Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Default browser (Firefox) opens bizigames.org on startup


  • Please log in to reply
1 reply to this topic

#1 hpcomp

hpcomp

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:58 PM

Posted 09 May 2015 - 02:15 AM

hi,

i don't exactly know what caused this problem and now i can't get this malware off my computer. i also referred to a simiar type of forum but i was unable to get the results following the steps as it is. i downloaded FRST and scanned my computer --

 

                                                                                                FRST.txt

                                                                                             -----------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Sachin (administrator) on SACGARJE-PC on 09-05-2015 12:17:17
Running from C:\Users\Sachin\Downloads
Loaded Profiles: Sachin (Available profiles: Sachin & Administrator)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Arcai.com) F:\Program Files\Defender\services\aips.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VMware, Inc.) F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-authd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(arcai.com) F:\Program Files\Defender\NetCutDefender.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Mozilla Corporation) F:\ProgramFiles(x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Pokki) C:\Users\Sachin\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-23] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-29] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2811120 2014-03-13] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-09-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [vmware-tray.exe] => F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-10-18] (VMware, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => F:\ProgramFiles(x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => F:\ProgramFiles(x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\Run: [LAN Messenger] => F:\Program Files\lmc-1.2.35-win32\lmc.exe [1721344 2012-07-25] (LAN Messenger)
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\Run: [reg_svr] => "C:\WINDOWS\SysWoW64\regsvr32.exe" /s "C:\Users\Sachin\AppData\Roaming\gleam\nvm.dll"
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\Run: [BitTorrent] => C:\Users\Sachin\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-28] (BitTorrent Inc.)
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\Run: [CMD] => cmd.exe /c start http://zenigameblinger.org && exit <===== ATTENTION
IFEO\avz.exe: [Debugger] svchost.exe
IFEO\CCleaner.exe: [Debugger] svchost.exe
IFEO\CCleaner64.exe: [Debugger] svchost.exe
IFEO\regedit.exe: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-05-13]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Hyperion.vbs [2015-04-17] ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL14/26
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.jp.msn.com/HPALL14/26
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/26
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/26
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.ads-ki.com
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/HPALL14/26
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-03] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-03] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-03-31] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Sachin\AppData\Roaming\Mozilla\Firefox\Profiles\i0w4qva5.default-1429237128758
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Download YouTube Videos as MP4 - C:\Users\Sachin\AppData\Roaming\Mozilla\Firefox\Profiles\i0w4qva5.default-1429237128758\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-04-27]
FF Extension: Adblock Plus - C:\Users\Sachin\AppData\Roaming\Mozilla\Firefox\Profiles\i0w4qva5.default-1429237128758\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-27]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - F:\ProgramFiles(x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - F:\ProgramFiles(x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-04-04]
StartMenuInternet: FIREFOX.EXE - F:\ProgramFiles(x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-19]
CHR Extension: (Google Docs) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-19]
CHR Extension: (Google Drive) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-19]
CHR Extension: (YouTube) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-19]
CHR Extension: (Google Search) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-19]
CHR Extension: (Video Downloader professional) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-22]
CHR Extension: (Google Sheets) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-19]
CHR Extension: (Google Wallet) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-19]
CHR Extension: (Gmail) - C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AIPS; F:\Program Files\Defender\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-27] (Hewlett-Packard Development Company, L.P.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-29] (Softex Inc.) [File not signed]
S3 Origin Client Service; F:\Program Files\Origin\OriginClientService.exe [1910640 2015-03-08] (Electronic Arts)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VMAuthdService; F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-authd.exe [86096 2013-10-18] (VMware, Inc.)
R2 VMwareHostd; F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-hostd.exe [14405200 2013-10-18] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7532760 2014-08-07] (Broadcom Corporation)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-10] (Broadcom Corporation.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-14] ()
S3 IMNPF; C:\Windows\System32\drivers\IMNPF.sys [38768 2010-08-18] (IMFirewall Software)
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-14] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-14] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-14] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466136 2014-01-15] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-23] (Hewlett-Packard Development Company, L.P.)
S3 ALSysIO; \??\C:\Users\Sachin\AppData\Local\Temp\ALSysIO64.sys [X]
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 12:17 - 2015-05-09 12:18 - 00027399 _____ () C:\Users\Sachin\Downloads\FRST.txt
2015-05-09 11:45 - 2015-05-09 12:17 - 00000000 ____D () C:\FRST
2015-05-09 11:42 - 2015-05-09 11:42 - 02102272 _____ (Farbar) C:\Users\Sachin\Downloads\FRST64.exe
2015-05-08 17:15 - 2015-05-08 17:15 - 00000000 ____D () C:\Users\Sachin\Downloads\wallpapers
2015-05-06 13:16 - 2015-05-06 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-05 18:54 - 2015-05-06 13:31 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForSachin.job
2015-05-05 18:54 - 2015-05-05 18:54 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForSachin
2015-05-01 15:12 - 2015-05-01 15:12 - 15023375 _____ () C:\Users\Sachin\Documents\final.psd
2015-05-01 12:51 - 2015-05-01 12:51 - 00001321 _____ () C:\Users\Sachin\Desktop\Photoshop - Shortcut.lnk
2015-05-01 03:33 - 2015-05-01 03:33 - 00410875 _____ () C:\Users\Sachin\Documents\Untitled-3.psd
2015-05-01 03:07 - 2015-05-01 15:04 - 00000132 _____ () C:\Users\Sachin\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-04-30 21:04 - 2015-05-01 02:31 - 00067621 _____ () C:\Users\Sachin\Documents\Untitled-1.psd
2015-04-30 20:45 - 2015-04-30 20:45 - 00003510 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-SACGARJE-PC-Sachin
2015-04-29 15:16 - 2015-04-29 15:16 - 00000787 _____ () C:\Users\Sachin\Desktop\Counter-Strike 1.6.lnk
2015-04-29 15:16 - 2015-04-29 15:16 - 00000787 _____ () C:\Users\Administrator\Desktop\Counter-Strike 1.6.lnk
2015-04-29 15:16 - 2015-04-29 15:16 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-04-25 12:42 - 2015-04-16 23:20 - 00000000 ____D () C:\Users\Sachin\Desktop\T&P
2015-04-24 17:29 - 2015-04-24 17:31 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2013
2015-04-24 17:25 - 2015-04-24 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-24 17:23 - 2015-04-24 17:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-24 17:23 - 2015-04-24 17:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-04-24 17:18 - 2015-04-24 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-24 16:50 - 2015-03-13 10:02 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-24 16:50 - 2015-03-13 09:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-24 16:50 - 2015-03-13 09:37 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-24 16:50 - 2015-03-13 09:23 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-24 16:50 - 2015-03-13 09:20 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-24 16:50 - 2015-03-13 09:12 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-24 16:50 - 2015-03-13 08:58 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-24 16:50 - 2015-03-13 08:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-24 16:50 - 2015-03-13 08:52 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-24 16:50 - 2015-03-13 08:47 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-24 16:50 - 2015-03-13 08:46 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-24 16:50 - 2015-03-13 08:38 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-24 16:50 - 2015-03-13 08:37 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-24 16:50 - 2015-03-13 08:30 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-24 16:50 - 2015-03-13 08:20 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-24 16:50 - 2015-03-13 08:19 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-24 16:50 - 2015-03-13 08:15 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-24 16:50 - 2015-03-13 08:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-24 16:50 - 2015-03-13 08:04 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-24 16:50 - 2015-03-13 08:03 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-24 16:50 - 2015-03-13 07:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-24 16:50 - 2015-03-13 07:50 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-24 16:50 - 2015-03-13 07:46 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-24 16:50 - 2015-03-13 07:44 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-24 16:48 - 2015-03-23 04:15 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-24 16:48 - 2015-03-23 03:39 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-24 16:48 - 2015-03-23 03:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-24 16:48 - 2015-03-23 03:39 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-24 16:48 - 2015-03-23 03:39 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-24 16:48 - 2015-03-23 03:39 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-24 16:48 - 2015-03-23 03:39 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-24 16:47 - 2015-03-24 03:29 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-24 16:47 - 2015-03-24 