Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

windows:nlspreferences_rogue killer_cpu usage 100 percent


  • Please log in to reply
3 replies to this topic

#1 navrane

navrane

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 13 January 2016 - 06:42 AM

Hi,

 

My system is very slow for about month. I ran rogue killer and it detected hidden.ads named windows:nlspreferences

I removed it and malwarebyts, adware cleaners didn't find before and after that. System became slow again after sometime. Found the same thing back after repeat check with Rogue Killer, which says it's a malware. :(

I'm pasting FRST log below. Would be great if someone can help. I'm really fedup of slow computer and afraid it would affect my Laptop if I exchange data through pendrive.

----------------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by This pc (administrator) on THISPC-PC (13-01-2016 17:07:01)
Running from C:\Users\This pc\Desktop
Loaded Profiles: This pc (Available Profiles: This pc & san-pc & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Zhorn Software) C:\Program Files (x86)\Stickies\stickies.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe
() D:\softwares\Security\Emergency Virus Removal and recovery\RogueKiller.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Opera Software) C:\Program Files (x86)\Opera\34.0.2036.25\opera.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-08] (COMODO)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8781568 2015-12-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [12288 2012-04-19] ()
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\MountPoints2: {ca7bdd62-a2cb-11e5-8709-d43d7e3758b9} - F:\.\ShowModem.exe
HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\GPhotos.scr [4587520 2015-09-16] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP3000 Status Window.lnk [2015-12-25]
ShortcutTarget: Canon LBP3000 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB3LAD.EXE (CANON INC.)
Startup: C:\Users\This pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk [2015-03-02]
ShortcutTarget: Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (Zhorn Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{15C98F9C-03F6-49B8-A4EB-D59FF7B9CE7F}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{19BC3A0F-4ECA-40A7-A4BC-B266BCED7F65}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{1D3DD77B-2E7F-4C4E-84A0-8DA449F2BFCD}: [DhcpNameServer] 192.168.1.1 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-26] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-26] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-24] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-24] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-25] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-25] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-25] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-25] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-26] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-28] (Google Inc.)
FF Extension: WOT - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-28]
FF Extension: NoScript - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08]
FF Extension: ColorZilla - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2016-01-04]
FF Extension: YouTube Video and Audio Downloader - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-01-02]
FF Extension: Firebug - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\Extensions\firebug@software.joehewitt.com.xpi [2016-01-03]
FF Extension: Media Converter and Muxer - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\Extensions\jid1-kps5PrGBNtzSLQ@jetpack.xpi [2015-12-30]
FF Extension: uBlock Origin - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\Extensions\uBlock0@raymondhill.net.xpi [2016-01-11]
FF Extension: Adblock Plus - C:\Users\This pc\AppData\Roaming\Mozilla\Firefox\Profiles\pegk4o91.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-28]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.co.in/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-28]
CHR Extension: (Google Drive) - C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-28]
CHR Extension: (YouTube) - C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-28]
CHR Extension: (Google Search) - C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-28]
CHR Extension: (Google Docs Offline) - C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-28]
CHR Extension: (Gmail) - C:\Users\This pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-28]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-05-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-09-30] (Kaspersky Lab ZAO)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-10] (COMODO)
S4 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-08] (COMODO)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-05-01] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1779664 2015-12-20] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-12-19] (MSI)
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [146032 2015-02-21] (Nalpeiron Ltd.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-11-22] (TeamViewer GmbH)
U3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-09-30] (AO Kaspersky Lab)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-02-22] (Advanced Micro Devices Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-11-18] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [126080 2015-12-15] (QUALCOMM Incorporated)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-09-30] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-11-14] (Emsisoft GmbH)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-22] (REALiX™)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-30] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-09-30] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-09-30] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-09-30] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-21] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940928 2015-12-03] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-09-30] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-30] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-09-30] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-18] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-18] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2015-12-19] (MSI)
S3 NTIOLib_1_0_6; C:\Program Files (x86)\Setup Files\Ms7641vHH0\NTIOLib_X64.sys [11888 2011-01-06] (MSI) [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2016-01-13] ()
S1 ESProtectionDriver; \??\C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-13 17:07 - 2016-01-13 17:07 - 00017888 _____ C:\Users\This pc\Desktop\FRST.txt
2016-01-13 17:06 - 2016-01-13 17:07 - 00000000 ____D C:\FRST
2016-01-13 16:52 - 2016-01-13 16:52 - 02370560 _____ (Farbar) C:\Users\This pc\Desktop\FRST64.exe
2016-01-13 16:21 - 2016-01-13 16:22 - 00001756 _____ C:\Users\This pc\Desktop\Rkill.txt
2016-01-13 11:56 - 2016-01-13 15:27 - 00000000 ____D C:\Users\This pc\Desktop\budgets_finance_invoice_planners
2016-01-13 10:35 - 2016-01-13 10:35 - 01322758 _____ C:\Users\This pc\Desktop\Form13.pdf
