Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to find if my system is being tracked.


  • This topic is locked This topic is locked
11 replies to this topic

#1 rnallamilli

rnallamilli

  • Members
  • 318 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 AM

Posted 13 December 2016 - 02:51 AM

Dear Team,

 

Last week i used an online software to fix a corrupted mp4 file and left it open for some time before i ended the session. Form that time i am experiencing strange behavior like system become slow in response. taking lot of time to open an application. WiFi getting suddenly disconnected. This is happening since Friday. Till now i did not open any sensitive information. I tried to check if my system is being tracked without much luck. 

 

Link i used:

xxxx//mp4repair.org/pwt6/preview.html

My system Specifications:

 

Product Name - 15-p214dx
Microprocessor - 2.4GHz 5th generation Intel Core i7-5500U Dual Core
Memory - 6GB DDR3L SDRAM (2 DIMM)
Video Graphics - Intel HD graphics 5500 with up to 3036MB total graphics memory
Hard Drive - 750GB 5400RPM hard drive with HP ProtectSmart Hard Drive Protection
Network Card - 10/100BASE-T Ethernet LAN (RJ-45 connector)

 

Please help me with this.

 

Thanks,

Raman Nallamilli.

 

 

Mod Edit

Link deactivated.

NickAu


Edited by rnallamilli, 13 December 2016 - 05:15 AM.
Mod Edit


BC AdBot (Login to Remove)

 


#2 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 PM

Posted 13 December 2016 - 03:46 PM

Hi rnallamilli,

I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible.

Thank you for your patience,

 

 

 

 

packetanalyzer



#3 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 PM

Posted 14 December 2016 - 09:09 AM

Hello rnallamilli, welcome to Bleeping Computer. You can call me packetanalyzer and I will be helping you with your removing malware from your computer. Please take a moment to review the following.

Please read my instructions completely and follow them closely.

Please do not run any tools unless and until I ask you to do so.

Please only run the tools I ask you to run.

If you have any questions at any point, please stop and ask me before you try to complete the step.

Please refrain from using your computer for any purpose other than us working together to clean malware from it until I have notified you your computer is clean.

Please be patient as most of us at Bleeping Computer are volunteers and your logs take time to closely analyze. If you do not hear back from me in 48 hours, please feel free to send me a PM.

If I do not hear from you within 5 days after any post, this thread will be closed.
 
Now we are going to get started. Please do the following:

 

++++ Step 1 Create an FRST Log ++++

 

We need to run a scan using FRST to collect some information from your computer. Once we have this information we can analyze it and determine what we need to do next.

  • Please go to http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/.
  • Download the appropriate version for the computer you are going to run FRST on. If you aren't sure which version you need, please download both versions and save the program to your desktop.
  • Right click FRST (the file will be named FRST.exe or FRST64.exe depending on which version you are using) and select Run as administrator. If you downloaded both versions of FRST, please try FRST.exe first and if it tells you it is the wrong version then please run FRST64.exe as administrator.
  • You will be asked if you accept the user agreement. If you do, please accept the agreement.
  • Click Scan.

 

++++ Step 2  Share Your Logs ++++

 

 

  • When FRST completes the scan, two notepad windows will open. One will be named FRST.txt and another will be named Addition.txt. Please copy and paste these into your next reply.

 

Thank you,

 

packetanalyzer



#4 rnallamilli

rnallamilli
  • Topic Starter

  • Members
  • 318 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 AM

Posted 14 December 2016 - 10:00 AM

Hi Packetanalyzer,

 

Thanks for your reply. below are the requested log files.

 