03:29 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-24 16:47 - 2015-03-24 03:29 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-24 16:47 - 2015-03-24 03:28 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-24 16:47 - 2015-03-24 03:15 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-24 16:47 - 2015-03-20 09:42 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-24 16:47 - 2015-03-20 09:40 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-24 16:47 - 2015-03-20 09:40 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-24 16:47 - 2015-03-20 08:47 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-24 16:47 - 2015-03-20 08:11 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-24 16:47 - 2015-03-20 08:10 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-24 16:47 - 2015-03-20 07:46 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-24 16:47 - 2015-03-14 14:24 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-24 16:47 - 2015-03-14 13:50 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-24 16:47 - 2015-03-14 13:43 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-24 16:47 - 2015-03-14 07:26 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-24 16:47 - 2015-03-14 07:26 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-24 16:47 - 2015-03-14 07:21 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-24 16:47 - 2015-03-14 07:07 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-24 16:47 - 2015-03-14 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-24 16:47 - 2015-03-14 05:52 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-24 16:47 - 2015-03-14 05:42 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-24 16:47 - 2015-03-14 05:42 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-24 16:47 - 2015-03-14 05:39 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-24 16:47 - 2015-03-14 05:38 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-24 16:47 - 2015-03-14 05:38 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-24 16:47 - 2015-03-14 05:36 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-24 16:47 - 2015-03-14 05:36 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-24 16:47 - 2015-03-14 05:32 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-24 16:47 - 2015-03-14 05:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-24 16:47 - 2015-03-14 05:29 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-24 16:47 - 2015-03-14 05:29 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-24 16:47 - 2015-03-13 08:28 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-24 16:47 - 2015-03-13 08:07 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-24 16:47 - 2015-03-04 15:55 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-24 16:47 - 2015-03-04 08:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-24 16:47 - 2015-03-04 07:49 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-24 16:47 - 2015-02-24 14:02 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-24 16:47 - 2015-02-21 05:19 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-21 16:20 - 2015-04-21 16:20 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-04-21 16:20 - 2015-04-21 16:20 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-04-21 16:18 - 2015-04-21 16:18 - 00000000 ____D () C:\Users\Sachin\AppData\Local\Rockstar Games
2015-04-20 01:08 - 2015-04-21 16:18 - 00000000 ____D () C:\Users\Sachin\Documents\Rockstar Games
2015-04-20 01:08 - 2015-04-21 16:11 - 00000080 _____ () C:\Users\Sachin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-04-16 21:50 - 2015-04-16 21:51 - 02173955 _____ () C:\Users\Sachin\Downloads\Counter-Strike 1.6 Server-Fix.exe
2015-04-16 01:39 - 2015-04-16 01:39 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\NuGet
2015-04-16 01:22 - 2015-04-16 01:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 11.0
2015-04-16 01:22 - 2015-04-16 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-04-16 01:15 - 2015-04-16 01:15 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Silverlight Kits
2015-04-16 01:14 - 2015-04-16 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
2015-04-16 01:13 - 2015-04-16 01:40 - 00000000 ____D () C:\Users\Sachin\Documents\Visual Studio 2013
2015-04-16 01:13 - 2015-04-16 01:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft XDE
2015-04-16 01:01 - 2015-04-16 01:01 - 00000000 ____D () C:\Program Files (x86)\ReleaseManagement
2015-04-16 01:01 - 2015-04-16 01:01 - 00000000 ____D () C:\Program Files (x86)\AppInsights
2015-04-16 00:38 - 2015-04-16 00:38 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2015-04-16 00:17 - 2015-04-16 00:17 - 00000000 ____D () C:\Program Files\Application Verifier
2015-04-16 00:17 - 2015-04-16 00:17 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2015-04-16 00:15 - 2015-04-16 01:03 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2015-04-15 23:53 - 2015-04-16 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-04-15 22:26 - 2015-04-15 22:26 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2015-04-15 22:19 - 2015-04-15 22:19 - 00000525 _____ () C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows ©.lnk
2015-04-15 22:19 - 2015-04-15 22:19 - 00000488 _____ () C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\New Volume (H).lnk
2015-04-15 22:19 - 2015-04-15 22:19 - 00000488 _____ () C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\New Volume (F).lnk
2015-04-15 22:19 - 2015-04-15 22:19 - 00000482 _____ () C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RECOVERY (D).lnk
2015-04-15 22:19 - 2015-04-15 22:19 - 00000352 _____ () C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD RW Drive (E).lnk
2015-04-15 22:09 - 2015-04-15 22:09 - 00000000 ____D () C:\ProgramData\NuGet
2015-04-15 22:09 - 2015-04-15 22:09 - 00000000 ____D () C:\Program Files (x86)\NuGet
2015-04-15 22:06 - 2015-04-15 22:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services
2015-04-15 21:58 - 2015-04-15 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-04-15 21:13 - 2015-04-15 21:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\1033
2015-04-15 20:48 - 2015-04-15 21:46 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2015-04-15 20:48 - 2015-04-15 20:48 - 00000000 ____D () C:\WINDOWS\symbols
2015-04-15 20:48 - 2015-04-15 20:48 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2015-04-15 20:48 - 2015-04-15 20:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2015-04-15 20:48 - 2015-04-15 20:48 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2015-04-15 20:00 - 2015-04-15 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2015-04-15 19:23 - 2015-04-15 20:06 - 00000000 ____D () C:\WINDOWS\system32\1033
2015-04-15 19:23 - 2015-04-15 19:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2015-04-15 19:22 - 2015-04-16 01:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2015-04-15 19:22 - 2015-04-15 19:22 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2015-04-15 17:43 - 2015-04-15 17:44 - 01264968 _____ (Microsoft Corporation) C:\Users\Sachin\Downloads\vs_ultimate.exe
2015-04-15 16:54 - 2015-04-09 06:28 - 31570064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 30397072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 25375048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 24053576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 17176128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 15818528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 15716232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 14617288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 14006752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 12852784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 12689592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 11380728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 10423952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-04-15 16:54 - 2015-04-09 06:28 - 02896528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 02573456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 01895568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435012.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435012.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 01047368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 01037640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00970568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00962192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00499344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00402576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00390472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00346256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-04-15 16:54 - 2015-04-09 06:28 - 00154256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-04-15 16:51 - 2015-04-15 16:51 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\NVIDIA Corporation
2015-04-15 16:40 - 2015-04-15 16:40 - 00000000 ____D () C:\Program Files\NVIDIA GPU Computing Toolkit
2015-04-15 16:40 - 2015-02-18 07:07 - 01895240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434762.dll
2015-04-15 16:39 - 2015-04-09 06:28 - 02935416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-04-15 16:39 - 2015-02-18 07:07 - 01557832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434762.dll
2015-04-15 16:16 - 2015-04-12 21:12 - 961464176 _____ (NVIDIA Corporation) C:\Users\Sachin\Downloads\cuda_7.0.28_windows.exe
2015-04-15 15:36 - 2015-04-15 15:36 - 00001744 _____ () C:\Users\Sachin\Downloads\matmulCUDA.txt
2015-04-15 14:10 - 2015-04-15 14:10 - 00000752 _____ () C:\Users\Sachin\Desktop\Launcher - Shortcut.lnk
2015-04-15 14:00 - 2015-04-15 14:02 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\VMware
2015-04-15 14:00 - 2015-04-15 14:02 - 00000000 ____D () C:\Users\Sachin\AppData\Local\VMware
2015-04-14 17:39 - 2015-04-14 17:40 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-04-14 17:39 - 2015-04-14 17:39 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-14 16:04 - 2015-04-14 16:04 - 00000000 ____D () C:\Users\Sachin\Documents\Disney Interactive Studios
2015-04-14 16:00 - 2015-04-14 16:00 - 00000000 __RHD () C:\Users\Sachin\AppData\Roaming\SecuROM
2015-04-14 00:38 - 2015-04-14 00:38 - 00000000 ____D () C:\Users\Sachin\AppData\Local\LogMeIn
2015-04-14 00:38 - 2015-04-14 00:38 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-04-13 21:29 - 2015-04-13 21:37 - 08552448 _____ () C:\Users\Sachin\Downloads\hamachi.msi
2015-04-13 15:04 - 2015-04-13 15:04 - 00000000 ____D () C:\ProgramData\TDM-GCC
2015-04-13 15:03 - 2015-04-13 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TDM-GCC-64
2015-04-13 14:14 - 2015-04-13 14:14 - 42120292 _____ () C:\Users\Sachin\Downloads\tdm64-gcc-4.9.2-3.exe
2015-04-12 19:21 - 2015-04-12 19:23 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\Skype
2015-04-12 19:21 - 2015-04-12 19:21 - 00000000 ____D () C:\Users\Sachin\AppData\Local\Skype
2015-04-09 12:00 - 2015-04-09 12:00 - 00000083 _____ () C:\WINDOWS\wininit.ini