2016-01-12 23:45 - 2016-01-12 23:45 - 00003892 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-12 23:45 - 2016-01-12 23:45 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-12 10:45 - 2016-01-12 10:45 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1452575678
2016-01-12 10:45 - 2016-01-12 10:45 - 00000000 ____D C:\Users\This pc\AppData\Roaming\Opera Software
2016-01-12 10:45 - 2016-01-12 10:45 - 00000000 ____D C:\Users\This pc\AppData\Local\Opera Software
2016-01-12 10:45 - 2016-01-12 10:44 - 00001139 _____ C:\Users\Public\Desktop\Opera.lnk
2016-01-12 10:45 - 2016-01-12 10:44 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-12 10:44 - 2016-01-12 23:32 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-12 10:40 - 2016-01-13 09:18 - 00000000 ____D C:\Users\This pc\Desktop\Google Apps
2016-01-12 02:32 - 2016-01-12 02:34 - 15499441 _____ (Free Distribution ) C:\Users\This pc\Downloads\gslite.exe
2016-01-10 10:24 - 2016-01-10 14:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-08 08:42 - 2016-01-08 08:42 - 00003699 _____ C:\Users\This pc\AppData\Local\recently-used.xbel
2016-01-05 23:50 - 2016-01-05 23:50 - 00001130 _____ C:\Users\This pc\Desktop\2016 - Shortcut.lnk
2016-01-05 18:49 - 2016-01-05 18:49 - 00007774 _____ C:\Users\This pc\Downloads\PaymentReceipt.pdf
2016-01-04 23:38 - 2013-01-14 02:47 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:47 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:46 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:41 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:05 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:05 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:05 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:01 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-01-04 23:38 - 2013-01-14 02:01 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:01 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-01-04 23:38 - 2013-01-14 01:52 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-01-04 23:38 - 2013-01-14 01:50 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-01-04 23:38 - 2013-01-14 01:39 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-01-04 23:38 - 2013-01-14 01:38 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-01-04 23:38 - 2013-01-14 01:29 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-01-04 23:38 - 2013-01-14 01:28 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-01-04 23:38 - 2013-01-14 01:24 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-01-04 23:38 - 2013-01-14 01:23 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-01-04 23:38 - 2013-01-14 01:23 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-01-04 23:38 - 2013-01-14 01:21 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-01-04 23:38 - 2013-01-14 01:19 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-01-04 23:38 - 2013-01-14 01:18 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-01-04 23:38 - 2013-01-14 01:16 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-01-04 23:38 - 2013-01-14 01:13 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-01-04 23:38 - 2013-01-14 01:08 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-01-04 23:38 - 2013-01-14 01:08 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-01-04 23:38 - 2013-01-14 01:07 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-01-04 23:38 - 2013-01-14 00:55 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-01-04 23:38 - 2013-01-14 00:54 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-01-04 23:38 - 2013-01-14 00:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-01-04 23:38 - 2013-01-14 00:50 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-01-04 23:38 - 2013-01-14 00:50 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-01-04 23:38 - 2013-01-14 00:45 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-01-04 23:38 - 2013-01-14 00:40 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-01-04 23:38 - 2013-01-14 00:32 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-01-04 23:38 - 2013-01-14 00:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-01-04 23:38 - 2013-01-14 00:02 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-01-04 23:38 - 2013-01-13 23:39 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-01-04 23:38 - 2013-01-13 22:56 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-01-04 23:38 - 2013-01-13 22:35 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-01-04 23:38 - 2013-01-04 11:41 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-04 23:38 - 2013-01-04 11:41 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-04 23:34 - 2012-08-21 00:18 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-04 23:34 - 2012-08-21 00:18 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-04 23:34 - 2012-08-21 00:18 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-04 23:34 - 2012-08-21 00:18 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-04 23:34 - 2012-08-21 00:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-04 23:34 - 2012-08-21 00:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-04 23:34 - 2012-08-21 00:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-04 23:34 - 2012-08-21 00:16 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-04 23:34 - 2012-08-21 00:08 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-04 23:34 - 2012-08-21 00:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:10 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-04 23:34 - 2012-08-20 23:08 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-04 23:34 - 2012-08-20 23:07 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-04 23:34 - 2012-08-20 23:07 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-04 23:34 - 2012-08-20 23:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 23:02 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 21:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-04 23:34 - 2012-08-20 21:08 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-04 23:34 - 2012-08-20 21:03 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 21:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 21:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-04 23:34 - 2012-08-20 21:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-04 23:32 - 2012-11-23 08:43 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-01-04 17:41 - 2016-01-04 17:41 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-01-04 17:41 - 2016-01-04 17:41 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-01-03 17:02 - 2016-01-03 17:04 - 27931497 _____ C:\Users\This pc\Downloads\package.zip
2016-01-01 00:53 - 2016-01-01 00:53 - 00954279 _____ C:\Users\This pc\Downloads\Translation_ssharma_2015.12.31_14.18.zip
2016-01-01 00:51 - 2016-01-01 00:51 - 00018498 _____ C:\Users\This pc\Downloads\LingValTrans_ssharma_2015.12.31_14.17.zip
2016-01-01 00:49 - 2016-01-01 00:50 - 00829435 _____ C:\Users\This pc\Downloads\Translation_ssharma_2015.12.31_14.15.zip
2015-12-31 21:56 - 2015-12-31 21:56 - 00829435 _____ C:\Users\This pc\Downloads\Translation_ssharma_2015.12.31_11.21.zip
2015-12-31 19:33 - 2016-01-01 22:30 - 00000000 ____D C:\Users\This pc\AppData\Local\Foxit Reader
2015-12-31 18:01 - 2015-12-31 18:01 - 00000000 ____D C:\Users\This pc\AppData\Roaming\dvdcss
2015-12-31 10:21 - 2015-12-31 10:21 - 00004096 ____H C:\Users\This pc\AppData\Local\keyfile3.drm