FRST Log File:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Nallamilli Raman (administrator) on RNALLAMILLI (14-12-2016 20:23:55)
Running from C:\Users\Nallamilli Raman\Desktop
Loaded Profiles: Nallamilli Raman (Available Profiles: Nallamilli Raman)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files (x86)\CrSSL\bin\crssladmmgr.exe
() C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
() C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2016-03-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-02] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-10-10] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [crssl-client] => C:\Program Files (x86)\CrSSL\bin\crssl-client.exe [392704 2012-10-05] ()
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-15] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499240 2014-09-29] (Lenovo)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25838592 2016-11-28] (Dropbox, Inc.)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-16] (Piriform Ltd)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Run: [uTorrent] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe [2165440 2016-12-10] (BitTorrent Inc.)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\Root\Office16\lync.exe [22843592 2016-11-02] (Microsoft Corporation)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Run: [BingSvc] => C:\Users\Nallamilli Raman\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819048 2016-11-11] (Google)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe [2026510 2016-08-08] (ownCloud)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Run: [GoogleChromeAutoLaunch_F2A35E3CEF1D0C84455300057F865D99] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1082472 2016-11-09] (Google Inc.)
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\RunOnce: [Uninstall C:\Users\Nallamilli Raman\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nallamilli Raman\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\RunOnce: [Uninstall C:\Users\Nallamilli Raman\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Nallamilli Raman\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\MountPoints2: {14fa9a65-8891-11e6-82eb-d0bf9c972658} - "H:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\MountPoints2: {718e4160-6154-11e5-827f-d0bf9c972658} - "H:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\MountPoints2: {cc4dd60c-9ff1-11e6-82f9-d0bf9c972658} - "H:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2818809977-977177620-758274071-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-11] (Google)
ShellIconOverlayIdentifiers: [  OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2016-08-03] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2016-08-03] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2016-08-03] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2016-08-03] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [  OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\ownCloud\shellext\OCOverlays_x64.dll [2016-08-03] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-10-04]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2016-10-04]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{11128109-0a6d-41bf-b13b-5d0f6d1ae181}: [DhcpNameServer] 8.8.8.8 4.2.2.2
Tcpip\..\Interfaces\{3d9c59cc-beb1-45cf-81c1-6f4542e6cfec}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{50c9253e-fd56-40f5-adde-1c583da86570}: [DhcpNameServer] 123.176.37.37 123.176.37.38 4.2.2.2
Tcpip\..\Interfaces\{7a304a3c-4210-4e91-a876-b758c499a425}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8b4634f3-9c4b-4e0f-9648-0d52e24b45e2}: [DhcpNameServer] 192.168.2.1 4.2.2.2
Tcpip\..\Interfaces\{BDED3EDF-3F3A-47AF-8941-15E8B9143B1D}: [DhcpNameServer] 8.8.8.8 4.2.2.2
ManualProxies: 
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2818809977-977177620-758274071-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
HKU\S-1-5-21-2818809977-977177620-758274071-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKU\S-1-5-21-2818809977-977177620-758274071-1001 -> {6227B969-9F06-406F-B693-28576B1C22AF} URL = hxxps://in.search.yahoo.com/search?p={searchTerms}&intl=in&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2016-11-28] (Sun Microsystems, Inc.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-26] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2016-11-28] (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: h9k6gyt3.default
FF ProfilePath: C:\Users\Nallamilli Raman\AppData\Roaming\Mozilla\Firefox\Profiles\h9k6gyt3.default [2016-12-14]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\h9k6gyt3.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\h9k6gyt3.default -> about:home
FF Extension: (Bing Search) - C:\Users\Nallamilli Raman\AppData\Roaming\Mozilla\Firefox\Profiles\h9k6gyt3.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-05-12]
FF Extension: (Lightbeam) - C:\Users\Nallamilli Raman\AppData\Roaming\Mozilla\Firefox\Profiles\h9k6gyt3.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2016-07-17]
FF SearchPlugin: C:\Users\Nallamilli Raman\AppData\Roaming\Mozilla\Firefox\Profiles\h9k6gyt3.default\searchplugins\bing-.xml [2016-05-12]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-11-28] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2016-03-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_144.dll [2015-05-22] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_144.dll [2015-05-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\WINDOWS\SysWoW64\npdeployJava1.dll [2016-11-28] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2016-11-28] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2818809977-977177620-758274071-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Nallamilli Raman\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-07-08] (Citrix Online)
FF Plugin HKU\S-1-5-21-2818809977-977177620-758274071-1001: LWAPlugin15.8 -> C:\Users\Nallamilli Raman\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Nallamilli Raman\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-21] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Nallamilli Raman\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR DefaultSearchURL: Profile 1 -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Profile 1 -> Yahoo
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Default [2016-10-19]
CHR Profile: C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-10-05]
CHR Profile: C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-12-14]
CHR Extension: (Google Docs) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-05]
CHR Extension: (Google Drive) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-05]
CHR Extension: (YouTube) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-05]
CHR Extension: (ClipCopy for Tampermonkey) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cehieljejfgbjhogonapjjndllliopfg [2016-12-04]
CHR Extension: (Tampermonkey) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-12-04]
CHR Extension: (Kaspersky Protection) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2016-10-05]
CHR Extension: (HP SimplePass) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fidikogfgleiaefnjbmnjaplmgknppkg [2016-10-05]
CHR Extension: (Google Docs Offline) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-05]
CHR Extension: (ESPNCricinfo) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ijhlikjoigjegofbedmfmlcfkmhabldh [2016-12-07]
CHR Extension: (HP Network Check Launcher) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2016-10-26]
CHR Extension: (Yahoo Partner) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2016-11-07]
CHR Extension: (Skype) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-05]
CHR Extension: (Gmail) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR Profile: C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-05]
CHR Extension: (Google Slides) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-19]
CHR Extension: (Google Docs) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-19]
CHR Extension: (Google Drive) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-19]
CHR Extension: (YouTube) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-19]
CHR Extension: (Google Search) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-19]
CHR Extension: (Google Sheets) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-19]
CHR Extension: (Bookmark Manager) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-19]
CHR Extension: (Google Wallet) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-19]
CHR Extension: (Gmail) - C:\Users\Nallamilli Raman\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-19]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-2818809977-977177620-758274071-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\NALLAM~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-12-01]
CHR HKU\S-1-5-21-2818809977-977177620-758274071-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
R2 Cyberoam SSL VPN Helper; C:\Program Files (x86)\CrSSL\bin\crssladmmgr.exe [158208 2012-10-05] () [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-28] (Dropbox, Inc.)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-04-18] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-10] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [359848 2015-09-09] (Intel Corporation)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] ()
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-15] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2016-03-10] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-29] ()
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31704 2016-03-31] (SHAREit Technologies Co.Ltd)
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [336616 2013-12-03] (Dell SonicWALL, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [254232 2016-10-05] (RaMMicHaeL)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems, Inc.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-10-05] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-12-08] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-11] (AO Kaspersky Lab)
U3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2016-12-14] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-10] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-11] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-10] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2016-03-10] (Realtek                                            )
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [71264 2016-09-02] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 SWIPsec; C:\WINDOWS\system32\Drivers\SWIPsec.sys [110064 2013-12-03] (Dell SonicWALL, Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-10-03] ()
R1 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [195936 2016-09-12] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-23] (Hewlett-Packard Development Company, L.P.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-14 20:23 - 2016-12-14 20:25 - 00043817 _____ C:\Users\Nallamilli Raman\Desktop\FRST.txt
2016-12-14 20:23 - 2016-12-14 20:23 - 00000000 ____D C:\FRST
2016-12-14 20:22 - 2016-12-14 20:22 - 02420224 _____ (Farbar) C:\Users\Nallamilli Raman\Desktop\FRST64.exe
2016-12-14 13:58 - 2016-12-14 13:58 - 00085984 _____ C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2016-12-14 13:13 - 2016-12-14 13:13 - 00003240 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-12-13 18:33 - 2016-12-13 18:33 - 00000089 _____ C:\Users\Nallamilli Raman\Desktop\Nashville Address.txt
2016-12-11 14:40 - 2016-12-11 14:40 - 00000000 ____D C:\Users\Default\AppData\Local\Hewlett-Packard
2016-12-11 14:40 - 2016-12-11 14:40 - 00000000 ____D C:\Users\Default\AppData\Local\DropboxOEM
2016-12-11 14:40 - 2016-12-11 14:40 - 00000000 ____D C:\Users\Default User\AppData\Local\Hewlett-Packard
2016-12-11 14:40 - 2016-12-11 14:40 - 00000000 ____D C:\Users\Default User\AppData\Local\DropboxOEM
2016-12-11 14:39 - 2016-12-11 14:39 - 00000000 ____D C:\Users\Default\AppData\Roaming\Synaptics
2016-12-11 14:39 - 2016-12-11 14:39 - 00000000 ____D C:\Users\Default\AppData\Roaming\Lenovo
2016-12-11 14:39 - 2016-12-11 14:39 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Synaptics
2016-12-11 14:39 - 2016-12-11 14:39 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Lenovo