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-09 12:17 - 2014-07-12 02:03 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-09 12:16 - 2014-11-16 01:44 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\gleam
2015-05-09 12:16 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-09 12:08 - 2014-07-17 23:19 - 00000000 ____D () C:\Users\Sachin\Documents\Youcam
2015-05-09 12:07 - 2014-08-16 18:36 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-09 12:06 - 2014-10-04 20:17 - 00000000 ____D () C:\ProgramData\VMware
2015-05-09 12:06 - 2013-08-22 20:16 - 00118952 _____ () C:\WINDOWS\setupact.log
2015-05-09 12:06 - 2013-08-22 20:15 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-09 12:05 - 2014-07-12 01:24 - 01179823 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-09 12:05 - 2013-08-22 18:55 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-09 11:52 - 2014-08-16 18:36 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-09 11:51 - 2015-02-28 03:20 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\BitTorrent
2015-05-09 03:32 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-09 01:36 - 2014-09-09 22:31 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\vlc
2015-05-08 12:01 - 2014-11-10 11:41 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-320099953-2498947634-3713143922-1002
2015-05-08 10:55 - 2014-03-18 15:23 - 00962568 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-07 13:16 - 2014-07-12 02:00 - 00000000 ____D () C:\Users\Sachin\AppData\Local\CrashDumps
2015-05-06 13:25 - 2014-08-10 19:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-05-06 13:25 - 2014-08-10 19:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-06 13:17 - 2014-07-12 02:05 - 00000000 ____D () C:\ProgramData\Skype
2015-05-06 13:16 - 2014-07-12 02:05 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-06 13:16 - 2014-07-12 02:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-05 18:52 - 2014-07-12 01:20 - 00000000 ____D () C:\Users\Sachin
2015-05-05 13:24 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-01 15:16 - 2015-02-13 12:38 - 00000000 ____D () C:\Users\Sachin\Downloads\Youtube
2015-05-01 02:36 - 2014-10-27 21:23 - 00000000 ____D () C:\Users\Sachin\AppData\Local\Adobe
2015-05-01 02:36 - 2014-07-17 23:17 - 00000000 ____D () C:\Users\Sachin\AppData\Roaming\Adobe
2015-04-30 20:15 - 2013-08-22 20:14 - 05080120 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-30 20:14 - 2014-03-18 15:14 - 00055512 _____ () C:\WINDOWS\PFRO.log
2015-04-29 15:16 - 2014-08-06 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-04-27 12:35 - 2014-07-17 23:18 - 00000000 ____D () C:\Users\Sachin\AppData\Local\Hewlett-Packard
2015-04-27 12:35 - 2014-05-08 06:15 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-04-25 17:09 - 2015-03-20 20:02 - 00000000 ____D () C:\Users\Sachin\AppData\Local\Eclipse
2015-04-24 22:00 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-24 17:44 - 2014-07-12 21:17 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-24 17:33 - 2014-07-12 21:17 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-24 17:33 - 2013-08-22 20:50 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-24 17:29 - 2014-05-13 09:02 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-24 17:26 - 2013-08-22 18:55 - 00000199 _____ () C:\WINDOWS\win.ini
2015-04-24 17:15 - 2014-12-18 09:31 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-24 17:15 - 2014-07-12 21:14 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-24 16:47 - 2014-11-17 00:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-21 18:43 - 2015-03-30 14:14 - 00000000 ____D () C:\Users\Sachin\Downloads\EOS
2015-04-20 12:28 - 2013-08-22 21:06 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-04-16 23:08 - 2014-07-17 23:17 - 00000000 ____D () C:\Users\Sachin\AppData\Local\Packages
2015-04-16 20:32 - 2015-03-30 14:29 - 00000000 ____D () C:\Users\Sachin\Downloads\PCDP
2015-04-16 12:12 - 2015-04-01 18:21 - 00000000 ____D () C:\Users\Sachin\Desktop\Eclipse OpenMP
2015-04-16 00:47 - 2014-08-10 19:23 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-04-16 00:46 - 2014-08-10 19:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-04-16 00:38 - 2015-02-10 11:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-04-16 00:37 - 2013-08-22 21:06 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-15 23:42 - 2015-04-06 15:51 - 00000000 ____D () C:\Users\Sachin\Desktop\PD Backup
2015-04-15 22:46 - 2015-03-24 16:27 - 00000000 ____D () C:\Users\Sachin\Downloads\SUPRIYA PHOTOS
2015-04-15 19:24 - 2015-04-05 18:51 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-04-15 19:23 - 2014-04-02 15:20 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-04-15 16:57 - 2014-05-13 08:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-15 16:56 - 2014-05-13 08:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-15 16:55 - 2014-05-13 08:57 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-15 16:44 - 2014-05-13 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-15 16:44 - 2014-05-13 08:58 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-15 14:17 - 2014-07-12 02:03 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-04-14 15:30 - 2014-08-01 22:37 - 00064516 _____ () C:\WINDOWS\DirectX.log
2015-04-14 15:24 - 2014-05-08 06:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-14 04:54 - 2015-03-19 18:20 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 04:54 - 2015-03-19 18:20 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 18:07 - 2015-03-26 11:02 - 00000000 ____D () C:\Users\Sachin\Desktop\FINAL
2015-04-09 12:00 - 2015-03-27 23:11 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-09 06:28 - 2014-09-20 02:09 - 00029329 _____ () C:\WINDOWS\system32\nvinfo.pb
2015-04-09 06:28 - 2014-05-13 08:57 - 03317344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-04-09 03:00 - 2014-05-13 08:58 - 06841488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-04-09 03:00 - 2014-05-13 08:58 - 03478344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-04-09 03:00 - 2014-05-13 08:58 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-04-09 03:00 - 2014-05-13 08:58 - 01047696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-04-09 03:00 - 2014-05-13 08:58 - 00936264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-04-09 03:00 - 2014-05-13 08:58 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-04-09 03:00 - 2014-05-13 08:58 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-04-09 03:00 - 2014-05-13 08:58 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