2015-12-31 09:07 - 2015-12-31 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-12-31 09:07 - 2015-12-31 09:07 - 00000000 ____D C:\Program Files\RogueKiller
2015-12-31 09:00 - 2015-12-31 09:01 - 00212664 _____ C:\TDSSKiller.3.1.0.9_31.12.2015_09.00.02_log.txt
2015-12-31 05:50 - 2015-12-31 05:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2015-12-31 05:03 - 2015-12-31 05:03 - 00001306 _____ C:\Users\This pc\Documents\TPT Job and invoice, invoice det.sti
2015-12-30 04:42 - 2015-12-30 04:42 - 00003117 _____ C:\Users\This pc\Downloads\wp-config.php
2015-12-30 04:41 - 2015-12-30 04:41 - 00000960 _____ C:\Users\This pc\Downloads\better-wp-security.php
2015-12-30 01:01 - 2015-12-30 01:02 - 00000000 ____D C:\Users\This pc\Downloads\rufus_files
2015-12-30 01:00 - 2015-12-30 01:52 - 00000400 __RSH C:\ProgramData\ntuser.pol
2015-12-29 19:27 - 2015-12-29 22:27 - 869040128 _____ C:\Users\This pc\Downloads\20151227_sampreshan_56801e2f2600f1546151227172151.log.tar.gz
2015-12-28 23:21 - 2015-12-28 23:21 - 00000000 ____D C:\Users\This pc\AppData\Local\Apps\2.0
2015-12-28 11:27 - 2016-01-08 08:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-28 11:27 - 2015-12-28 11:27 - 00000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-28 11:27 - 2015-12-28 11:27 - 00000000 ____D C:\Users\This pc\AppData\Roaming\Mozilla
2015-12-28 10:43 - 2015-12-28 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-28 10:42 - 2016-01-13 16:54 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-28 10:42 - 2016-01-13 10:54 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-28 10:42 - 2015-12-28 10:49 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-28 10:42 - 2015-12-28 10:49 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-28 10:42 - 2015-12-28 10:44 - 00000000 ____D C:\Program Files (x86)\GUMDA8D.tmp
2015-12-28 03:21 - 2015-12-28 03:21 - 00022696 _____ C:\Users\This pc\Documents\cc_20151228_032116.reg
2015-12-28 02:17 - 2015-12-28 02:18 - 00213238 _____ C:\TDSSKiller.3.1.0.9_28.12.2015_02.17.40_log.txt
2015-12-28 02:12 - 2015-12-28 02:12 - 00000364 _____ C:\TDSSKiller.3.1.0.5_28.12.2015_02.12.37_log.txt
2015-12-27 23:01 - 2015-12-29 01:42 - 00000000 ____D C:\Users\This pc\Desktop\PRASHANT
2015-12-27 15:41 - 2015-12-27 15:41 - 01300278 _____ C:\Users\This pc\drawing.svg
2015-12-27 15:19 - 2015-12-27 15:19 - 00000000 ____D C:\Users\This pc\AppData\Roaming\inkscape
2015-12-27 02:01 - 2015-12-27 02:01 - 00000206 _____ C:\Users\This pc\Desktop\glossary.txt
2015-12-27 01:36 - 2016-01-04 07:44 - 00002548 _____ C:\Users\This pc\Documents\tv.xbp
2015-12-27 01:26 - 2015-12-27 01:56 - 00001089 _____ C:\Users\Public\Desktop\Xbench.lnk
2015-12-25 22:06 - 2016-01-06 02:05 - 00000000 ____D C:\Users\This pc\AppData\Roaming\vlc
2015-12-25 18:51 - 2015-12-25 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-12-25 18:51 - 2015-12-25 18:51 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2015-12-25 18:50 - 2015-12-25 18:53 - 00000000 ____D C:\Program Files (x86)\GUM5FC3.tmp
2015-12-25 18:44 - 2015-12-25 18:48 - 00000000 ____D C:\Program Files (x86)\GUM636B.tmp
2015-12-25 18:36 - 2015-12-29 23:40 - 00000915 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-25 18:36 - 2015-12-25 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-25 18:36 - 2015-12-25 18:36 - 00000000 ____D C:\Program Files\VideoLAN
2015-12-25 18:27 - 2015-12-25 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-12-25 18:27 - 2015-12-25 18:27 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-25 18:27 - 2015-12-25 18:27 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-12-25 18:26 - 2015-12-25 18:26 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-25 18:26 - 2015-12-25 18:26 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-25 11:44 - 2015-12-25 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
2015-12-25 11:41 - 2015-12-25 11:41 - 00222720 _____ (CANON INC.) C:\Windows\system32\CNAB3EMD.DLL
2015-12-25 11:41 - 2015-12-25 11:41 - 00126464 _____ (CANON INC.) C:\Windows\system32\CNAB3SMD.DLL
2015-12-25 11:41 - 2015-12-25 11:41 - 00065728 _____ (CANON INC.) C:\Windows\system32\CNAB3RPD.EXE
2015-12-25 11:41 - 2015-12-25 11:41 - 00062464 _____ (CANON INC.) C:\Windows\system32\CNAB3PTD.DLL
2015-12-25 11:41 - 2015-12-25 11:41 - 00058880 _____ (CANON INC.) C:\Windows\system32\CNAB3LMD.DLL
2015-12-22 02:31 - 2015-12-22 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2015-12-22 02:31 - 2015-12-22 02:31 - 00000000 ____D C:\Program Files\Inkscape
2015-12-22 02:10 - 2015-12-22 02:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UniConvertor 1.1.5
2015-12-22 02:10 - 2015-12-22 02:10 - 00000000 ____D C:\Program Files (x86)\MAKEMSI Package Documentation
2015-12-22 02:09 - 2015-12-22 02:09 - 00000000 ____D C:\Program Files (x86)\sK1 Project
2015-12-22 01:07 - 2015-12-22 01:07 - 00001505 _____ C:\Users\Guest\Desktop\Inkscape-0.48.lnk
2015-12-20 09:14 - 2016-01-04 23:44 - 00787608 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-20 05:45 - 2015-12-20 05:45 - 00000000 ____D C:\Program Files (x86)\Setup Files
2015-12-20 05:44 - 2015-12-20 05:44 - 00027136 _____ (Realtek ) C:\Windows\system32\Drivers\RtNdPt60.sys
2015-12-20 05:44 - 2015-12-20 05:44 - 00000000 ____D C:\IM
2015-12-20 05:42 - 2015-12-20 05:42 - 00981744 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-12-20 05:42 - 2015-12-20 05:42 - 00084072 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 01622016 _____ (NVIDIA) C:\Windows\NVBenchMarks.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 01060864 _____ (Microsoft Corporation) C:\Windows\MFC71.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00499712 _____ (Microsoft Corporation) C:\Windows\msvcp71.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00421888 _____ (NVIDIA) C:\Windows\nvsulib.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00380928 _____ (NVIDIA) C:\Windows\ntuneoem.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00348160 _____ (Microsoft Corporation) C:\Windows\msvcr71.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00217088 _____ C:\Windows\NVGfxOgl.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00053248 _____ (NVIDIA Corporation) C:\Windows\Nvgpio.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00045056 _____ (NVIDIA) C:\Windows\NTuneGpu.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00028672 _____ (NVIDIA) C:\Windows\AutoTuneScript.dll
2015-12-20 05:41 - 2015-12-20 05:41 - 00018216 _____ (NVidia Corp.) C:\Windows\nvoclk64.sys
2015-12-20 05:41 - 2015-12-20 05:41 - 00006912 _____ (NVidia Corp.) C:\Windows\nvoclock.sys
2015-12-20 05:41 - 2006-12-26 12:01 - 00000222 _____ C:\Windows\ver5.5.14.0.txt
2015-12-20 05:37 - 2015-12-20 05:37 - 00011248 _____ (Windows ® Win 7 DDK provider) C:\Windows\acpimof.dll
2015-12-19 15:55 - 2015-12-19 15:55 - 00000000 ____D C:\CIMTEMP
2015-12-19 15:53 - 2015-12-25 18:01 - 00000000 ____D C:\Program Files (x86)\MSI