2016-12-11 10:16 - 2016-12-11 10:16 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2016-12-11 10:16 - 2016-12-11 10:16 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2016-12-11 10:15 - 2016-12-11 10:15 - 00362192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-10 23:14 - 2016-12-13 13:40 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\LocalLow\uTorrent
2016-12-10 22:23 - 2016-10-15 23:14 - 760505242 _____ C:\Users\Nallamilli Raman\Desktop\Nani blockbuster Majnu movie.webm
2016-12-10 20:34 - 2016-12-10 20:34 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2016-12-10 20:31 - 2016-12-10 20:31 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2016-12-10 12:37 - 2016-11-11 15:52 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 12:37 - 2016-11-11 15:45 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 12:37 - 2016-11-11 15:44 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 12:37 - 2016-11-11 15:44 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 12:37 - 2016-11-11 15:44 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 12:37 - 2016-11-11 15:43 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-10 12:37 - 2016-11-11 15:43 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 12:37 - 2016-11-11 15:43 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 12:37 - 2016-11-11 15:42 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 12:37 - 2016-11-11 15:40 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 12:37 - 2016-11-11 15:39 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-10 12:37 - 2016-11-11 15:33 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 12:37 - 2016-11-11 15:33 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 12:37 - 2016-11-11 15:32 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 12:37 - 2016-11-11 15:32 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 12:37 - 2016-11-11 15:31 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 12:37 - 2016-11-11 15:31 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-10 12:37 - 2016-11-11 15:31 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 12:37 - 2016-11-11 15:30 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 12:37 - 2016-11-11 15:27 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 12:37 - 2016-11-11 15:27 - 08170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-10 12:37 - 2016-11-11 15:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 12:37 - 2016-11-11 15:26 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 12:37 - 2016-11-11 15:26 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 12:37 - 2016-11-11 15:26 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-10 12:37 - 2016-11-11 15:26 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 12:37 - 2016-11-11 15:25 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 12:37 - 2016-11-11 15:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 12:37 - 2016-11-11 15:25 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 12:37 - 2016-11-11 15:24 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 12:37 - 2016-11-11 15:21 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 12:37 - 2016-11-11 15:01 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 12:37 - 2016-11-11 14:59 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 12:37 - 2016-11-11 14:57 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-10 12:37 - 2016-11-11 14:56 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 12:37 - 2016-11-11 14:56 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 12:37 - 2016-11-11 14:56 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 12:37 - 2016-11-11 14:55 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 12:37 - 2016-11-11 14:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 12:37 - 2016-11-11 14:55 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 12:37 - 2016-11-11 14:54 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 12:37 - 2016-11-11 14:54 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 12:37 - 2016-11-11 14:54 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 12:37 - 2016-11-11 14:54 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 12:37 - 2016-11-11 14:54 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 12:37 - 2016-11-11 14:53 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 12:37 - 2016-11-11 14:53 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 12:37 - 2016-11-11 14:53 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 12:37 - 2016-11-11 14:52 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 12:37 - 2016-11-11 14:52 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 12:37 - 2016-11-11 14:51 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 12:37 - 2016-11-11 14:51 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 12:37 - 2016-11-11 14:51 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 12:37 - 2016-11-11 14:50 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 12:37 - 2016-11-11 14:50 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 12:37 - 2016-11-11 14:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 12:37 - 2016-11-11 14:50 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 12:37 - 2016-11-11 14:50 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 12:37 - 2016-11-11 14:50 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 12:37 - 2016-11-11 14:50 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 12:37 - 2016-11-11 14:49 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 12:37 - 2016-11-11 14:49 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 12:37 - 2016-11-11 14:49 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 12:37 - 2016-11-11 14:49 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 12:37 - 2016-11-11 14:49 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 12:37 - 2016-11-11 14:48 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 12:37 - 2016-11-11 14:48 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 12:37 - 2016-11-11 14:48 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-10 12:37 - 2016-11-11 14:48 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 12:37 - 2016-11-11 14:47 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 12:37 - 2016-11-11 14:47 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-10 12:37 - 2016-11-11 14:47 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-10 12:37 - 2016-11-11 14:47 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-10 12:37 - 2016-11-11 14:46 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 12:37 - 2016-11-11 14:46 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 12:37 - 2016-11-11 14:46 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 12:37 - 2016-11-11 14:45 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 12:37 - 2016-11-11 14:44 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 12:37 - 2016-11-11 14:44 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 12:37 - 2016-11-11 14:43 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 12:37 - 2016-11-11 14:41 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 12:37 - 2016-11-11 14:41 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 12:37 - 2016-11-11 14:39 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-10 12:37 - 2016-11-11 14:38 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-10 12:37 - 2016-11-11 14:38 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 12:37 - 2016-11-11 14:37 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 12:37 - 2016-11-11 14:37 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-10 12:37 - 2016-11-11 14:37 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 12:37 - 2016-11-11 14:37 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 12:37 - 2016-11-11 14:36 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-10 12:37 - 2016-11-11 14:36 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 12:37 - 2016-11-11 14:36 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 12:37 - 2016-11-11 14:35 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 12:37 - 2016-11-11 14:35 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 12:37 - 2016-11-11 14:34 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 12:37 - 2016-11-11 14:34 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 12:37 - 2016-11-11 14:34 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 12:37 - 2016-11-11 14:34 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 12:37 - 2016-11-11 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 12:37 - 2016-11-11 14:34 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-10 12:37 - 2016-11-11 14:33 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-10 12:37 - 2016-11-11 14:33 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 12:37 - 2016-11-11 14:33 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 12:37 - 2016-11-11 14:33 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-10 12:37 - 2016-11-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-10 12:37 - 2016-11-11 14:32 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 12:37 - 2016-11-11 14:32 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 12:37 - 2016-11-11 14:31 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-10 12:37 - 2016-11-11 14:09 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 12:37 - 2016-11-11 13:29 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 12:37 - 2016-11-11 13:26 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-10 12:37 - 2016-11-11 13:19 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 12:37 - 2016-11-11 13:18 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 12:37 - 2016-11-11 13:17 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-10 12:37 - 2016-11-11 13:17 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 12:37 - 2016-11-11 13:12 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 12:37 - 2016-11-11 13:12 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-10 12:37 - 2016-11-11 13:12 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 12:37 - 2016-11-11 13:12 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 12:37 - 2016-11-11 13:12 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 12:37 - 2016-11-11 13:12 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 12:37 - 2016-11-11 13:12 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 12:37 - 2016-11-11 13:11 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 12:37 - 2016-11-11 13:11 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 12:37 - 2016-11-11 13:08 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 12:37 - 2016-11-11 12:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 12:37 - 2016-11-11 12:57 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 12:37 - 2016-11-11 12:56 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-10 12:37 - 2016-11-11 12:55 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 12:37 - 2016-11-11 12:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 12:37 - 2016-11-11 12:54 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 12:37 - 2016-11-11 12:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 12:37 - 2016-11-11 12:54 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 12:37 - 2016-11-11 12:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 12:37 - 2016-11-11 12:53 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 12:37 - 2016-11-11 12:52 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 12:37 - 2016-11-11 12:51 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 12:37 - 2016-11-11 12:49 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 12:37 - 2016-11-11 12:49 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 12:37 - 2016-11-11 12:49 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 12:37 - 2016-11-11 12:49 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-10 12:37 - 2016-11-11 12:49 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 12:37 - 2016-11-11 12:49 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 12:37 - 2016-11-11 12:49 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 12:37 - 2016-11-11 12:48 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 12:37 - 2016-11-11 12:48 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 12:37 - 2016-11-11 12:48 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 12:37 - 2016-11-11 12:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 12:37 - 2016-11-11 12:47 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 12:37 - 2016-11-11 12:45 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 