==================== Files in the root of some directories =======

2015-05-01 03:07 - 2015-05-01 15:04 - 0000132 _____ () C:\Users\Sachin\AppData\Roaming\Adobe PNG Format CS5 Prefs

Some content of TEMP:
====================
C:\Users\Sachin\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Sachin\AppData\Local\Temp\Skin.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-09 03:48

==================== End Of Log ============================

 

 

                                                                                             Addition.txt

                                                                                            ------------------

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Sachin at 2015-05-09 12:19:24
Running from C:\Users\Sachin\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-320099953-2498947634-3713143922-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-320099953-2498947634-3713143922-501 - Limited - Disabled)
Sachin (S-1-5-21-320099953-2498947634-3713143922-1002 - Administrator - Enabled) => C:\Users\Sachin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12556 (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version:  - )
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitTorrent (HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.223.215.5 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9130 - Broadcom Corporation)
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Curse at Twilight (x32 Version: 3.0.2.51 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious - Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Joining Hands 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Lost in Reefs 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 with Update 4 (HKLM-x32\...\{dca572ee-b6f6-4560-9879-fec58cc0022c}) (Version: 12.0.31101 - Microsoft Corporation)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Firefox 37.0.2 (x86 en-US) (HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version:  - arcai.com)
NetCutDefender 2.1.5 (HKLM-x32\...\NetCutDefender_is1) (Version:  - arcai.com)
NVIDIA CUDA Samples 7.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDASamples_7.0) (Version: 7.0 - NVIDIA Corporation)
NVIDIA CUDA Toolkit 7.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_7.0) (Version: 7.0 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 7.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAVisualStudioIntegration_7.0) (Version: 7.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA GPU Deployment Kit 347.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GDK) (Version: 347.62 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 4.5.0.15036 (HKLM\...\{DA371382-CABC-44B3-9BB4-14B5081B6446}) (Version: 4.5.0.15036 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{4D983759-07FC-4571-BB59-58C9BBADECC5}) (Version: 1.00.00.00 - NVIDIA Corporation)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
Release Management for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Solitaire Mystery Four Seasons (x32 Version: 3.0.2.51 - WildTangent) Hidden
Sparkle 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
Spec Ops The Line (HKLM-x32\...\Spec Ops The Line_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Start Menu (HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\Pokki) (Version: 0.269.2.437 - Pokki)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
System Ninja version 3.0.2 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.2 - SingularLabs)
Tata Photon+ (HKLM-x32\...\Tata Photon+) (Version: 11.030.01.28.628 - Huawei Technologies Co.,Ltd)
TDM-GCC (HKLM-x32\...\TDM-GCC) (Version: 1.1309.0 - TDM)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Viking Saga (x32 Version: 3.0.2.48 - WildTangent) Hidden
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.1 - VMware, Inc)
VMware Workstation (Version: 10.0.1 - VMware, Inc.) Hidden
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-320099953-2498947634-3713143922-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points  =========================

