] - [07/04/2015 05:20:30]
AdwCleaner[R4].txt - [1228 bytes] - [07/04/2015 05:35:00]
AdwCleaner[R5].txt - [1286 bytes] - [07/04/2015 18:42:12]
AdwCleaner[R6].txt - [1345 bytes] - [12/04/2015 11:28:20]
AdwCleaner[S0].txt - [9879 bytes] - [10/11/2014 19:34:08]
AdwCleaner[S1].txt - [2798 bytes] - [11/11/2014 14:12:41]
AdwCleaner[S2].txt - [1047 bytes] - [21/03/2015 10:31:54]
AdwCleaner[S3].txt - [2417 bytes] - [07/04/2015 05:29:16]
AdwCleaner[S4].txt - [1271 bytes] - [12/04/2015 11:32:41]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1330  bytes] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 8.1 Single Language x64
Ran by RADHAKRISHNA on 12-04-2015 at 11:52:16.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12-04-2015 at 11:58:37.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 AM

Posted 12 April 2015 - 08:45 AM

Hi BRK1,
 
Step 1:
Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Double-click mbam-setup-2.1.4.1018.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • At the end of the installation, a database update will be performed.
  • Click on Scan Now.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Remove Selected to allow MBAM to clean what was detected.
  • In most cases, a restart will be required and a prompt will be shown.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export.
  • Click Text file (*.txt)
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named File Saved should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

Already installed:
Threat Scan

  • On the Dashboard, click the Scan Now button.
  • A check for database updates will be performed.
  • After the update check completes, a Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Remove Selected to allow MBAM to clean what was detected.
  • In most cases, a restart will be required and a prompt will be shown.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export.
  • Click Text file (*.txt)
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named File Saved should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

Step 2:

  • Download and extract Malwarebytes Anti-Rootkit from here mbar-1.09.1.1004.zip and save it to your desktop.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up any important data before using.
  • Double-click mbar.exe inside the mbar folder then click 'Next'.
  • Note: Malwarebytes Anti-Rootkit requires administrative privileges to function properly.
  • Click 'Update'.
  • When finished updating, click 'Next' then 'Scan'.
  • If you are told you have the 'AppInit_Dlls rootkit', choose not to fix it and proceed with the scan.
  • With some infections, you may see two messages boxes:
    • 'Could not load protection driver'. Click 'OK'.
    • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart, then continue with the rest of these instructions.
  • If malware is found, do NOT press the 'Cleanup' button yet. Click 'Exit'.
  • Please zip and attach the two log files created by the tool within the folder from which it was run.

The logs will be named mbar-log-YYYY-MM-DD (##-##-##).txt and system-log.txt

 

Step 3:

 

Please download and run RogueKiller  32/64 bit to your desktop

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!

Post back the report which should be located on your desktop.
(please don't put logs in code or quotes)

 

 


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#9 BRK1

BRK1
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:17 AM

Posted 16 April 2015 - 08:45 AM

i am having tests right now will do the things and post them by sunday.



#10 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 AM

Posted 16 April 2015 - 03:59 PM

Okay, i am waiting.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#11 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 AM

Posted 21 April 2015 - 06:16 PM

Hello,

 

4 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 24 hours, this thread will be closed due to inactivity.


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 


#12 olgun52

olgun52

  • Malware Response Team
  • 3,784 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:47 AM

Posted 23 April 2015 - 02:02 PM

Are you still with me?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users