12:37 - 2016-11-11 12:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-10 12:37 - 2016-11-11 12:45 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 12:37 - 2016-11-11 12:45 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 12:37 - 2016-11-11 12:45 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 12:37 - 2016-11-11 12:41 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-10 12:37 - 2016-11-11 12:40 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 12:37 - 2016-11-11 12:39 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 12:37 - 2016-11-11 12:39 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 12:37 - 2016-11-11 12:36 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 12:37 - 2016-11-11 12:36 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 12:37 - 2016-11-11 12:36 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 12:37 - 2016-11-11 12:36 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 12:37 - 2016-11-11 12:36 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 12:37 - 2016-11-11 12:35 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 12:37 - 2016-11-11 12:35 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 12:37 - 2016-11-11 12:34 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 12:37 - 2016-11-11 12:34 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 12:37 - 2016-11-11 12:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-10 12:37 - 2016-11-11 12:34 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 12:37 - 2016-11-11 12:34 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 12:37 - 2016-11-11 12:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 12:37 - 2016-11-11 12:34 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 12:37 - 2016-11-11 12:33 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 12:37 - 2016-11-11 12:33 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 12:37 - 2016-11-11 12:33 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 12:37 - 2016-11-11 12:33 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 12:37 - 2016-11-11 12:32 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 12:37 - 2016-11-11 12:31 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-10 12:36 - 2016-11-11 15:45 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 12:36 - 2016-11-11 15:43 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 12:36 - 2016-11-11 15:38 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 12:36 - 2016-11-11 15:33 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 12:36 - 2016-11-11 15:31 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 12:36 - 2016-11-11 15:31 - 02189152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-10 12:36 - 2016-11-11 15:31 - 01738048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-10 12:36 - 2016-11-11 15:31 - 00658264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-10 12:36 - 2016-11-11 15:31 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-10 12:36 - 2016-11-11 15:30 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 12:36 - 2016-11-11 15:30 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 12:36 - 2016-11-11 15:29 - 02913136 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-10 12:36 - 2016-11-11 15:29 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-10 12:36 - 2016-11-11 15:29 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 12:36 - 2016-11-11 15:27 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 12:36 - 2016-11-11 15:27 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-10 12:36 - 2016-11-11 15:27 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 12:36 - 2016-11-11 15:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 12:36 - 2016-11-11 15:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-10 12:36 - 2016-11-11 15:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 12:36 - 2016-11-11 15:26 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 12:36 - 2016-11-11 15:26 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 12:36 - 2016-11-11 15:21 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-10 12:36 - 2016-11-11 15:01 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-10 12:36 - 2016-11-11 14:58 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 12:36 - 2016-11-11 14:58 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 12:36 - 2016-11-11 14:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 12:36 - 2016-11-11 14:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 12:36 - 2016-11-11 14:56 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 12:36 - 2016-11-11 14:56 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 12:36 - 2016-11-11 14:55 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 12:36 - 2016-11-11 14:55 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 12:36 - 2016-11-11 14:55 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 12:36 - 2016-11-11 14:55 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 12:36 - 2016-11-11 14:54 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-10 12:36 - 2016-11-11 14:54 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 12:36 - 2016-11-11 14:54 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 12:36 - 2016-11-11 14:54 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 12:36 - 2016-11-11 14:53 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 12:36 - 2016-11-11 14:53 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-10 12:36 - 2016-11-11 14:52 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 12:36 - 2016-11-11 14:52 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 12:36 - 2016-11-11 14:51 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 12:36 - 2016-11-11 14:51 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 12:36 - 2016-11-11 14:51 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 12:36 - 2016-11-11 14:50 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 12:36 - 2016-11-11 14:50 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 12:36 - 2016-11-11 14:50 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 12:36 - 2016-11-11 14:50 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-10 12:36 - 2016-11-11 14:50 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-10 12:36 - 2016-11-11 14:50 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 12:36 - 2016-11-11 14:50 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 12:36 - 2016-11-11 14:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 12:36 - 2016-11-11 14:49 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 12:36 - 2016-11-11 14:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 12:36 - 2016-11-11 14:49 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 12:36 - 2016-11-11 14:49 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 12:36 - 2016-11-11 14:49 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-10 12:36 - 2016-11-11 14:48 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-10 12:36 - 2016-11-11 14:48 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-10 12:36 - 2016-11-11 14:47 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 12:36 - 2016-11-11 14:47 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 12:36 - 2016-11-11 14:46 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 12:36 - 2016-11-11 14:46 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 12:36 - 2016-11-11 14:46 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 12:36 - 2016-11-11 14:45 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 12:36 - 2016-11-11 14:45 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 12:36 - 2016-11-11 14:44 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 12:36 - 2016-11-11 14:44 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-10 12:36 - 2016-11-11 14:44 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-10 12:36 - 2016-11-11 14:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 12:36 - 2016-11-11 14:44 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 12:36 - 2016-11-11 14:43 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 12:36 - 2016-11-11 14:43 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 12:36 - 2016-11-11 14:42 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 12:36 - 2016-11-11 14:41 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-10 12:36 - 2016-11-11 14:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 12:36 - 2016-11-11 14:41 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 12:36 - 2016-11-11 14:40 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-10 12:36 - 2016-11-11 14:40 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-10 12:36 - 2016-11-11 14:39 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 12:36 - 2016-11-11 14:39 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 12:36 - 2016-11-11 14:38 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-10 12:36 - 2016-11-11 14:37 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 12:36 - 2016-11-11 14:37 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 12:36 - 2016-11-11 14:37 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 12:36 - 2016-11-11 14:37 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 12:36 - 2016-11-11 14:37 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 12:36 - 2016-11-11 14:36 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 12:36 - 2016-11-11 14:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 12:36 - 2016-11-11 14:35 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-10 12:36 - 2016-11-11 14:35 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 12:36 - 2016-11-11 14:35 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 12:36 - 2016-11-11 14:34 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 12:36 - 2016-11-11 14:34 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-10 12:36 - 2016-11-11 14:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-10 12:36 - 2016-11-11 14:34 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 12:36 - 2016-11-11 14:34 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 12:36 - 2016-11-11 14:34 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 12:36 - 2016-11-11 14:34 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 12:36 - 2016-11-11 14:34 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 12:36 - 2016-11-11 14:33 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 12:36 - 2016-11-11 14:33 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 12:36 - 2016-11-11 14:33 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 12:36 - 2016-11-11 14:33 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-10 12:36 - 2016-11-11 14:33 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 12:36 - 2016-11-11 14:33 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 12:36 - 2016-11-11 14:33 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 12:36 - 2016-11-11 14:33 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 12:36 - 2016-11-11 14:32 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 12:36 - 2016-11-11 14:32 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-10 12:36 - 2016-11-11 13:31 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 12:36 - 2016-11-11 13:31 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 12:36 - 2016-11-11 13:31 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 12:36 - 2016-11-11 13:30 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 12:36 - 2016-11-11 13:24 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 12:36 - 2016-11-11 13:19 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 12:36 - 2016-11-11 13:19 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 12:36 - 2016-11-11 13:17 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 12:36 - 2016-11-11 13:17 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 12:36 - 2016-11-11 13:17 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-10 12:36 - 2016-11-11 13:15 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-10 12:36 - 2016-11-11 13:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-10 12:36 - 2016-11-11 13:12 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 12:36 - 2016-11-11 13:12 - 06668032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-10 12:36 - 2016-11-11 13:12 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-10 12:36 - 2016-11-11 13:12 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 12:36 - 2016-11-11 12:57 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 12:36 - 