2015-12-19 15:53 - 2015-12-25 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-12-19 15:42 - 2015-12-19 15:57 - 13820416 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-12-19 15:42 - 2015-12-19 15:57 - 10831872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-12-19 15:42 - 2015-12-19 15:57 - 00235520 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-12-19 15:42 - 2015-12-19 15:56 - 25637376 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 19364864 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 11540992 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 07534592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 06227456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 05052416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 01828864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 01113088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00512000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00494592 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-12-19 15:42 - 2015-12-19 15:56 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00356352 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00328192 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-12-19 15:42 - 2015-12-19 15:56 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-12-19 15:42 - 2015-12-19 15:56 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00058880 _____ (AMD) C:\Windows\system32\coinst.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00039936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00039936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00017408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00014336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-12-19 15:42 - 2015-12-19 15:56 - 00014336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-12-19 15:42 - 2012-05-05 03:43 - 00226504 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-12-19 15:42 - 2012-05-05 03:43 - 00226504 _____ C:\Windows\system32\atiapfxx.blb
2015-12-19 15:42 - 2012-05-05 03:01 - 02942336 _____ C:\Windows\system32\atiumd6a.cap
2015-12-19 15:42 - 2012-05-05 03:01 - 00204960 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-12-19 15:42 - 2012-05-05 03:01 - 00204960 _____ C:\Windows\system32\ativvsvl.dat
2015-12-19 15:42 - 2012-05-05 03:01 - 00157152 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-12-19 15:42 - 2012-05-05 03:01 - 00157152 _____ C:\Windows\system32\ativvsva.dat
2015-12-19 15:42 - 2012-05-05 02:52 - 02944064 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-12-19 15:42 - 2012-01-06 10:16 - 00037141 _____ C:\Windows\atiogl.xml
2015-12-19 15:42 - 2012-01-05 05:28 - 00600880 _____ C:\Windows\system32\atiicdxx.dat
2015-12-19 15:31 - 2015-12-19 15:31 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-12-19 15:31 - 2015-12-19 15:31 - 00000000 ____D C:\Windows\system32\DAX2
2015-12-19 15:31 - 2015-12-19 15:31 - 00000000 ____D C:\Program Files\Realtek
2015-12-19 15:29 - 2015-12-19 15:29 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 13120760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 12986528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 05776688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 05289952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 04686592 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-12-19 15:29 - 2015-12-19 15:29 - 03299832 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 03195648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 03040488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 02893568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-12-19 15:29 - 2015-12-19 15:29 - 02823280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 02683528 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 02130584 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 02030208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01435144 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01421104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01328496 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01211840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01186160 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01164336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01020208 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00998032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00933640 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00888472 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00716112 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00596120 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00589080 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-12-19 15:29 - 2015-12-19 15:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00448592 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00447720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00224256 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00209544 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00172584 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00084624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-12-19 15:29 - 2015-12-19 15:29 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-12-19 15:29 - 2015-11-27 07:16 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-12-19 15:29 - 2015-11-27 07:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-12-19 15:29 - 2015-11-27 07:16 - 04307112 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-12-19 15:29 - 2015-11-27 07:16 - 03152937 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-12-19 15:28 - 2015-12-19 15:29 - 09997848 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 05338936 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 02437136 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00952984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00470312 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00369296 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00122320 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00118600 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-12-19 15:28 - 2015-12-19 15:28 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2015-12-18 22:18 - 2015-12-19 16:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\059B06BC.sys
2015-12-18 00:41 - 2015-12-18 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-16 17:27 - 2015-12-16 17:27 - 00199794 _____ C:\Users\This pc\Documents\cc_20151216_172727.reg
2015-12-15 19:45 - 2015-12-15 19:46 - 00126080 _____ (QUALCOMM Incorporated) C:\Windows\system32\Drivers\cmnsusbser.sys
2015-12-15 19:45 - 2015-12-15 19:45 - 00103424 _____ (Thesycon GmbH) C:\Windows\SysWOW64\MyDIT_GenClassCoInst.dll
2015-12-15 13:26 - 2015-12-15 13:26 - 00000668 _____ C:\Users\This pc\Desktop\softwares - Shortcut.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-13 17:06 - 2009-07-14 08:50 - 00000000 ____D C:\Windows
2016-01-13 16:39 - 2009-07-14 10:15 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-13 16:39 - 2009-07-14 10:15 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-13 16:22 - 2015-05-04 08:15 - 00030848 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-01-13 10:05 - 2015-03-15 01:17 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-13 09:32 - 2015-02-23 23:33 - 00000000 ____D C:\Users\This pc\AppData\Roaming\Skype
2016-01-12 23:46 - 2015-02-21 00:02 - 00000000 ____D C:\Users\This pc\AppData\Local\Adobe
2016-01-12 23:45 - 2015-02-21 00:04 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-12 23:45 - 2015-02-21 00:04 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-12 23:28 - 2015-03-21 12:24 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-12 23:28 - 2015-03-02 00:14 - 00000000 ____D C:\Users\This pc\AppData\Roaming\stickies