24-04-2015 17:15:00 Windows Update
05-05-2015 13:18:01 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:55 - 2015-03-30 14:45 - 00451415 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1    activate.adobe.com
127.0.0.1    practivate.adobe.com
127.0.0.1    ereg.adobe.com
127.0.0.1    activate.wip3.adobe.com
127.0.0.1    wip3.adobe.com
127.0.0.1    3dns-3.adobe.com
127.0.0.1    3dns-2.adobe.com
127.0.0.1    adobe-dns.adobe.com
127.0.0.1    adobe-dns-2.adobe.com
127.0.0.1    adobe-dns-3.adobe.com
127.0.0.1    ereg.wip3.adobe.com
127.0.0.1    activate-sea.adobe.com
127.0.0.1    wwis-dubc1-vip60.adobe.com
127.0.0.1    activate-sjc0.adobe.com
127.0.0.1    adobe.activate.com
127.0.0.1    adobeereg.com
127.0.0.1    www.adobeereg.com
127.0.0.1    wwis-dubc1-vip60.adobe.com
127.0.0.1    125.252.224.90
127.0.0.1    125.252.224.91
127.0.0.1    hl2rcv.adobe.com
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {095A2C5D-384B-4CE5-912D-B2ED7778CA43} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {0B0DF2A5-9EB4-43AE-8E95-16104BFF9D7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0B438222-8023-48AE-A776-C3201F1E2B2C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {12F3A360-AB13-4A0B-AB83-3440F9989C97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-16] (Google Inc.)
Task: {16FA6AFE-15AF-4C60-8D62-C26977E5791F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-24] (Microsoft Corporation)
Task: {1A863726-086B-42F3-ACBC-DF6752958E12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {1C21293D-BAF3-4D9C-82DC-79735FADE450} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {2FB9296D-2895-4662-8782-6F04B3BCE251} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {34C998E3-5D57-4673-BAEC-A72C0F7E4601} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-320099953-2498947634-3713143922-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {4C0B7925-D18B-4CB6-B0D9-375250711C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {50E5AD19-F984-4611-9F41-CE189934B6D6} - System32\Tasks\AdobeAAMUpdater-1.0-SACGARJE-PC-Sachin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16] (Adobe Systems Incorporated)
Task: {5A702032-C21A-4B52-960F-0A173176B597} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {8145464F-F7FC-4C4C-8E6A-720D066AD8D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {88336045-9B27-48D4-9964-E964DE358011} - System32\Tasks\HPCeeScheduleForSachin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {9C60CA2E-1D4E-410C-B144-32AAEE3B9D89} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-garjesachin07@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16] (Adobe Systems Incorporated)
Task: {9E173215-AC8A-4519-ABF0-33E926E2109A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-16] (Google Inc.)
Task: {A402029B-4631-40B9-9BB6-3D89EFEC5968} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-02] (Hewlett-Packard Development Company, L.P.)
Task: {B2BDC00D-CFB5-429A-9E9E-A83CDFBBC612} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {F022635A-728B-4E4D-9793-5A9C2F43F568} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {F5F4A866-1A3D-42F0-933A-A1A69B0D00E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {FAD4B92A-A577-4B95-A05B-895208A6E8F3} - System32\Tasks\Update Service YourFileDownloader => C:\Program Files (x86)\YourFileDownloaderUpdater\YourFileDownloaderUpdater.exe <==== ATTENTION
Task: {FFF1CA8D-C65E-43B3-8F17-B601014AAA49} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForSachin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2014-05-13 08:58 - 2015-04-09 03:00 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-29 02:01 - 2014-03-29 02:01 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-29 01:57 - 2014-03-29 01:57 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-29 02:18 - 2014-03-29 02:18 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-29 02:18 - 2014-03-29 02:18 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2010-11-16 19:08 - 2010-11-16 19:08 - 00339456 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-12-04 21:14 - 2013-12-04 21:14 - 00200168 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 21:14 - 2013-12-04 21:14 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 21:14 - 2013-12-04 21:14 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-18 12:10 - 2013-10-18 12:10 - 14405200 _____ () F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-hostd.exe
2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-29 02:06 - 2014-03-29 02:06 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () F:\ProgramFiles(x86)\VMware\VMware Workstation\libxml2.dll
2015-03-31 00:44 - 2015-03-28 09:15 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-11-16 01:44 - 2014-11-16 01:43 - 00188928 __RSH () C:\Users\Sachin\AppData\Roaming\gleam\nvm.dll
2014-05-13 08:49 - 2013-12-10 20:57 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-320099953-2498947634-3713143922-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sachin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Connectify Dispatch"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\StartupApproved\StartupFolder: => "Hyperion.vbs"
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\StartupApproved\Run: => "LAN Messenger"
HKU\S-1-5-21-320099953-2498947634-3713143922-1002\...\StartupApproved\Run: => "BitTorrent"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1C3E6606-746A-468D-8A28-C89636418F8C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C63E5671-AFB5-4B9F-8A1E-3CB3634DD5A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{87ADACB7-7EC2-46B4-A5CC-1D46CD060D6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DF818F1F-8A5A-446C-A5B1-C163EF29444B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A6C6470E-8E36-427D-9BA8-1496357CFAF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{46DA4DE7-0574-4A09-827C-F5F2CE6C570D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DCBC7383-4233-455F-BAB8-7D21F23EEA60}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8BBAE74E-98F3-4137-8FE5-0070C7B34B57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBB3D2E1-1442-401A-99C8-A4D1FCA72A8C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{80C798D0-DBE7-4FEB-8421-BFDB5928EC8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2497414F-17F7-49A8-ACD0-8A1A09D4C656}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{8B064C40-0CC0-46A6-9C04-62D92F87C2B6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{F417DA7D-7A16-46F6-AD1E-3DCDFD6343F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{A3C48A9C-C2AF-4B60-A0EE-FC077B9405C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{B1CD3B29-7D0F-42FC-AD65-CDAA4F951D16}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{45F91869-13B8-403C-A662-389233D2AF5A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{0DA79B90-0940-4EA4-A673-8E121BD545FB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1074791F-B71C-45B6-BCC9-5E31200C9303}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{52F7A7D1-5302-4F1F-A386-258FD69429BB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B681305B-37B8-458D-A46E-ACA8EC77BD84}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{67BB8057-734B-4EFF-979F-E7B10DF3BC46}] => (Allow) C:\Users\Sachin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{87C3E203-05FB-4802-ADB8-A7D0D9B5F2C1}C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_32241.exe] => (Allow) C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_32241.exe
FirewallRules: [UDP Query User{B500DA0F-9041-4BB4-871F-7F2541AF6508}C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_32241.exe] => (Allow) C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_32241.exe