2016-11-11 12:56 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 12:36 - 2016-11-11 12:54 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 12:36 - 2016-11-11 12:52 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 12:36 - 2016-11-11 12:51 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 12:36 - 2016-11-11 12:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 12:36 - 2016-11-11 12:50 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-10 12:36 - 2016-11-11 12:50 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 12:36 - 2016-11-11 12:50 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 12:36 - 2016-11-11 12:50 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-10 12:36 - 2016-11-11 12:50 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 12:36 - 2016-11-11 12:49 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 12:36 - 2016-11-11 12:49 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 12:36 - 2016-11-11 12:48 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 12:36 - 2016-11-11 12:48 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 12:36 - 2016-11-11 12:48 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 12:36 - 2016-11-11 12:47 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-10 12:36 - 2016-11-11 12:46 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-10 12:36 - 2016-11-11 12:46 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 12:36 - 2016-11-11 12:46 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-10 12:36 - 2016-11-11 12:45 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 12:36 - 2016-11-11 12:44 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-10 12:36 - 2016-11-11 12:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 12:36 - 2016-11-11 12:43 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 12:36 - 2016-11-11 12:43 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-10 12:36 - 2016-11-11 12:42 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 12:36 - 2016-11-11 12:40 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-10 12:36 - 2016-11-11 12:40 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 12:36 - 2016-11-11 12:39 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-10 12:36 - 2016-11-11 12:38 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 12:36 - 2016-11-11 12:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-10 12:36 - 2016-11-11 12:36 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-10 12:36 - 2016-11-11 12:36 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 12:36 - 2016-11-11 12:35 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-10 12:36 - 2016-11-11 12:34 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-10 12:36 - 2016-11-11 12:33 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 12:36 - 2016-11-11 12:33 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 12:36 - 2016-11-11 12:33 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-10 12:36 - 2016-11-11 12:33 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 12:36 - 2016-11-11 12:10 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-09 10:57 - 2016-12-09 10:57 - 00092228 _____ C:\Users\Nallamilli Raman\Desktop\Nallamilli Lakshmi Raman Mohan_October 2016.pdf
2016-12-08 18:45 - 2016-12-08 18:45 - 00000058 _____ C:\Users\Nallamilli Raman\Desktop\ICICI CC.txt
2016-12-08 18:14 - 2016-12-08 18:27 - 00011792 _____ C:\Users\Nallamilli Raman\Desktop\Luckie.xlsx
2016-12-08 15:18 - 2016-12-08 15:18 - 00001454 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-12-07 14:58 - 2016-12-07 14:58 - 00010461 _____ C:\Users\Nallamilli Raman\Desktop\Columns - Recog.xlsx
2016-12-05 12:18 - 2016-12-05 12:18 - 00010417 _____ C:\Users\Nallamilli Raman\Desktop\My Monthly Payments.xlsx
2016-11-30 12:11 - 2016-11-30 12:16 - 00000000 ____D C:\Users\Nallamilli Raman\Desktop\AIM Documentation
2016-11-30 11:37 - 2016-12-14 19:44 - 00000000 ___RD C:\Users\Nallamilli Raman\Dropbox
2016-11-30 11:37 - 2016-11-30 11:37 - 00001266 _____ C:\Users\Nallamilli Raman\Desktop\Dropbox.lnk
2016-11-30 11:35 - 2016-11-30 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-30 11:33 - 2016-11-30 11:33 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Roaming\Dropbox
2016-11-30 11:32 - 2016-12-11 10:15 - 00000952 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-30 11:32 - 2016-12-11 10:15 - 00000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-30 11:32 - 2016-11-30 11:37 - 00004012 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-30 11:32 - 2016-11-30 11:37 - 00003780 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-30 11:32 - 2016-11-30 11:37 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Local\Dropbox
2016-11-30 11:32 - 2016-11-30 11:32 - 00000000 ____D C:\ProgramData\Dropbox
2016-11-30 11:02 - 2016-11-30 11:02 - 00000508 _____ C:\Users\Nallamilli Raman\Desktop\impt.txt
2016-11-29 15:15 - 2016-11-29 15:16 - 05715354 _____ C:\Users\Nallamilli Raman\Desktop\CHC BCG Documents.zip
2016-11-29 14:57 - 2016-11-30 14:39 - 00000000 ____D C:\Users\Nallamilli Raman\Desktop\CHC BCG Documents
2016-11-29 10:12 - 2016-12-02 10:32 - 00000000 ____D C:\Users\Nallamilli Raman\Desktop\BGC
2016-11-28 19:35 - 2016-11-28 19:35 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-11-28 19:35 - 2016-11-28 19:35 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-11-28 19:35 - 2016-11-28 19:35 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-11-28 19:35 - 2016-11-28 19:35 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-11-28 13:05 - 2016-11-28 13:05 - 00477168 _____ (Sun Microsystems, Inc.) C:\WINDOWS\SysWOW64\npdeployJava1.dll
2016-11-28 13:05 - 2016-11-28 13:05 - 00473072 _____ (Sun Microsystems, Inc.) C:\WINDOWS\SysWOW64\deployJava1.dll
2016-11-28 13:05 - 2016-11-28 13:05 - 00157680 _____ (Sun Microsystems, Inc.) C:\WINDOWS\SysWOW64\javaws.exe
2016-11-28 13:05 - 2016-11-28 13:05 - 00149488 _____ (Sun Microsystems, Inc.) C:\WINDOWS\SysWOW64\javaw.exe
2016-11-28 13:05 - 2016-11-28 13:05 - 00149488 _____ (Sun Microsystems, Inc.) C:\WINDOWS\SysWOW64\java.exe
2016-11-28 13:05 - 2016-11-28 13:05 - 00000000 ____D C:\ProgramData\Sun
2016-11-28 13:04 - 2016-11-28 13:05 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-28 12:18 - 2016-12-14 17:51 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\LocalLow\Mozilla
2016-11-25 17:17 - 2016-12-14 12:46 - 00000000 ____D C:\Users\Nallamilli Raman\Downloads\Movies
2016-11-25 15:44 - 2016-11-25 15:44 - 08688767 _____ C:\Users\Nallamilli Raman\Desktop\Book2.xlsx
2016-11-25 13:00 - 2016-12-14 15:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-24 15:30 - 2016-11-25 15:33 - 00000000 ____D C:\Users\Nallamilli Raman\Desktop\Secondary Ledger
2016-11-17 18:25 - 2016-11-17 18:25 - 00000000 ____D C:\stremio-cache
2016-11-17 18:19 - 2016-11-17 18:19 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn-Time
2016-11-17 18:19 - 2016-11-17 18:19 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Local\Chromium
2016-11-17 18:14 - 2016-11-17 18:19 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Local\Popcorn-Time
2016-11-16 17:03 - 2016-11-16 17:03 - 00015829 _____ C:\Users\Nallamilli Raman\Desktop\Innova CHC Calendar Change Approach.txt
2016-11-15 23:38 - 2016-11-15 23:38 - 01512098 _____ C:\Users\Nallamilli Raman\Desktop\Innova CHC Calendar Change Approach.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-12-14 20:15 - 2016-03-03 11:30 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-14 20:02 - 2016-07-16 17:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 19:42 - 2015-04-28 10:13 - 00000000 ____D C:\Users\Nallamilli Raman\Documents\Youcam
2016-12-14 19:38 - 2015-11-24 16:07 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Local\TSVNCache
2016-12-14 19:37 - 2016-08-04 15:32 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-14 19:37 - 2015-04-28 10:11 - 00000000 __SHD C:\Users\Nallamilli Raman\IntelGraphicsProfiles
2016-12-14 18:00 - 2016-08-04 15:36 - 00000000 ____D C:\Users\Nallamilli Raman
2016-12-14 18:00 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-14 18:00 - 2015-05-19 12:45 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Roaming\Skype
2016-12-14 17:34 - 2016-08-04 15:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-14 13:13 - 2016-09-22 16:32 - 00000000 ____D C:\Program Files\Common Files\AV
2016-12-14 13:02 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-14 12:55 - 2016-08-04 15:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-14 12:55 - 2016-07-16 11:34 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2016-12-14 12:47 - 2015-05-19 14:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 12:45 - 2015-07-13 20:14 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Roaming\vlc
2016-12-14 12:42 - 2015-05-19 14:56 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 12:02 - 2016-07-16 17:17 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-14 08:17 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-14 07:55 - 2016-10-05 10:26 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Local\CrashDumps
2016-12-14 07:42 - 2015-05-19 13:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-13 18:33 - 2015-07-29 12:46 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent
2016-12-12 11:11 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\rescache
2016-12-12 05:26 - 2016-07-16 17:19 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 05:26 - 2016-07-16 17:19 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 14:38 - 2016-07-16 17:15 - 00000000 ____D C:\WINDOWS\INF
2016-12-11 10:22 - 2016-08-04 15:35 - 01294306 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-11 10:21 - 2015-04-28 10:09 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-11 10:15 - 2016-07-08 13:11 - 00000748 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2818809977-977177620-758274071-1001.job
2016-12-11 10:15 - 2016-07-08 13:11 - 00000652 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2818809977-977177620-758274071-1001.job
2016-12-11 10:15 - 2016-06-09 15:16 - 00000400 _____ C:\WINDOWS\Tasks\HPCeeScheduleForNallamilli Raman.job
2016-12-11 10:14 - 2015-05-19 12:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-11 10:12 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-11 10:12 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-11 10:12 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-11 10:12 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-11 10:12 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-11 10:12 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-11 10:12 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-11 10:11 - 2016-07-16 17:17 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-11 10:11 - 2016-07-16 17:17 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-11 10:11 - 2016-07-16 11:34 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 20:20 - 2015-05-24 01:33 - 00000000 ____D C:\KMPlayer
2016-12-10 12:10 - 2016-07-16 17:12 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-08 18:31 - 2016-10-26 21:38 - 00000527 _____ C:\Users\Nallamilli Raman\ticket1.xml
2016-12-08 18:31 - 2016-08-04 15:55 - 00003336 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForNallamilli Raman
2016-12-08 17:44 - 2015-04-28 10:11 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Local\Packages
2016-12-08 15:17 - 2016-07-16 11:34 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-08 15:16 - 2016-10-05 17:07 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-12-08 15:16 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-12-08 15:16 - 2016-06-02 22:39 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-12-02 10:40 - 2015-05-19 13:42 - 00000000 ____D C:\Users\Nallamilli Raman\AppData\Roaming\TeamViewer
2016-12-01 13:11 - 2016-06-15 15:08 - 00000000 ___RD C:\Users\Nallamilli Raman\Google Drive
2016-11-30 11:35 - 2014-11-12 13:32 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-25 15:12 - 2016-06-15 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-25 12:54 - 2015-05-19 12:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-25 12:54 - 2015-05-19 12:45 - 00000000 ____D C:\ProgramData\Skype
2016-11-20 10:51 - 2016-09-26 11:27 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-19 13:05 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-19 13:04 - 2014-11-12 13:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-17 12:15 - 2015-07-30 15:55 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
 