2016-01-12 23:27 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-12 08:43 - 2015-05-08 12:31 - 00000000 ____D C:\Users\This pc\AppData\Local\CrashDumps
2016-01-12 08:43 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\inf
2016-01-11 21:12 - 2015-03-18 21:43 - 00000000 ____D C:\Users\This pc\AppData\Roaming\qBittorrent
2016-01-11 12:19 - 2015-02-20 23:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-10 23:52 - 2015-02-23 22:34 - 00000000 ____D C:\Users\This pc\AppData\Roaming\FileZilla
2016-01-08 08:42 - 2015-03-17 13:46 - 00000000 ____D C:\Users\This pc\AppData\Local\gtk-2.0
2016-01-08 08:42 - 2015-03-16 18:05 - 00000000 ____D C:\Users\This pc\.gimp-2.8
2016-01-05 20:00 - 2009-07-14 10:43 - 00876642 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 19:38 - 2015-05-13 22:53 - 00000000 ___SD C:\Users\This pc\AppData\LocalLow\Temp
2016-01-02 10:05 - 2015-09-26 12:04 - 00000000 ____D C:\Users\This pc\AppData\Local\Microsoft Games
2016-01-02 03:32 - 2015-02-21 16:02 - 00000000 ____D C:\Users\This pc\Desktop\ICONS
2016-01-01 02:20 - 2009-07-14 11:02 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-12-31 09:52 - 2015-12-04 12:39 - 00250720 _____ C:\Users\This pc\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-31 09:31 - 2015-11-15 03:13 - 00000000 ____D C:\EEK
2015-12-31 05:52 - 2015-02-20 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-31 05:52 - 2015-02-20 21:12 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-31 05:50 - 2015-02-20 21:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2015-12-31 05:50 - 2011-04-12 13:58 - 00000000 ____D C:\Windows\ShellNew
2015-12-31 05:45 - 2015-03-10 01:30 - 00007611 _____ C:\Users\This pc\AppData\Local\Resmon.ResmonCfg
2015-12-31 05:38 - 2009-07-14 08:04 - 00000478 _____ C:\Windows\win.ini
2015-12-31 05:22 - 2015-03-05 13:20 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-12-31 05:18 - 2015-05-01 04:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-12-30 17:33 - 2010-11-21 08:54 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-12-30 17:33 - 2010-11-21 08:54 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-12-30 17:33 - 2010-11-21 08:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2015-12-30 17:32 - 2010-11-21 08:54 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-30 17:32 - 2010-11-21 08:54 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-30 01:45 - 2015-02-20 20:55 - 00000000 ____D C:\Users\This pc
2015-12-30 01:00 - 2009-07-14 08:50 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-12-30 01:00 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-12-29 12:58 - 2009-07-14 10:38 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-28 22:35 - 2009-07-14 11:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-28 12:24 - 2015-02-20 21:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-28 11:27 - 2015-02-20 23:45 - 00000000 ____D C:\Users\This pc\AppData\Local\Mozilla
2015-12-28 10:43 - 2015-02-20 23:27 - 00000000 ____D C:\Users\This pc\AppData\Local\Google
2015-12-28 10:43 - 2015-02-20 23:27 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-28 10:38 - 2015-05-01 04:03 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-12-28 02:49 - 2015-05-04 07:08 - 00000000 ____D C:\AdwCleaner
2015-12-27 23:18 - 2015-02-21 00:05 - 00000000 ____D C:\Users\This pc\AppData\Roaming\Macromedia
2015-12-27 01:26 - 2015-11-25 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ApSIC Tools
2015-12-27 01:26 - 2015-11-25 17:03 - 00000000 ____D C:\Program Files (x86)\ApSIC
2015-12-26 16:10 - 2015-03-22 16:38 - 00000000 ____D C:\Users\This pc\AppData\Roaming\TeamViewer
2015-12-25 19:01 - 2015-02-21 04:39 - 00000000 ____D C:\Users\This pc\AppData\Roaming\Foxit Software
2015-12-25 18:52 - 2015-03-09 11:33 - 00000000 ____D C:\Users\Public\Foxit Software
2015-12-25 18:26 - 2015-02-21 14:32 - 00000000 ____D C:\ProgramData\Apple
2015-12-25 11:44 - 2015-08-31 20:24 - 00000000 ____D C:\Program Files\Canon
2015-12-20 05:42 - 2015-02-20 21:05 - 00117824 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-12-20 05:42 - 2015-02-20 20:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-20 05:37 - 2015-02-20 20:58 - 00000000 ____D C:\MSI
2015-12-19 16:51 - 2015-11-21 23:36 - 00000000 ____D C:\Program Files (x86)\Xvid
2015-12-19 15:56 - 2015-02-22 00:40 - 05935104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-12-19 15:56 - 2015-02-22 00:40 - 05159424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-12-19 15:56 - 2015-02-22 00:40 - 00784384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-12-19 15:56 - 2015-02-22 00:40 - 00030208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-12-19 15:56 - 2012-05-05 01:10 - 00942592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-12-19 15:56 - 2012-05-05 00:06 - 00043008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-12-19 15:56 - 2009-07-14 03:29 - 07605248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-12-19 15:32 - 2015-02-20 20:59 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-12-19 15:28 - 2015-02-20 20:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-19 14:53 - 2015-02-20 20:59 - 02826832 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-12-19 11:22 - 2015-02-20 21:23 - 00000000 ____D C:\Users\This pc\Documents\My Palettes
2015-12-18 21:31 - 2015-12-12 01:22 - 00000000 ____D C:\Users\This pc\AppData\Roaming\Lavasoft
2015-12-18 00:41 - 2015-08-21 09:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-18 00:41 - 2015-02-23 23:33 - 00000000 ____D C:\Users\This pc\AppData\Local\Skype
2015-12-18 00:41 - 2015-02-23 23:32 - 00000000 ____D C:\ProgramData\Skype
2015-12-15 22:10 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\ModemLogs
2015-12-15 19:36 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\system32\NDF
2015-12-15 17:42 - 2015-12-13 12:26 - 00000000 ____D C:\Windows\Minidump
2015-12-15 12:49 - 2015-02-24 22:35 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-15 12:48 - 2015-02-24 22:33 - 00000000 ____D C:\ProgramData\Adobe
2015-12-15 09:47 - 2015-03-15 01:09 - 00000000 ___SD C:\Users\This pc\Documents\Passwords Database
2015-12-14 23:12 - 2015-09-26 22:03 - 01020314 _____ C:\Users\This pc\awo_gpl_2015_Final.pdf
2015-12-14 23:12 - 2015-02-21 03:53 - 00000000 ___HD C:\kleaner.tmp
2015-12-14 23:12 - 2011-04-12 13:58 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-12-14 23:12 - 2009-07-14 08:50 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-14 23:11 - 2015-03-10 12:17 - 00110823 _____ C:\Users\This pc\Downloads\Instantly Remove Image Backgrounds Online - Clipping Magic.htm
2015-12-14 23:11 - 2015-03-10 12:17 - 00000000 ____D C:\Users\This pc\Downloads\Instantly Remove Image Backgrounds Online - Clipping Magic_files
2015-12-14 22:53 - 2015-12-12 01:22 - 00000000 ____D C:\Users\This pc\AppData\Local\Lavasoft
2015-12-14 22:53 - 2015-12-10 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-14 22:53 - 2015-12-10 10:04 - 00000000 ____D C:\Program Files\CCleaner
2015-12-14 22:53 - 2015-05-04 08:14 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-14 22:53 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\registration
 