FirewallRules: [TCP Query User{78C0CBAE-F61B-4223-A578-780357D8D9CF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F2A4FAB5-69B7-4141-B8AC-7C5B00D9B5AB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F4CAACEB-51B2-4DEB-AB27-3FECA64CD394}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{7F4DDC73-3A59-46E1-A89A-755A5DBCF251}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [TCP Query User{B7158380-A724-4BD5-95F8-4E9E45541381}F:\cs1.6\hl.exe] => (Allow) F:\cs1.6\hl.exe
FirewallRules: [UDP Query User{C0AD9900-1B99-49D9-87D4-B280AA20722D}F:\cs1.6\hl.exe] => (Allow) F:\cs1.6\hl.exe
FirewallRules: [TCP Query User{D1508C29-E799-4229-BA27-0B3547D1BC1F}F:\games\nfs mw 2012\nfs13.exe] => (Allow) F:\games\nfs mw 2012\nfs13.exe
FirewallRules: [UDP Query User{4E04EB65-C529-4057-82C0-9BF52AA07841}F:\games\nfs mw 2012\nfs13.exe] => (Allow) F:\games\nfs mw 2012\nfs13.exe
FirewallRules: [TCP Query User{6A352403-F1AE-4B22-A089-AAB3891D5C62}F:\games\nfs mw 2012\nfs13.exe] => (Allow) F:\games\nfs mw 2012\nfs13.exe
FirewallRules: [UDP Query User{42E80496-B335-4B5A-9E21-BBDC22D0DDF7}F:\games\nfs mw 2012\nfs13.exe] => (Allow) F:\games\nfs mw 2012\nfs13.exe
FirewallRules: [TCP Query User{C8407081-121D-43E6-AA06-8F5BE9D5F67B}F:\games\flatout\flatout 2\flatout2.exe] => (Allow) F:\games\flatout\flatout 2\flatout2.exe
FirewallRules: [UDP Query User{ADB0DB77-03F5-49DF-A613-978341D6FB15}F:\games\flatout\flatout 2\flatout2.exe] => (Allow) F:\games\flatout\flatout 2\flatout2.exe
FirewallRules: [{C2A67C13-F9E3-4A42-88CA-7C1DC010C357}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F96281FD-0575-46C0-9F2F-1D7C963E5F55}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{1BB9D791-2D1C-40EB-AFF0-63E061877821}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{56C38EB0-7B63-4414-BB89-09ADD54F88E3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{8076C0FE-520F-4CA5-92BA-91F3B583E5D2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{E21F70DB-98CC-4CD2-9C95-6B53D3AA68B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{D081C8B5-6FF0-4EDF-B380-4F96930C8F08}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{2A9D04E2-19E9-4A10-B193-A943BD6B3262}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EA29949E-6DF0-4082-8437-03BB6290CBC1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C114F423-A780-491B-84F3-FABCFC181366}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3513D7E7-F6C0-42D7-836C-EE44CBC97B27}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{CEA606CD-CC8E-43A6-AC1A-34DC45ADC9F4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{734C14A4-AEC8-498B-89B3-B10BBE85C2A3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1341CE79-B9E0-484A-A353-E4F75F7978D3}F:\lmc-1.2.35-win32\lmc.exe] => (Allow) F:\lmc-1.2.35-win32\lmc.exe
FirewallRules: [UDP Query User{974EB294-51E0-4AFE-BF53-BB5EB43072DF}F:\lmc-1.2.35-win32\lmc.exe] => (Allow) F:\lmc-1.2.35-win32\lmc.exe
FirewallRules: [TCP Query User{0F1A8801-880C-4982-B0BE-F6D46FA581A3}F:\program files\lmc-1.2.35-win32\lmc.exe] => (Allow) F:\program files\lmc-1.2.35-win32\lmc.exe
FirewallRules: [UDP Query User{835141E9-CEA6-4D86-9693-BF753DC25492}F:\program files\lmc-1.2.35-win32\lmc.exe] => (Allow) F:\program files\lmc-1.2.35-win32\lmc.exe
FirewallRules: [TCP Query User{1FD126D5-9F14-45F1-B784-087719EA4ECE}F:\program files\lmc-1.2.35-win32\lmc.exe] => (Allow) F:\program files\lmc-1.2.35-win32\lmc.exe
FirewallRules: [UDP Query User{082F02BC-8985-4572-B67B-27C5F512E58D}F:\program files\lmc-1.2.35-win32\lmc.exe] => (Allow) F:\program files\lmc-1.2.35-win32\lmc.exe
FirewallRules: [TCP Query User{C87AECCE-6DDD-444F-9B35-7ED938183BA3}F:\program files\arma 3\arma3.exe] => (Allow) F:\program files\arma 3\arma3.exe
FirewallRules: [UDP Query User{12684CC3-4DD0-491B-A421-ADA8FDA9A92B}F:\program files\arma 3\arma3.exe] => (Allow) F:\program files\arma 3\arma3.exe
FirewallRules: [TCP Query User{FD1C2C01-6CF6-4128-96EE-49A32D456A16}F:\program files\arma 3\arma3.exe] => (Allow) F:\program files\arma 3\arma3.exe
FirewallRules: [UDP Query User{17468A3B-6AC8-4411-AE72-554D30AE8E81}F:\program files\arma 3\arma3.exe] => (Allow) F:\program files\arma 3\arma3.exe
FirewallRules: [{94078809-5ED0-4713-9DEC-7BE655058DC3}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{B82A80C5-C89A-4F94-912D-8D8602ACE907}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{536A3D50-4E5A-4431-A759-84A508E2C9E5}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{FFE81CDD-7A79-41C6-948D-D736F93D5412}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [TCP Query User{9AFE2ACD-876C-419D-9ADA-54F49F03E595}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{0F0A9E58-461E-48DD-9A83-3922100B1B57}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E1FA752E-FC82-4A2A-B545-6943515BA6F5}F:\program files\eclipse\eclipse.exe] => (Allow) F:\program files\eclipse\eclipse.exe
FirewallRules: [UDP Query User{CBCE87DE-FAE2-4003-9B1B-CCCE36E7F8D2}F:\program files\eclipse\eclipse.exe] => (Allow) F:\program files\eclipse\eclipse.exe
FirewallRules: [{4562BF16-5F31-41AE-9561-D2E025F1BDDF}] => (Allow) F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{C0EFA547-90D7-4EBB-A60E-DB25F781C0AE}] => (Allow) F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{8B94B3F8-74D7-48F7-8A53-68FDB73E3B9E}] => (Allow) F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{7428910E-A434-4DC3-B811-9C8A0EBB10EF}] => (Allow) F:\ProgramFiles(x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [TCP Query User{CEAE028A-291D-4F2C-8BFE-9C0D61E75D00}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{75BE6426-4CDD-4E56-8D34-4698625B126D}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{08425825-EE55-4F98-9E4E-FFD9B7CA9C91}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{1B4AFCD7-3111-457C-891A-0810B91D729E}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{D04515D1-9F57-455E-B260-11FBE5A0A1C8}] => (Allow) F:\ProgramFiles(x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe
FirewallRules: [{CC7DD530-92A7-4FFE-A0DF-CE689AF9E73C}] => (Allow) F:\ProgramFiles(x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe
FirewallRules: [TCP Query User{7923DBFB-68A8-43BC-9B63-98EDEFA638F9}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [UDP Query User{C741CB92-3DE7-4C0A-9247-486E6D49A92B}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{002635DD-B81A-461C-AE9B-C7570469B7B1}] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [{13C83E15-BCFF-4EAB-B7D7-0B7E9B345E3E}] => (Block) C:\program files (x86)\connectify\connectify.exe
FirewallRules: [TCP Query User{CE2E82B2-DB25-4EA5-A10C-280A4166ECEB}F:\programfiles(x86)\far cry 4\bin\farcry4.exe] => (Block) F:\programfiles(x86)\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{BE382FEC-CF61-4B4D-8116-4F7FE7F9B757}F:\programfiles(x86)\far cry 4\bin\farcry4.exe] => (Block) F:\programfiles(x86)\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{58A55BAF-33A3-4B63-A6FB-D0CDE4DB031C}F:\programfiles(x86)\medal of honor warfighter\mohw.exe] => (Block) F:\programfiles(x86)\medal of honor warfighter\mohw.exe
FirewallRules: [UDP Query User{D8F98437-356D-4E13-BCF9-AF66342F49C7}F:\programfiles(x86)\medal of honor warfighter\mohw.exe] => (Block) F:\programfiles(x86)\medal of honor warfighter\mohw.exe
FirewallRules: [TCP Query User{10849C72-88F6-4227-9FDB-85E8FB493F86}F:\games\need for speed the run\need for speed the run (2).exe] => (Block) F:\games\need for speed the run\need for speed the run (2).exe
FirewallRules: [UDP Query User{E7CE73A7-9B09-4E95-9C7F-32864224DFD2}F:\games\need for speed the run\need for speed the run (2).exe] => (Block) F:\games\need for speed the run\need for speed the run (2).exe
FirewallRules: [{494D6AB1-59B2-4EF8-9C6A-8CA065D338A1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1FA4C084-F1F5-410C-9D07-9E8417B52F07}] => (Allow) LPort=2869
