• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.

koolsam

Full Member
  • Content count

    250
  • Joined

  • Last visited

About koolsam

  • Rank
    SWI Junkie
  • Birthday

Profile Information

  • Gender
    Male
  1. System performance has improved a lot...Still External HDD is not been detected whereas External HDD works fine for another PC.USB Port is able to detect my Flash Drive but not my External HDD...
  2. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-08-2016 01 Ran by Samrat (26-08-2016 10:35:13) Running from C:\Users\Samrat\Desktop Microsoft Windows 10 Pro Version 1607 (X86) (2016-08-06 18:24:45) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3559879560-2752497012-24936758-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3559879560-2752497012-24936758-503 - Limited - Disabled) Guest (S-1-5-21-3559879560-2752497012-24936758-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3559879560-2752497012-24936758-1002 - Limited - Enabled) Samrat (S-1-5-21-3559879560-2752497012-24936758-1001 - Administrator - Enabled) => C:\Users\Samrat UpdatusUser (S-1-5-21-3559879560-2752497012-24936758-1004 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated) Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated) Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung) Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version: - ) ASUS nVidia Driver (Version: 1.00.0000 - ASUSTek) Hidden Bing Bar (HKLM\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation) Bing Bar (HKLM\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation) BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden Bulzer USB2.0 UVC PC Camera (HKLM\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform) Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.3019 - CyberLink Corp.) Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden DiskMax 5.11 (HKLM\...\DiskMax) (Version: 5.11 - KoshyJohn.com) DJ_AIO_06_F2400_SW_Min (Version: 140.0.851.000 - Hewlett-Packard) Hidden Dropbox (HKLM\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.) Dropbox Update Helper (Version: 1.3.43.1 - Dropbox, Inc.) Hidden EaseUS Partition Master 9.1.1 Home Edition (HKLM\...\EaseUS Partition Master Home Edition_is1) (Version: - EaseUS) ExtremeCopy (HKLM\...\{9B4091A4-9556-402F-B703-31C203BDE889}) (Version: 2.3.4 - Easersoft) F2400 (Version: 140.0.851.000 - Hewlett-Packard) Hidden Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - ) GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden Google Drive (HKLM\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.) Google Earth Pro (HKLM\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden GoToMeeting 5.7.0.1172 (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline) GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden hide.me VPN 1.2.6 (HKLM\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.2.6 - eVenture Limited) honestechTVR2.5 (HKLM\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech) honestechTVR2.5 (Version: 2.5 - honestech) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.) IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) K-Lite Mega Codec Pack 12.1.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.1.5 - KLCP) LAV Filters 0.66 (HKLM\...\lavfilters_is1) (Version: 0.66 - Hendrik Leppkes) LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden Metric Collection SDK 35 (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7167.2040 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 48.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 48.0.2 (x86 en-US)) (Version: 48.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nero 7 Essentials (HKLM\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1033}) (Version: 7.03.1303 - Nero AG) Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG) Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG) Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) NVIDIA 3D Vision Controller Driver 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation) NVIDIA 3D Vision Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation) NVIDIA GeForce Experience 1.6.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1.2 - NVIDIA Corporation) NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PSIM 9.0.3 (HKLM\...\{98D13EC5-0C60-48eb-A7FA-1B0008EC4C2D}) (Version: 9.0.3 - Powersim) QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden RAR Password Unlocker (HKLM\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.) RealDownloader (Version: 18.1.4.137 - RealNetworks, Inc.) Hidden RealDownloader (Version: 18.1.4.144 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd) Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden Setup - Don Bradman Cricket 14 ... (HKLM\...\Setup - Don Bradman Cricket 14 ...) (Version: ... - HES Interactive) SHAREit (HKLM\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo) SHIELD Streaming (Version: 1.05.42 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.24 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.) SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden Stereoscopic Player (HKLM\...