==================== Files in the root of some directories =======
 
2015-12-31 10:21 - 2015-12-31 10:21 - 0004096 ____H () C:\Users\This pc\AppData\Local\keyfile3.drm
2015-02-23 23:49 - 2015-03-03 13:47 - 0000600 _____ () C:\Users\This pc\AppData\Local\PUTTY.RND
2016-01-08 08:42 - 2016-01-08 08:42 - 0003699 _____ () C:\Users\This pc\AppData\Local\recently-used.xbel
2015-03-10 01:30 - 2015-12-31 05:45 - 0007611 _____ () C:\Users\This pc\AppData\Local\Resmon.ResmonCfg
2015-02-22 00:39 - 2015-02-22 00:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\This pc\AppData\Local\Temp\dllnt_dump.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 08:54] - [2015-12-30 17:32] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
 
C:\Windows\SysWOW64\User32.dll
[2010-11-21 08:54] - [2015-12-30 17:32] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
 
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-29 05:43
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by This pc (2016-01-13 17:08:38)
Running from C:\Users\This pc\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-02-20 15:25:50)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2215250167-2094079817-1300511683-500 - Administrator - Disabled)
Guest (S-1-5-21-2215250167-2094079817-1300511683-501 - Limited - Enabled) => C:\Users\Guest
san-pc (S-1-5-21-2215250167-2094079817-1300511683-1002 - Administrator - Enabled) => C:\Users\san-pc
This pc (S-1-5-21-2215250167-2094079817-1300511683-1000 - Administrator - Enabled) => C:\Users\This pc
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Total Security (Enabled - Out of date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Comodo Defense+ (Enabled - Out of date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Kaspersky Total Security (Enabled - Out of date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1a - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ApSIC Comparator 1.0 (HKLM-x32\...\ApSIC Comparator) (Version: 1.0 - ApSIC, SL)
ApSIC Xbench 3.0 (HKLM-x32\...\ApSIC Xbench) (Version: 3.0.0.1336 - ApSIC, S.L.)
Bullzip PDF Printer 10.10.0.2307 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.10.0.2307 - Bullzip)
Canon LBP3000 (HKLM\...\Canon LBP3000) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
COMODO Firewall (HKLM\...\{68BE8BAB-5375-4C99-9116-1808F5968D40}) (Version: 8.1.0.4426 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
ControlCenter (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 1.0.230 - MSI)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.0.487 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation)
Cyberoam Client for 24Online (HKLM-x32\...\Cyberoam Client for 24Online1.3.6.2) (Version: 1.3.6.2 - eLitecore)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
FileZilla Client 3.14.1 (HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.8.1124 - Foxit Software Inc.)
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hindi Indic Input 2 (HKLM\...\{32987005-3AF3-4781-A093-D9512ECCE628}) (Version: 1.1.5 - Webdunia)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Primary Interop Assemblies (HKLM-x32\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Mozilla Firefox 43.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 43.0.4 (x64 en-US)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 38.5.1 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 38.5.1 (x86 en-GB)) (Version: 38.5.1 - Mozilla)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.009 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.02 - MSI)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
qBittorrent 3.3.1 (HKLM-x32\...\qBittorrent) (Version: 3.3.1 - The qBittorrent project)
Quark Update (HKLM-x32\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Quark, Inc.)
QuarkXPress (HKLM-x32\...\{EACCA5D3-5E48-4181-B953-1842BA6FED32}) (Version: 10.0.0.1 - Quark Software Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.94.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.4 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.4 - VS Revo Group, Ltd.)
RogueKiller version 11 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 11 - Adlice Software)
SDL Passolo Essential 2011 SP6 (HKLM-x32\...\{627163CD-8116-4982-9AC1-8C6DE4A499A0}) (Version: 11.6.0.0 - SDL)
SDL Trados 2011 SP2 - Remove suite of products (HKLM-x32\...\TranslationStudio2011) (Version: 2.2.3001 - SDL)
SDL Trados 2014 - Remove suite of products (HKLM-x32\...\TranslationStudio2014) (Version: 3.0.3636 - SDL)
SDL Trados Legacy Compatibility Module for Studio 2014 (HKLM-x32\...\{510BB218-A954-42CD-A451-002AD21E942B}) (Version: 2.0.117 - SDL)
SDL Trados Studio 2011 SP2 (HKLM-x32\...\{7205B6D1-2975-4DDC-85D4-30AECFBFC138}) (Version: 2.2.3001 - SDL)
SDL Trados Studio 2014 (HKLM-x32\...\{44167752-7D08-4A49-8800-B2AE31A91A2D}) (Version: 3.0.3636 - SDL)
SDL XLIFF Split and Merge 2011 (HKLM-x32\...\{AA5FA61C-7538-4FD6-80AA-A229BD7A2ACD}) (Version: 2.0.135 - SDL)
SDLXLIFF Compare (HKLM-x32\...\{1D5380D5-2E00-4977-B825-B4A0D061B119}) (Version: 1.0.0 - Logos Group)
SDLXLIFF to Legacy Converter (HKLM-x32\...\{E5D6558A-5558-4A28-BC18-6155E8D6FEC9}) (Version: 1.0.0 - Logos Group)
SDLXliff2Tmx (HKLM-x32\...\{528D2119-BEB5-4286-9B08-CFBB9D94B323}) (Version: 1.1.2 - TMServe)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Stickies 8.0c (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
Tata Photon Max Wi-Fi (HKLM-x32\...\Tata Photon Max Wi-Fi) (Version: 22.001.25.01.113 - Huawei Technologies Co.,Ltd)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TXML File Type version 1.0 (HKLM-x32\...\{779F83AE-75C1-11E2-812D-4D0D6188709B}_is1) (Version: 1.0 - SDL International)
UniConvertor (HKLM-x32\...\{875F0109-0307-4AE2-9439-135AC8BBE881}) (Version: 1.1.5 - Igor E. Novikov)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {3284DF5D-81CA-4629-A0C4-9E7F74CBF5F9} - System32\Tasks\{B943427D-10C0-4545-95A9-FC7279F98C5F} => pcalua.exe -a "C:\Users\This pc\Documents\Downloads\Adobe pagemaker 7.0 + Serial and Updates by Team Rjaa\Adobe pagemaker 7.0 + Serial and Updates by MJY Appu.part1\Adobe pagemaker 7.0 + Serial and Updates by MJY Appu\Setup.exe" -d "C:\Users\This pc\Documents\Downloads\Adobe pagemaker 7.0 + Serial and Updates by Team Rjaa\Adobe pagemaker 7.0 + Serial and Updates by MJY Appu.part1\Adobe pagemaker 7.0 + Serial and Updates by MJY Appu"
Task: {3DEE0055-8569-445D-94E0-562960075574} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [2016-01-12] (Adobe Systems Incorporated)
Task: {45267C6D-A24C-4428-A1C1-2F30BF226FE6} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-08] (COMODO)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5BED2B52-E4A4-44CF-B91D-68CD6DB52FB8} - System32\Tasks\Opera scheduled Autoupdate 1452575678 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {6266315E-12A2-4104-8867-15D6FC29202A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-21] (Piriform Ltd)
Task: {65F44929-57BA-4CB8-930A-180315A0AE39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28] (Google Inc.)
Task: {79437895-D2E8-4924-B96A-2D3B91558C97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-28] (Google Inc.)
Task: {7A802F49-9C1B-4058-A24D-19B67921EBEB} - System32\Tasks\{E80A12AB-2B58-46AA-817A-873F68F5964F} => pcalua.exe -a "D:\softwares\SPACENET DUMP\24onlineClientVista.exe" -d "D:\softwares\SPACENET DUMP"
Task: {7F37E382-DB6A-47F6-BE35-AFEC9AAE9611} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-08] (COMODO)
Task: {D18D21AF-30B4-4634-ADC5-ED6CB2894708} - System32\Tasks\{C33265DF-5F71-45E1-8649-E927CC486843} => pcalua.exe -a "C:\Users\This pc\Desktop\24onlineClient_Onboard_Installation.exe" -d "C:\Users\This pc\Desktop"
Task: {D1F04C4D-69C6-4315-B866-7CE1EA9F0F0A} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-08] (COMODO)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {F0675D3E-DD40-4572-8A0B-E225E1DC7841} - System32\Tasks\{AE818856-1BB8-40B4-B0C9-EB05D02C4583} => E:\softwares\UTILITIES\teracopy.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\This pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SDL Batch Find and Replace.lnk -> C:\Program Files (x86)\SDL\SDL Trados Studio\Studio2\Sdl.Utilities.BatchSearchReplace.exe (SDL)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-22 20:09 - 2015-03-22 20:09 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2015-03-22 20:09 - 2015-06-08 23:03 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2012-05-04 15:41 - 2012-05-04 15:41 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2011-11-13 14:30 - 2011-11-13 14:30 - 00676864 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2011-11-13 14:31 - 2011-11-13 14:31 - 03643392 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-07-16 01:11 - 2014-02-15 12:29 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2015-10-16 15:32 - 2015-10-16 15:32 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-12-21 17:11 - 2015-12-21 17:11 - 03346752 _____ () C:\Program Files (x86)\ApSIC\Xbench\XbShellEx-13792812.dll
2015-04-16 01:43 - 2015-04-16 01:43 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-12-28 03:06 - 2015-12-28 11:35 - 20834888 _____ () D:\softwares\Security\Emergency Virus Removal and recovery\RogueKiller.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\kpcengine.2.3.dll
2016-01-12 10:44 - 2015-12-04 12:48 - 61547128 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\opera.dll
2016-01-12 10:44 - 2015-12-04 12:48 - 01983096 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libglesv2.dll
2016-01-12 10:44 - 2015-12-04 12:48 - 00081528 _____ () C:\Program Files (x86)\Opera\34.0.2036.25\libegl.dll
2016-01-10 10:24 - 2016-01-10 10:24 - 00153032 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2016-01-10 10:24 - 2016-01-10 10:24 - 00022472 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2016-01-12 23:45 - 2016-01-12 23:45 - 16792256 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_20_0_0_267.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Windows\acpimof.dll:$CmdTcID
AlternateDataStreams: C:\Windows\AutoTuneScript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\MFC71.dll:$CmdTcID
AlternateDataStreams: C:\Windows\msvcp71.dll:$CmdTcID
AlternateDataStreams: C:\Windows\msvcr71.dll:$CmdTcID
AlternateDataStreams: C:\Windows\NTuneGpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\ntuneoem.dll:$CmdTcID
AlternateDataStreams: C:\Windows\NVBenchMarks.dll:$CmdTcID
AlternateDataStreams: C:\Windows\NVGfxOgl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\Nvgpio.dll:$CmdTcID
AlternateDataStreams: C:\Windows\nvoclk64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\nvoclock.sys:$CmdTcID
AlternateDataStreams: C:\Windows\nvsulib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\RtlExUpd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\runSW.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SwUSB.exe:$CmdTcID
AlternateDataStreams: C:\Windows\UnGins.exe:$CmdTcID
AlternateDataStreams: C:\Windows\unins000.exe:$CmdTcID