FirewallRules: [{13C553F0-7FDA-4B37-9394-74342DCDFFE6}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{C391EE66-391F-459C-A73D-6A60949816A6}C:\users\hp pc\downloads\bittorrent.exe] => (Allow) C:\users\hp pc\downloads\bittorrent.exe
FirewallRules: [UDP Query User{76014B1B-8DA3-4945-BC24-60CB8BBBEA35}C:\users\hp pc\downloads\bittorrent.exe] => (Allow) C:\users\hp pc\downloads\bittorrent.exe
FirewallRules: [TCP Query User{0A25295C-DAE2-454B-8BF6-80D24D34BB3F}C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_38657.exe] => (Allow) C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_38657.exe
FirewallRules: [UDP Query User{B89BD379-3DB4-494A-891D-B165F92264B1}C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_38657.exe] => (Allow) C:\users\hp pc\appdata\roaming\bittorrent\updates\7.9.2_38657.exe
FirewallRules: [TCP Query User{92F1FACE-8CF7-47AA-B7D0-AAB68516412A}C:\users\hp pc\appdata\roaming\utorrent\updates\3.4.2_38758.exe] => (Allow) C:\users\hp pc\appdata\roaming\utorrent\updates\3.4.2_38758.exe
FirewallRules: [UDP Query User{B5E28DCE-AE68-4552-90E1-B3CB8A3FF5CE}C:\users\hp pc\appdata\roaming\utorrent\updates\3.4.2_38758.exe] => (Allow) C:\users\hp pc\appdata\roaming\utorrent\updates\3.4.2_38758.exe
FirewallRules: [{CBC8848B-F3F4-4886-9502-D44EDB846F56}] => (Block) C:\users\hp pc\appdata\roaming\utorrent\updates\3.4.2_38758.exe
FirewallRules: [{8200844F-7B1C-4EA3-B64C-40F4EC7BF8A9}] => (Block) C:\users\hp pc\appdata\roaming\utorrent\updates\3.4.2_38758.exe
FirewallRules: [{F705297E-2D0C-411D-BE3B-2A719343768D}] => (Allow) C:\Users\Sachin\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2D6D94B6-82BD-405E-8648-A1D3B491FEA9}] => (Allow) C:\Users\Sachin\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{37B6B69E-5156-4E02-A18F-28617DFDFAFD}] => (Allow) F:\ProgramFiles(x86)\Steam\Steam.exe
FirewallRules: [{41865E3B-E501-48AD-BF09-1BA12B1CABF9}] => (Allow) F:\ProgramFiles(x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{1CC0E647-2D75-470E-A60A-1C4EDDFDB801}F:\programfiles(x86)\spec ops the line\binaries\win32\specopstheline.exe] => (Allow) F:\programfiles(x86)\spec ops the line\binaries\win32\specopstheline.exe
FirewallRules: [UDP Query User{17BF6BE1-A66F-44E9-AC56-814727C78436}F:\programfiles(x86)\spec ops the line\binaries\win32\specopstheline.exe] => (Allow) F:\programfiles(x86)\spec ops the line\binaries\win32\specopstheline.exe
FirewallRules: [TCP Query User{0C4775D5-D17D-46BC-B8B1-8BD867471709}F:\programfiles(x86)\most wanted nfs\speed (2).exe] => (Allow) F:\programfiles(x86)\most wanted nfs\speed (2).exe
FirewallRules: [UDP Query User{D9737E57-095E-40DB-AD73-A468B6C64310}F:\programfiles(x86)\most wanted nfs\speed (2).exe] => (Allow) F:\programfiles(x86)\most wanted nfs\speed (2).exe
FirewallRules: [{D4AA6314-1C2F-446E-A4E6-BC999A61F4C6}] => (Allow) F:\ProgramFiles(x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{98208CFA-5EBF-406D-ACE6-DAA7E293DE11}] => (Allow) F:\ProgramFiles(x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8D0F83CF-D0C9-4F24-9B64-3B3B468ABC1D}F:\programfiles(x86)\mozilla firefox\firefox.exe] => (Block) F:\programfiles(x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{13A5B989-BE73-46C8-A7FB-A30992B7F23C}F:\programfiles(x86)\mozilla firefox\firefox.exe] => (Block) F:\programfiles(x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{2200A279-C12D-41AB-9869-80EBCD03DE30}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{9F0E1BBC-9D77-4628-A19A-6E8D7250C729}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{4431A453-061D-410C-B035-36C13B6FF3AE}F:\programfiles(x86)\p2p voip beta 1.1\p2p.exe] => (Allow) F:\programfiles(x86)\p2p voip beta 1.1\p2p.exe
FirewallRules: [UDP Query User{6F610F26-D2B9-4A5B-9372-ABD3E9CB43A8}F:\programfiles(x86)\p2p voip beta 1.1\p2p.exe] => (Allow) F:\programfiles(x86)\p2p voip beta 1.1\p2p.exe
FirewallRules: [{94F4A74D-90DE-41AC-ADB5-7423F9C12CD9}] => (Allow) C:\Program Files\7-Zip\7zFM.exe
FirewallRules: [{3A271C97-64DC-4FB4-8B32-3731381436D9}] => (Allow) C:\Program Files\7-Zip\7zFM.exe
FirewallRules: [{D7034ADC-8711-430D-BE2E-05A2C6C459FB}] => (Allow) F:\ProgramFiles(x86)\SplitSecond\SplitSecond.exe
FirewallRules: [{7FD4AA9C-A112-4B5A-80C0-A78B6870E91A}] => (Allow) F:\ProgramFiles(x86)\SplitSecond\SplitSecond.exe
FirewallRules: [TCP Query User{BD4A555B-2FB0-49D8-BAA4-684491C56838}C:\program files (x86)\nvidia corporation\nsight visual studio edition 4.5\monitor\common\nsight.monitor.exe] => (Allow) C:\program files (x86)\nvidia corporation\nsight visual studio edition 4.5\monitor\common\nsight.monitor.exe
FirewallRules: [UDP Query User{31E93930-6B66-45D8-B818-904A9E2869CB}C:\program files (x86)\nvidia corporation\nsight visual studio edition 4.5\monitor\common\nsight.monitor.exe] => (Allow) C:\program files (x86)\nvidia corporation\nsight visual studio edition 4.5\monitor\common\nsight.monitor.exe
FirewallRules: [{1906D243-523F-4311-80DD-EAF61FDE2AF4}] => (Allow) F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{5444AC5F-74B6-4AD0-8D82-3E12FB433224}] => (Allow) F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{EAD41F3E-DBC5-4882-B608-FBF97C487728}] => (Allow) F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{3AA4CCFF-DC18-449B-B871-47A423D8D6D1}] => (Allow) F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{2A02C1D9-168B-48DF-A719-E5A4E6DFB1E4}] => (Allow) F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{904B88A9-6B00-434A-89BC-6483E3F60095}] => (Allow) F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{16FFC224-6469-4523-88A0-90F46B0EA5BF}] => (Allow) F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{05BB734D-3F1D-4F94-9288-06F5C3B80326}] => (Allow) F:\ProgramFiles(x86)\Counter-Strike 1.6\cstrike.exe
FirewallRules: [{C99CAC61-DD6D-47D9-93FD-7B9C79C742DF}] => (Allow) F:\ProgramFiles(x86)\Counter-Strike 1.6\cstrike.exe
FirewallRules: [{87737146-5905-448D-A3EF-61B1E55E795D}] => (Allow) F:\ProgramFiles(x86)\Counter-Strike 1.6\cstrike.exe
FirewallRules: [{65242094-2AA7-46B7-B3C9-16EC9392935D}] => (Allow) F:\ProgramFiles(x86)\Counter-Strike 1.6\cstrike.exe
FirewallRules: [TCP Query User{1A3C1F53-E36C-4AEA-9F03-758F7B6FF83E}F:\programfiles(x86)\counter-strike 1.6\hl.exe] => (Allow) F:\programfiles(x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{1290B06D-C3A3-4AF9-9EBC-8AFA55455C8D}F:\programfiles(x86)\counter-strike 1.6\hl.exe] => (Allow) F:\programfiles(x86)\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{93D5B8F8-D510-42BD-B566-EDD18ACAFBB7}F:\recieved\counter-strike 1.6\hl.exe] => (Allow) F:\recieved\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{B30FAFC1-D23D-4645-9D5F-B9578D66556D}F:\recieved\counter-strike 1.6\hl.exe] => (Allow) F:\recieved\counter-strike 1.6\hl.exe
FirewallRules: [{F7992EC4-66E1-4862-AC1A-695DEEDB99CA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5A2411E9-332D-4D32-814D-578F7CC424F3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E36FC82C-4418-4487-A903-FE1F61E63CE6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B0526CC9-29EB-4A8D-9F03-197A5242CC71}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C17B6DB5-8A7F-4317-A880-464B78CE81A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/09/2015 11:55:43 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (05/09/2015 11:55:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (05/09/2015 11:13:50 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/09/2015 04:03:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 04:00:42 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (05/09/2015 03:57:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 03:57:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 03:57:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 03:57:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/09/2015 03:53:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231