==================== Files in the root of some directories =======
 
2016-08-08 13:00 - 2016-08-08 14:36 - 0000600 _____ () C:\Users\Nallamilli Raman\AppData\Local\PUTTY.RND
2015-05-25 15:10 - 2015-05-25 15:10 - 0000017 _____ () C:\Users\Nallamilli Raman\AppData\Local\resmon.resmoncfg
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2016-12-05 16:38
 
==================== End of FRST.txt ============================
 
Addition Log File:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Nallamilli Raman (14-12-2016 20:26:06)
Running from C:\Users\Nallamilli Raman\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-04 10:37:32)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2818809977-977177620-758274071-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2818809977-977177620-758274071-503 - Limited - Disabled)
Guest (S-1-5-21-2818809977-977177620-758274071-501 - Limited - Disabled)
Nallamilli Raman (S-1-5-21-2818809977-977177620-758274071-1001 - Administrator - Enabled) => C:\Users\Nallamilli Raman
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\uTorrent) (Version: 3.4.9.43057 - BitTorrent Inc.)
4 Elements II (x32 Version: 3.0.2.59 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
avast! SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.139.2 - AVAST Software)
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Barn Yarn Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot Mysteries (x32 Version: 3.0.2.51 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CrSSL  (HKLM-x32\...\CrSSL) (Version:  - )
Curse at Twilight (x32 Version: 3.0.2.51 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6618 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.5.6618 - CyberLink Corp.) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3324 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3324 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
DataLoad (HKLM-x32\...\DataLoad) (Version: 5.4.1.0 - JD Stuart Ltd)
Delicious - Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 15.4.22 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Farmington Tales 2 - Winter Crop (x32 Version: 3.0.2.59 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Fort Defense (x32 Version: 3.0.2.51 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Global VPN Client (HKLM\...\{88C972E7-D7FC-40F3-9FE5-180957F37B45}) (Version: 4.9.0 - Dell SonicWALL)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Drive (HKLM-x32\...\{8696116E-F4C2-4C64-AD7E-FF365E244FA4}) (Version: 1.32.3889.0961 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.28.0.6039 (HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\GoToMeeting) (Version: 7.28.0.6039 - CitrixOnline)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CASL Framework (HKLM-x32\...\{5094249B-9542-4536-AE76-B769EE085C99}) (Version: 7.0.5.1 - HP)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.3.34.7 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.5.32.37 - HP)
HP System Event Utility (HKLM-x32\...\{C39A7F0F-89A6-44BB-B1BF-5F96569B5345}) (Version: 1.2.9 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.46 - Softex Inc.) Hidden
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
Java™ SE Development Kit 6 Update 35 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160350}) (Version: 1.6.0.350 - Oracle)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Joining Hands 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.135 - PandoraTV)
LenovoUsbDriver 1.0.12 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.12 - Lenovo)
Lost in Reefs 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Heroes: Save Our Park (x32 Version: 3.0.2.59 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Lync Web App Plug-in (HKLM\...\{530923FF-A970-4952-9D2F-5FF3C874B50A}) (Version: 15.8.8308.920 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Assistant (HKLM-x32\...\{48D6D221-9262-4159-9DBF-E40DA8478648}) (Version: 1.4.1.10090 - Lenovo)
Mozilla Firefox 50.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 en-US)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 3.0.2.59 - WildTangent) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Oracle Beehive Conferencing (HKLM-x32\...\{4A8ABF7C-0DBB-41D9-8456-9CFC16F9B4BA}) (Version: 1.4 - Oracle Corporation)
Oracle VM VirtualBox 5.1.6 (HKLM\...\{EEDDD7E2-A7A2-4FA9-8C32-ADB29A5096FF}) (Version: 5.1.6 - Oracle Corporation)
ownCloud (HKLM-x32\...\ownCloud) (Version: 2.2.3.6307 - ownCloud)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 3.0.2.59 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Popcorn-Time (HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
Quest Installer (HKLM-x32\...\Quest Installer) (Version:  - )
RD9700 USB Ethernet Adapter (HKLM-x32\...\{8F1A2017-DF3D-44D3-BE79-C616CF5946D3}) (Version: 3.03.0029 - Corechip Semiconductor)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.55 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.60 - REALTEK Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Rush Hour! Gas Station (x32 Version: 3.0.2.59 - WildTangent) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.3.0.1103 - Lenovo)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version:  - )
Sky High Farm (x32 Version: 3.0.2.59 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Solitaire Mystery Four Seasons (x32 Version: 3.0.2.51 - WildTangent) Hidden
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Toad for Oracle 12 (HKLM-x32\...\{49743D3F-F4C7-4B0F-8263-2D566A2B3EF6}) (Version: 12.0.0.61 - Quest Software, Inc.)
TortoiseSVN 1.7.13.24257 (64 bit) (HKLM\...\{4560A53B-3BB7-4B72-829E-5BDE5803DC11}) (Version: 1.7.24257 - TortoiseSVN)
Unchecky v1.0.1 (HKLM-x32\...\Unchecky) (Version: 1.0.1 - RaMMicHaeL)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Viking Saga (x32 Version: 3.0.2.48 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD Access (HKLM-x32\...\{046643f7-6206-46bb-8968-92c37fee39e0}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc.)
WD Access (x32 Version: 1.4.5949.29996 - Western Digital Technologies, Inc) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2818809977-977177620-758274071-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Nallamilli Raman\AppData\Local\Citrix\GoToMeeting\5102\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {004424FB-CD42-4A0C-99A9-A816127D37B2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {04E8C168-EB49-4F97-A51A-2404A7447145} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {05C8A0FE-7330-4C69-9F56-8E69FED74CB6} - System32\Tasks\G2MUploadTask-S-1-5-21-2818809977-977177620-758274071-1001 => C:\Users\Nallamilli Raman\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-09] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {07DB0EEB-8E05-4FCE-ACE3-C51CDC5B4357} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-19] (Google Inc.)
Task: {1E75EDA6-5EEE-4350-9886-9AA747DAC790} - System32\Tasks\{7F10788D-EC70-47B5-B7A4-6EDCFD3D7A00} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.4.0.102&LastError=12002
Task: {2171F439-A669-4FA5-964F-36E0C6F24EE5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-30] (Dropbox, Inc.)
Task: {220200C0-9179-4F85-A15A-A8F4B15CB4BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {22CEB106-93F4-4EFF-8B17-764EE82E2177} - System32\Tasks\{774E1ACE-FAC4-4C78-A911-3579FCF536EF} => pcalua.exe -a "F:\Dev Suite\ds_windows_x86_101202_disk1\setup.exe" -d "F:\Dev Suite\ds_windows_x86_101202_disk1"
Task: {240B19E6-B08F-4036-9E76-951485630DF8} - System32\Tasks\lenovo mobile auto run => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2014-09-29] (Lenovo)
Task: {26058F33-2EF7-4E83-9517-4FCFB6CC1FA7} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-03] (AVAST Software)
Task: {28E2FB16-77B9-4DBA-8D55-28E235D5DCFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {2DDE02AA-3612-4967-BD88-11FC73B488A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {3405599F-2521-4319-8E84-315A16D7E69C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-16] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {385F017D-D3C3-4FF8-8F78-36D54CD02E4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {48347DE5-0740-41B2-AC27-6E19280D30A8} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-02] (Hewlett-Packard)
Task: {4B0EEA09-5BA1-4C34-BDC6-C1F7708927D9} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-02] (Hewlett-Packard)
Task: {4ED142E3-46AF-44FD-9C32-9F9CF8F4C2D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {516F385F-C48A-46B6-A92C-6EB60A070FF3} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-07-11] (AO Kaspersky Lab)
Task: {527832D4-FA92-4BBD-9202-E95C82F62C4E} - System32\Tasks\HPCeeScheduleForNallamilli Raman => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {5A4A8C7F-F6E3-48FC-B9DA-B6BAC408BE5C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {60BCD904-0214-42F0-B241-A5F33105CEF7} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2014-07-24] (CyberLink Corp.)
Task: {68D33860-04C9-4916-AE01-5557C1D0D61B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {7D381EA0-7E46-4C0B-BB20-430F57295DB4} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-20] (Hewlett-Packard Development Company, L.P.)
Task: {8F2A75D1-5426-48DB-AD10-9982C6119D32} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {90BAC943-B6B3-40B1-8C0E-1A3D859F979A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {C34FE37F-2A4E-4CE9-9EE3-992095D00BEC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-30] (Dropbox, Inc.)
Task: {C650C912-C900-4CB7-A521-80AD472867B0} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-09-23] (CyberLink Corp.)
Task: {CDE63932-0687-4DCE-8812-79FBD3235C38} - System32\Tasks\G2MUpdateTask-S-1-5-21-2818809977-977177620-758274071-1001 => C:\Users\Nallamilli Raman\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-09] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {D22CF1E5-5422-4060-BCF7-307DC92DFD3E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-16] (Piriform Ltd)
Task: {D321D8F6-92C0-4715-9392-7DACD4675A43} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-02] (Hewlett-Packard)
Task: {DAFEEBF0-B909-4137-B3AB-280803F6F755} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {E607226B-162A-429B-BF84-9D07DA38F6D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-31] (HP Inc.)
Task: {E6DCE025-551B-466A-996D-C0F2F8958EAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-19] (Google Inc.)
Task: {EA0DD6AF-96EF-4A93-A0F9-8C123715AE4F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-11-02] (Microsoft Corporation)
Task: {FB93F6E3-0A32-45DD-8990-C56D77BC2EFB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2818809977-977177620-758274071-1001.job => C:\Users\Nallamilli Raman\AppData\Local\Citrix\GoToMeeting\6039\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2818809977-977177620-758274071-1001.job => C:\Users\Nallamilli Raman\AppData\Local\Citrix\GoToMeeting\6039\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForNallamilli Raman.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Nallamilli Raman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\Nallamilli Raman\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\Nallamilli Raman\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
ShortcutWithArgument: C:\Users\Nallamilli Raman\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-10-05 17:50 - 2012-10-05 17:50 - 00158208 _____ () C:\Program Files (x86)\CrSSL\bin\crssladmmgr.exe
2013-07-01 13:51 - 2013-07-01 13:51 - 00810808 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
2013-07-01 04:47 - 2013-07-01 04:47 - 00029184 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 04:47 - 2013-07-01 04:47 - 00035840 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 04:46 - 2013-07-01 04:46 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 04:46 - 2013-07-01 04:46 - 00116736 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 04:45 - 2013-07-01 04:45 - 00022016 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 04:45 - 2013-07-01 04:45 - 00018432 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 13:51 - 2013-07-01 13:51 - 01127736 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
2013-07-01 04:46 - 2013-07-01 04:46 - 00039936 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2013-07-01 04:46 - 2013-07-01 04:46 - 00628224 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 04:47 - 2013-07-01 04:47 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2015-03-20 21:16 - 2014-04-15 07:29 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-05-29 20:58 - 2016-05-29 20:58 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-10 12:37 - 2016-11-11 15:40 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-10 12:37 - 2016-11-11 15:40 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-10 12:37 - 2016-11-11 15:40 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-03 07:01 - 2016-08-03 07:01 - 00059904 _____ () C:\Program Files (x86)\ownCloud\shellext\OCUtil_x64.dll
2016-09-24 14:57 - 2016-09-24 14:57 - 00959168 _____ () C:\Users\Nallamilli Raman\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-09-24 14:27 - 2016-10-30 21:42 - 08924864 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2013-06-01 10:00 - 2013-06-01 10:00 - 00088848 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2015-05-19 12:01 - 2012-01-29 16:55 - 00657920 _____ () G:\Software\TeraCopy\TeraCopy64.dll
2015-05-19 12:01 - 2012-01-20 14:55 - 00678400 _____ () G:\Software\TeraCopy\TeraCopyExt64.dll
2016-09-19 15:34 - 2016-09-07 10:26 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-10 12:36 - 2016-11-11 14:53 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-10 10:40 - 2016-11-02 15:51 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-10 10:40 - 2016-11-02 15:45 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-10 10:40 - 2016-11-02 15:44 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-10 10:40 - 2016-11-02 15:45 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-10 10:40 - 2016-11-02 15:46 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-10 10:40 - 2016-11-02 15:47 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-14 12:00 - 2016-12-14 12:00 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 12:00 - 2016-12-14 12:00 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 12:00 - 2016-12-14 12:00 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 12:00 - 2016-12-14 12:00 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-11 11:00 - 2016-11-09 02:33 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-11 11:00 - 2016-11-09 02:33 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2014-09-29 15:05 - 2014-09-29 15:05 - 00109736 _____ () C:\Program Files (x86)\MagicPlus\crashreport.dll
2014-09-29 15:05 - 2014-09-29 15:05 - 00351400 _____ () C:\Program Files (x86)\MagicPlus\UsbHelper.dll
2016-11-30 11:34 - 2016-10-29 05:20 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-30 11:34 - 2016-10-29 05:20 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-11-30 11:34 - 2016-10-29 05:21 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-11-30 11:34 - 2016-10-29 05:20 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-11-30 11:34 - 2016-10-29 05:20 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-11-30 11:34 - 2016-10-29 05:20 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-11-30 11:34 - 2016-10-29 05:20 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-30 11:34 - 2016-10-29 05:21 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-11-30 11:34 - 2016-10-29 05:20 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-11-30 11:34 - 2016-10-29 05:23 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-30 11:34 - 2016-10-29 05:22 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-11-30 11:34 - 2016-10-29 05:19 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-11-30 11:34 - 2016-11-28 19:46 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-11-30 11:34 - 2016-11-28 19:35 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-11-30 11:34 - 2016-11-28 19:46 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-30 11:34 - 2016-11-28 19:46 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-30 11:34 - 2016-10-29 05:21 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-11-30 11:34 - 2016-10-29 05:26 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-11-30 11:34 - 2016-10-29 05:26 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-11-30 11:34 - 2016-11-28 19:46 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-30 11:34 - 2016-10-29 05:23 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-11-30 11:34 - 2016-11-28 19:47 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-30 11:34 - 2016-11-28 19:46 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-24 14:30 - 2016-11-16 11:26 - 00521408 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\msfad.dll
2016-10-27 17:05 - 2016-10-27 17:05 - 22825144 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-05-03 20:11 - 2016-05-03 20:11 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-10-01 05:06 - 2016-10-01 05:06 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\skype.com -> hxxps://apps.skype.com
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 18:55 - 2016-12-14 12:56 - 00002547 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
192.168.0.31 erpsrv1.pittilam.com  erpsrv1
192.168.0.4 pllprod.pittilam.com   pllprod
192.168.0.6 erpuat.pittilam.com   erpuat
192.168.2.16   demo.appsguruconsulting.com  demo
192.168.140.99  erpdev.linscan.local     erpdev
192.168.2.11    fusapps.appsguruconsulting.com      fusapps
192.168.140.99   erpdev.linscan.local    erpdev
192.168.140.100      erpprod.linscan.local    erpprod
192.168.166.18  prod.retail.com                 prod      R&B
192.168.2.29 ofbiz.appsguruconsulting.com fusapps0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
 