AlternateDataStreams: C:\Windows\uninstallstickies.bat:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AcpiServiceVnA64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AERTAC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AERTAR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\amdpcom64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiadlxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiapfxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticalcl64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticaldd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticalrt64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aticfx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ATIDEMGX.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atidxx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiedu64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiesrxx.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atig6pxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atig6txx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiglpxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atimpc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atimuixx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atio6axx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atitmm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiu9p64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiumd64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiumd6a.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiumd6v.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atiuxp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audioLibVc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CNAB3EMD.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CNAB3LMD.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CNAB3PTD.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CNAB3RPD.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CNAB3SMD.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\coinst.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\coinst_8.97.100.11.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CX64APO.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPA64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPA64F3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPD64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPD64AF3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPO64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPO64AF3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPP64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DDPP64AF3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DolbyDAX2APOProp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DolbyDAX2APOv201.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DolbyDAX2APOv211.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSBassEnhancementDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSBoostDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSGainCompensatorDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSGFXAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSGFXAPONS64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSLFXAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSLimiterDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSNeoPCDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSS2HeadphoneDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSS2SpeakerDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSSymmetryDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSU2PGFX64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSU2PLFX64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSU2PREC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DTSVoiceClarityDLL64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FMAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\HiFiDAX2API.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ICEsoundAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IntelSSTAPO.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IntelSstCApoPropPage.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KAAPORT64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO20.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO4064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO5064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO6064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPO7064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioAPOShell64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioEQ64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxAudioRealtek64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxSpeechAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxVoiceAPO2064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxVoiceAPO3064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxVoiceAPO4064.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MaxxVolumeSDAPO.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MISS_APO.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NAHIMICAPOlfx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NahimicAPONSControl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NAHIMICV2apo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\R4EEA64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\R4EED64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\R4EEG64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\R4EEL64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\R4EEP64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RCoInstII64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RltkAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RP3DAA64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RP3DHT64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTCOM64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtDataProc64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTEED64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTEEG64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTEEL64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTEEP64A.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtkApi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtkCfg64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtkCoLDR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtlCPAPI64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtNicProp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTNUninst64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RtPgEx64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RTSnMg64.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SEAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SECOMN64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SEHDRA64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SFAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SFCOM64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SFNHK64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SFSS_APO.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sl3apo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\slcnt64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\slprp64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sltech64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRAPO64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRCOM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRCOM64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRRPTR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRSHP64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRSTSH64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRSTSX64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\SRSWOW64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tadefxapo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tadefxapo264.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tepeqapo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tosade.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tosasfapo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\toseaeapo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tossaeapo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tossaemaxapo64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WavesGUILib64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WpdMtp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WpdMtpUS.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\YamahaAE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\YamahaAE2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ZLhp1020.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ZSHP1020.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\system32\zshp1020s.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\amdpcom32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ati2edxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiadlxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticalcl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticaldd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticalrt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\aticfx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atidxx32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atigktxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiglpxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atimpc32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atioglxx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiu9pag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiumdag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiumdmv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiumdva.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atiuxpag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\GPhotos.scr:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ISSRemoveSP.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MyDIT_GenClassCoInst.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nalserv.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlssrv32.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\RltkAPO.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SECOMN32.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SFCOM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\SRCOM.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\amdide64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ati2erec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmdag.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\atikmpag.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cmnsusbser.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cm_km.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\kl1.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\klbackupdisk.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\klbackupflt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\kldisk.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\klim6.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\klwtp.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\revoflt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\Rt64win7.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\RTKVHD64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\RtNdPt60.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ssudbus.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\winusb.sys:$CmdTcID
AlternateDataStreams: C:\Users\This pc\awo_gpl_2015_Final.pdf:$CmdZnID
AlternateDataStreams: C:\Users\This pc\Downloads\20151227_sampreshan_56801e2f2600f1546151227172151.log.tar.gz:$CmdZnID
AlternateDataStreams: C:\Users\This pc\Downloads\better-wp-security.php:$CmdZnID
AlternateDataStreams: C:\Users\This pc\Downloads\cdp-data-2015-11-06-09-24-22.tar.gz:$CmdZnID
AlternateDataStreams: C:\Users\This pc\Downloads\Instantly Remove Image Backgrounds Online - Clipping Magic.htm:$CmdZnID
AlternateDataStreams: C:\Users\This pc\Downloads\wp-config.php:$CmdZnID
AlternateDataStreams: C:\Users\This pc\Documents\sampreshan.jpg:$CmdZnID
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7866 more sites.
 