System errors:
=============
Error: (05/09/2015 00:05:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (05/09/2015 00:05:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (05/09/2015 00:05:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (05/09/2015 00:04:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Skype Click to Call PNR Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:04:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Software Framework Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:04:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:04:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/09/2015 00:04:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:04:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:04:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (05/09/2015 11:55:43 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (05/09/2015 11:55:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4

Error: (05/09/2015 11:13:50 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/09/2015 04:03:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\ProgramFiles(x86)\Microsoft Visual Studio 12.0\VC\redist\1033\vcredist_arm.exe

Error: (05/09/2015 04:00:42 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/09/2015 03:57:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdCaps.dll

Error: (05/09/2015 03:57:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdFS.dll

Error: (05/09/2015 03:57:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKCmdDefrag.dll

Error: (05/09/2015 03:57:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DWA\resources\libraries\ARKEngine.dll

Error: (05/09/2015 03:53:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418231


CodeIntegrity Errors:
===================================
  Date: 2015-05-09 04:45:43.065
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:42.940
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:42.830
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:36.080
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:35.883
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:35.711
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:35.492
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:35.305
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:35.101
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-09 04:45:34.867
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 54%
Total physical RAM: 4026.15 MB
Available physical RAM: 1811.88 MB
Total Pagefile: 8890.15 MB
Available Pagefile: 6660.51 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:251.18 GB) (Free:166.93 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.48 GB) (Free:2.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (New Volume) (Fixed) (Total:610.01 GB) (Free:287.56 GB) NTFS
Drive h: (New Volume) (Fixed) (Total:48.83 GB) (Free:48.7 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CAF3903F)

Partition: GPT Partition Type.

==================== End Of Log ============================ 



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,646 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:06:28 AM

Posted 12 May 2015 - 04:45 PM

hi hpcomp,

 

Iam shelf life and will try to help you. Normally Iam only on this site once or twice per day. More on the weekends. If you dont get a quick reply back from me, you will get one soon.

 

We will get two downlloads to start with, both target adware.

Run them and post there logs and we will go from there.

 

Please download adwcleaner and save to your desktop.

    http://www.bleepingcomputer.com/download/adwcleaner/

    Right click AdwCleaner.exe and select "run as admin"
    Accept the disclaimer
    Click on the Scan button.
    Once the scan is done, Click the Clean button
    Press OK when asked to close all programs and follow the onscreen prompts.
    Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically
    Copy and paste the contents of that logfile in your next reply.
    A copy of that logfile will also be saved in the C:\AdwCleaner folder.
 
==========================================================
     Please download Junkware Removal Tool to your desktop.

     http://thisisudax.org/downloads/JRT.exe

    Shutdown your antivirus to avoid any conflicts.
    Double click the icon or Right click for Vista/W7,8 and select Run as administrator
    The tool will open and start scanning.
    Please be patient as this can take a while to complete.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users