There are 13 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2818809977-977177620-758274071-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nallamilli Raman\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wall paper saibaba1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "avast! SecureLine.lnk"
HKLM\...\StartupApproved\StartupFolder: => "vpngui.exe.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "crssl-client"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F2A35E3CEF1D0C84455300057F865D99"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "ownCloud"
HKU\S-1-5-21-2818809977-977177620-758274071-1001\...\StartupApproved\Run: => "FileHippo.com"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{D6FB74E4-8D85-4320-B24B-55EF45E76C87}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{622273AD-74A1-48AE-892C-FA0C1AD7B8A9}] => C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{7F6127B4-4EDD-4306-80A7-7380A4ED62D0}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9B2F31F6-CFED-4537-A581-6FF3C095020D}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{3ACDDD4B-CB4D-443E-934E-2CD39F7E62B1}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{BF6F54B0-E2E2-4A40-B52A-24D272CAE9CE}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{34C0B624-C153-4124-AFE1-2715DB0A2775}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{33B464C4-D5F4-4E8A-9546-D8F33A7A78A1}C:\program files (x86)\java\jre6\bin\java.exe] => C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{B1DE4E0B-9780-45D1-9E76-6F394D418079}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D6524E7C-F8A9-41FE-A076-9F90EBF7F3CB}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B1726256-4761-4C16-B7F2-51402413C08B}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DB397A5A-F870-4C54-9913-080E1E1FEDFA}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F02D4EFD-CDDB-4C0D-B6C5-CAF398151D55}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4744CE22-7B54-42F2-B5A6-B30C109A97A7}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE95222C-BE95-403B-96A1-B04B4687CFFE}] => C:\Users\Nallamilli Raman\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{26806D90-DBC9-428C-A3FE-EF7A42D2B6DE}] => C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{647BF2A0-891D-4A48-BF25-DE6959AB3218}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{D697BCA2-47D3-4E06-B4D6-7ABB7613ABA3}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{08D9B924-A967-43C6-BB4F-E276704A45BF}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{DBC3D6FB-46FF-4D28-BA86-EE45C9C5AD17}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{8B752460-1929-4C56-B1C0-4A73EFCAAB73}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{C3A0060A-C35D-4D6C-AE7B-C94E45875748}] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{D4896B5A-263D-4A94-AF6E-4CF01F2C3535}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB321D3F-8D21-43CE-8ABB-B37BDD359889}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{86ADF40D-0A08-4217-B827-68FCBB8B367E}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{88F84218-423D-46EA-8C50-EA6ADA52E229}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49BEEF9B-069E-4C29-A5F0-E764AA5BC4BE}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7E92977D-590C-44C4-8404-A84774C59AC7}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{96E37F28-E04B-4AFC-8F4F-D59682EB4EAB}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0C8118CF-21C7-41A6-9E5B-AC0ABBF46972}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D8EDA6F3-B6DC-404C-993F-B6490C688750}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0493E54F-E17D-4C93-8CA8-B685C0625C07}] => C:\Users\Nallamilli Raman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1CDE5670-3A08-43DA-ADCF-C69F918D082F}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ADF3A3A6-4D4A-4016-9607-F5238C3777BD}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2F4C20EB-FCAF-4E7A-B3FB-A90B728C4695}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EC7EB429-3A6A-4EDC-B9BA-28B4AEF84BBA}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4526ED23-5F37-437F-BE87-BA374C200E99}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{428B7147-D89B-4CDD-849F-E3802C552C61}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FC2EE9CA-CE89-4594-996B-25236296EB34}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C55F0C25-B6E3-41E4-8149-0C484913A99C}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{82F7168A-582D-4E03-AB26-E3C87609C2DA}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A924D7B0-76FD-4331-B683-C0161522C774}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{48A73565-BF53-4433-8234-46A2185F2237}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D194E243-1D8C-482A-94A9-3904DEE918F8}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3F583157-AD0C-46AC-A1FD-7F09A5F03EFC}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AE310AAD-4601-4BFD-A73C-8FD356A91D72}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C0C4DC3A-34E0-4A0D-AED8-45E83A5C0CBB}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{38FD0116-00BD-474D-83A6-928FCDAD51CD}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F3BF4BB7-8344-4927-835F-63102B77E6D8}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
 
==================== Restore Points =========================
 
28-11-2016 12:53:47 Removed Java 8 Update 111
05-12-2016 13:11:44 Scheduled Checkpoint
10-12-2016 20:33:33 Windows Update
14-12-2016 12:40:45 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Driver for user-mode network applications
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/14/2016 08:23:05 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\MagicPlus\MagicPlus.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (12/14/2016 07:52:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\MagicPlus\MagicPlus.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (12/14/2016 07:44:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\MagicPlus\MagicPlus.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (12/14/2016 07:39:37 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {211266F5-EF9B-44EA-AA73-504CBE231BCE}
 
Error: (12/14/2016 07:39:37 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {211266F5-EF9B-44EA-AA73-504CBE231BCE}
 
Error: (12/14/2016 07:38:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 RNALLAMILLI.local. AAAA FE80:0000:0000:0000:D8F8:1063:4C03:2B5B
 