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\...\123simsen.com -> www.123simsen.com
 
There are 7794 more sites.
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 08:04 - 2015-12-11 00:59 - 00000768 ___RA C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2215250167-2094079817-1300511683-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\This pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: Change Modem Device Service => 2
MSCONFIG\Services: cmdvirth => 3
MSCONFIG\Services: CscService => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: FoxitCloudUpdateService => 3
MSCONFIG\Services: GoogleInputService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSI_LiveUpdate_Service => 2
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: SharedAccess => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 3
MSCONFIG\Services: UmRdpService => 3
MSCONFIG\Services: vds => 3
MSCONFIG\Services: W32Time => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: wscsvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Canon LBP3000 Status Window.lnk => C:\Windows\pss\Canon LBP3000 Status Window.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Speed Launcher => 1426003980
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: FreeAC => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super Charger => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
MSCONFIG\startupreg: UnKIS => wscript.exe //b C:\Users\THISPC~1\AppData\Local\Temp\UnKIS.vbs
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7DA7739E-1DDD-4ECB-955A-41AB73744916}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
Name: TrueSight
Description: TrueSight
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: TrueSight
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Malwarebytes Anti-Exploit
Description: Malwarebytes Anti-Exploit
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ESProtectionDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/12/2016 11:28:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/12/2016 06:37:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/12/2016 08:42:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FoxitReader.exe, version: 7.2.8.1124, time stamp: 0x56551ff4
Faulting module name: FoxitReader.exe, version: 7.2.8.1124, time stamp: 0x56551ff4
Exception code: 0xc0000005
Fault offset: 0x009b1628
Faulting process id: 0x13c8
Faulting application start time: 0xFoxitReader.exe0
Faulting application path: FoxitReader.exe1
Faulting module path: FoxitReader.exe2
Report Id: FoxitReader.exe3
 
Error: (01/12/2016 06:54:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FoxitReader.exe, version: 7.2.8.1124, time stamp: 0x56551ff4
Faulting module name: FoxitReader.exe, version: 7.2.8.1124, time stamp: 0x56551ff4
Exception code: 0xc0000005
Fault offset: 0x009b1628
Faulting process id: 0x17f0
Faulting application start time: 0xFoxitReader.exe0
Faulting application path: FoxitReader.exe1
Faulting module path: FoxitReader.exe2
Report Id: FoxitReader.exe3
 
Error: (01/11/2016 12:21:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/10/2016 12:51:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2016 09:48:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2016 01:32:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2016 08:05:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/07/2016 04:39:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FoxitReader.exe, version: 7.2.8.1124, time stamp: 0x56551ff4
Faulting module name: FoxitCloud.fpi_unloaded, version: 0.0.0.0, time stamp: 0x55fbbee5
Exception code: 0xc0000005
Fault offset: 0x5e49b76a
Faulting process id: 0x4a8
Faulting application start time: 0xFoxitReader.exe0
Faulting application path: FoxitReader.exe1
Faulting module path: FoxitReader.exe2
Report Id: FoxitReader.exe3
 
 
System errors:
=============
Error: (01/13/2016 04:23:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/13/2016 01:25:54 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (01/13/2016 01:25:49 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (01/13/2016 12:23:04 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (01/13/2016 12:23:00 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (01/12/2016 11:27:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ESProtectionDriver
 
Error: (01/12/2016 06:36:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ESProtectionDriver
 
Error: (01/12/2016 03:19:35 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (01/12/2016 03:19:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
 
Error: (01/11/2016 10:03:06 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.
 
 
CodeIntegrity:
===================================
  Date: 2016-01-13 16:23:13.500
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-13 16:23:13.467
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-30 01:18:27.743
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-30 01:18:27.708
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 19:00:17.183
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-25 19:00:17.167
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-04 15:29:40.790
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-12-04 15:29:40.773
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\TrueSight.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-10-14 00:26:58.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-14 00:26:58.023
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X2 550 Processor
Percentage of memory in use: 73%
Total physical RAM: 3839.18 MB
Available physical RAM: 1002.64 MB
Total Virtual: 7676.56 MB
Available Virtual: 4262.75 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:188.93 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:465.76 GB) (Free:68.34 GB) NTFS
 
==================== MBR & Partition Table ==================
 
==================== End of Addition.txt ============================

 

Attached Files



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:33 PM

Posted 16 January 2016 - 03:24 PM

hi,

 

Thats not anything to worry about from Roguekiller. the ads is referring to alternate data streams, not ads that you would see. Maybe part of that third party licensing software Coral installs?

 

Looks like you have two antivirus installed, Comodo and Kaspersky, only need one resident active antivirus on a machine. I would remove one via the add/remove programs panel then reboot. Performance should improve.


How Can I Reduce My Risk to Malware?


#3 navrane

navrane
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:03 AM

Posted 19 January 2016 - 11:46 PM

Hello Shelf Life,  :guitar:

 

First of thank you very much, and really sorry for such a late reply. Notification of your reply landed to my spam box. :(

 

Thanks for getting me rid of my doubt. 

Yes, I'm using comodo firewall. Because I couldn't understand Kaspersky firewall options to block particular applications. I'm not using it's antivirus, defence plus or anything else. Only firewall. Have disabled Kaspersky firewall. 

Does this sounds OK?

 

Thanks again for your reply!



#4 shelf life

shelf life

  • Malware Response Team
  • 2,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:10:33 PM

Posted 20 January 2016 - 05:43 PM

Ok, no problem. Sounds ok to me, might want to check to make sure Windows FW is turned off. Probably is. A good config is to use W7 FW in its default setting and a hardware router. Most people have routers these days with all the internet connected devices out there.

But if you prefer more control over traffic than a third party FW will do the trick.


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users