Error: (12/14/2016 07:38:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.10:58230    4 RNALLAMILLI.local. Addr 192.168.2.138
 
Error: (12/14/2016 07:38:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 RNALLAMILLI.local. Addr 192.168.1.10
 
Error: (12/14/2016 07:38:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.10:58230    4 RNALLAMILLI.local. Addr 192.168.2.138
 
Error: (12/14/2016 07:38:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 RNALLAMILLI.local. AAAA FE80:0000:0000:0000:D8F8:1063:4C03:2B5B
 
 
System errors:
=============
Error: (12/14/2016 07:51:55 PM) (Source: DCOM) (EventID: 10016) (User: RNALLAMILLI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user RNALLAMILLI\Nallamilli Raman SID (S-1-5-21-2818809977-977177620-758274071-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 07:37:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 06:00:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (12/14/2016 05:37:37 PM) (Source: DCOM) (EventID: 10016) (User: RNALLAMILLI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user RNALLAMILLI\Nallamilli Raman SID (S-1-5-21-2818809977-977177620-758274071-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 05:17:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 05:05:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 04:37:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 03:44:11 PM) (Source: DCOM) (EventID: 10016) (User: RNALLAMILLI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID 
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user RNALLAMILLI\Nallamilli Raman SID (S-1-5-21-2818809977-977177620-758274071-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 03:09:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/14/2016 03:06:46 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR3.
 
 
CodeIntegrity:
===================================
  Date: 2016-11-22 20:13:25.353
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-17 13:08:12.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-09 22:43:43.963
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-09-14 17:40:56.048
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-09-13 21:32:21.499
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\TortoiseSVN\bin\TortoiseStub.dll that did not meet the Store signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 53%
Total physical RAM: 6066.27 MB
Available physical RAM: 2846.64 MB
Total Virtual: 8066.27 MB
Available Virtual: 4381.2 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:171.02 GB) (Free:50.85 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:25.75 GB) (Free:2.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (New Volume) (Fixed) (Total:250 GB) (Free:71.66 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:250 GB) (Free:99.9 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A5D1162D)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
Thanks,
Raman Nallamilli.


#5 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 PM

Posted 15 December 2016 - 03:10 PM

Hello rnallamilli, thank you for your logs.

 

Before you go ahead, I wanted to take a moment to caution you on the use of things like uTorrent. uTorrent and other peer to peer applications can provide another way for your computer to end up infected.

 

++++ Step 3 FRST Fix ++++

  • Press the windows key + r on your keyboard at the same time (this will open Run)
  • Type notepad.exe
  • Press Enter
  • Copy and paste the code below in the open notepad window
  • Save the file as fixlist.txt in the same folder where the Farbar tool is running from (FRST should be on your desktop).
  • Right click FRST64.exe
  • Click Run as administrator
  • Click the Fix button
  • When FRST finishes running, your computer will restart itself
S3 dbx; system32\DRIVERS\dbx.sys
EmptyTemp:

++++ Step 4 Run an online Emsisoft Emergency Kit Scan ++++

  1. Download Emsisoft Emergency Kit and save it to your desktop.
  2. Double-click icon then click Install
  3. A Window should open highlighting Start Emergency Kit Scanner
  4. Right click on the icon and select Run as administrator
  5. Click 1. Update now!
  6. Once the update is completed select Settings under Scan
  7. Uncheck Join the Emsisoft Anti-Malware Network
  8. Click Scan at the top
  9. Click On scan completion
  10. Click Quarantine detected objects, then click OK
  11. Click Malware Scan
  12. Once completed click View Report
  13. Save the file to your Desktop as EmsisoftScan15-December.txt

 

++++ Step 5  Share Your Logs++++

  1. Please post the contents of the Fixlog.txt file that was created when you ran the FRST fix in your next reply
  2. Please post the contents of the EmsisoftScan15-December.txt file that was created when you ran the Emsisoft scan in your next reply

Thank you,

 

packetanalyzer



#6 rnallamilli

rnallamilli
  • Topic Starter

  • Members
  • 318 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 AM

Posted 16 December 2016 - 05:01 AM

Fixlog - Log File.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Nallamilli Raman (16-12-2016 15:20:15) Run:2
Running from C:\Users\Nallamilli Raman\Desktop
Loaded Profiles: Nallamilli Raman (Available Profiles: Nallamilli Raman)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
S3 dbx; system32\DRIVERS\dbx.sys
EmptyTemp:
*****************
 
dbx => service removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16014561 B
Java, Flash, Steam htmlcache => 1385 B
Windows/system/drivers => 1119684 B
Edge => 59733 B
Chrome => 47805331 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 822 B
NetworkService => 0 B
Nallamilli Raman => 9732332 B
 
RecycleBin => 0 B
EmptyTemp: => 71.3 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 15:20:27 ====


#7 rnallamilli

rnallamilli
  • Topic Starter

  • Members
  • 318 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 AM

Posted 16 December 2016 - 05:21 AM

Emsisoft Emergency Kit - Version 12.0
Last update: 12/16/2016 3:39:58 PM
User account: RNALLAMILLI\Nallamilli Raman
Computer name: RNALLAMILLI
OS version: Windows 10x64 
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
 
Scan start: 12/16/2016 3:41:10 PM
 
Scanned 83355
Found 0
 
Scan end: 12/16/2016 3:50:39 PM
Scan time: 0:09:29


#8 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 PM

Posted 17 December 2016 - 10:51 AM

Hi rnallamilli, thank you for the most recent logs. Your computer looks clean, but you have some software that is out of date.

 

++++ Step 6 Update Flash Player ++++

  • Click here to navigate to the Flash Player website
  • Uncheck any optional offers
  • Click on Install Now
  • Click Save File and save the file to your Desktop
  • Close all open browsers
  • Double click the Flash Player installer

++++ Step 7 Update Shockwave Player ++++

  • Click here to navigate to the Shockwave Player website
  • Click the Agree and install now button and save the file to your Desktop
  • Double click the Shockwave Player installer

++++ Step 8 Update Java ++++

  • Click here to navigate to the Java website
  • Click Verify Java version
  • If you are notified your Java version is out of date click Update (recommended)
  • Click Agree and Start Free Java Download and save the file to your Desktop
  • Double click the Java installer
  • Uncheck all optional offers
  • Click Next
  • Once completed you should be notified You have successfully installed Java
  • If Java notifies you older versions of the program need to be removed check each of the versions and click Uninstall
  • Verify the older version(s) was uninstalled then click Next
  • Click Close

++++ Step 9 Additional Instructions ++++

  • Restart your computer
  • Please reply when you have done the things requested above

 

Thank you,

 

 

 

packetanalyzer



#9 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 PM

Posted 20 December 2016 - 07:10 PM

Hi rnallamilli,

 

It has been three days since and I haven't heard back from you. If your problem is resolved, please let me know so we can close this thread and assist other people. If you still need assistance please respond within 48 hours.

 

Thank you,

 

packetanalyzer



#10 rnallamilli

rnallamilli
  • Topic Starter

  • Members
  • 318 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 AM

Posted 22 December 2016 - 08:38 AM

Hi,

 

i could not reply back as i was traveling. My issue is resolved. Thanks a lot for your help.

 

Thanks,

Raman Nallamilli.



#11 packetanalyzer

packetanalyzer

  • Members
  • 954 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 PM

Posted 23 December 2016 - 11:39 AM

Hello rnallamilli,

 

Thank you for the update. That is very good news.

 

That leave us with our final set of steps. :)

 

++++ Step 10  How to Stay Safe Online and All Clear++++

 

As you are clearly aware there are many threats to the security of your computer. By doing basic things you can reduce the level of risk to your computer. No one solution or combination of solutions will give you 100% protection from all threats, but by doing the following you greatly decrease the risk to the security of your computer and reduce the attack surface you present to attackers.

 

  • Keep your Operating System Up to Date
  • Keep your Applications Up to Date
  • Use Different Passwords on Every Website
  • Install, Keep Up to Date, and Run Regular Scans of a Reliable Anti-Virus Product
  • Enable, Properly Configure, and Maintain a Firewall
  • Backup Your Data
  • Periodically Test Your Backups
  • Do Not Open Attachments from People You Do Not Know
  • Watch Out for Online and Phone Support Scams

You can find more information on tips to keep your computer safe online here and examples of security best practices here.

 

Thank you for your patience. If you have any other questions for me, please let me know. Otherwise you should be ready to use your computer.

 

packetanalyzer



#12 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 27 December 2016 - 04:21 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users