\{a2c29e53-27b7-4e67-b496-b7792f72a171}) (Version: 2.4.3 - 3dtv.at) Stereoscopic Player (Version: 2.4.3 - 3dtv.at) Hidden TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.65280 - TeamViewer) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.) TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden vc2012_redist (Version: 1.0.0.0 - Realnetworks) Hidden Video Downloader (Version: 1.2.0 - RealNetworks) Hidden ViewSonic Monitor Drivers (HKLM\...\{B4FEA924-630D-11D4-B78E-005004566E4D}) (Version: - ) VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version: - Ozone) VJoy 1.2 (HKLM\...\VJoy Virtual Joystick_is1) (Version: - Headsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden WhatsApp (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp) WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun) Windows 10 Upgrade Assistant (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17346 - Microsoft Corporation) Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) Windows Resource Kit Tools - SubInAcl.exe (HKLM\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation) WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24104}) (Version: 20.5.12118 - WinZip Computing, S.L. ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1172\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll () CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01B65DA9-0CB3-4F59-9D49-A2741606E3D0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {04CA2995-73B7-4E81-8E3C-0F8FCFDFB843} - System32\Tasks\{DA6F51F6-BF18-47E1-ABBA-7F988E8E2249} => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe Task: {17B25621-F852-4B81-B0E8-95733F473A38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {1AF3F9EA-96A7-42DD-80EF-869A1815AF20} - System32\Tasks\{9F1C2142-6B09-4324-A0A4-C9EE6BF9A926} => pcalua.exe -a "C:\Program Files\Samsung\Samsung Link\uninstall.exe" Task: {2367A7E7-7A86-4D43-AB39-1A2B917799D3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {2A1AFFE3-4D38-46A1-83D6-B0400109F816} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {325F48E4-7832-4724-A575-69F72A64E48E} - System32\Tasks\{6AFE2735-5F26-47CA-937F-50A03C82C8E1} => pcalua.exe -a "c:\program files\real\realplayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|18.0 Task: {37F67F81-6D5A-4229-8E5A-DDFDA5F3CEA2} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-05-24] () Task: {396D2039-79CE-4D39-80CC-897DA2514D0E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {3E4A3934-522E-4CE3-8705-1295F2AB3A7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3FBA7F96-18F8-4B12-9B74-570338CC5ECC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4B4BA709-BD93-4715-8733-CFC0F1332579} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-06-02] (Dropbox, Inc.) Task: {5064DCDD-ED0C-4E67-BF45-2F877606DBC8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {526974AF-BBE9-441A-913A-A0D53111C880} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated) Task: {52B01E95-E04C-4083-95FD-A3D8801F1861} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {53517DA5-FF54-49C3-871B-DFE279710A84} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-12] (Microsoft Corporation) Task: {5398D6AE-A4FC-4D0C-A857-A0A4C4716821} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {55D5BB24-78DB-4B72-A568-6D919D3F1FA7} - System32\Tasks\{ABE956DF-1E53-4FE3-8F26-A3B26CBF5911} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{71A51A91-E7D3-11DB-A386-005056C00008}\setup.exe" -c -runfromtemp -l0x0009 -removeonly Task: {56D4E87B-51DF-4A4E-834C-64D86F31E8D6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {580AA43C-8603-4DFE-83CE-65A675B6EF4A} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] () Task: {5B3C9C2E-942D-4D41-9FDD-4A50B8ED0C93} - System32\Tasks\{CBE364C7-8FC3-4EB2-ABB5-9E4F40CBCD8B} => pcalua.exe -a "E:\Download\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit\713xDrvInstall.exe" -d "E:\Download\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit" Task: {67C6482D-6256-479F-BE48-A93F1B2644DD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {6D99FC8D-A597-4C54-B789-BB4F61AFCDC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {6EA99B9F-9FF1-4FE0-9936-2392EDE2AF59} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-06-02] (Dropbox, Inc.) Task: {724C603F-F9B3-4D8B-987C-33067D3F189B} - System32\Tasks\{9E396D18-8C75-4945-9E94-DEF75402F4D6} => pcalua.exe -a "D:\nfs2 HOT\setup.exe" -d "D:\nfs2 HOT" Task: {779F64EA-F945-4ED0-8F62-2D36B0E7D26E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7D32F567-2303-4B18-9FE3-BEACF1F74673} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-02] (Piriform Ltd) Task: {7F70833D-C1A8-4087-8565-926F058B4B55} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe Task: {82C55B59-1644-4E06-B630-43B8D46DC3F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {82F91532-B48F-4EE4-B9E3-C616EE798B54} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8412CEA6-21F4-4709-A90A-55BAC3CD1B95} - System32\Tasks\{ECD5AB5F-E90A-4EBB-96CC-2571DA3C943F} => pcalua.exe -a "J:\Samrat\General\Current Affairs\Britannica\India and The World\starter.exe" -d "J:\Samrat\General\Current Affairs\Britannica\India and The World" Task: {85DA8391-97D1-4E25-8551-285E906CDD8E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {894F854B-9FE4-4296-90DA-0A6E8047C352} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation) Task: {8AC9AD4B-E497-4C59-9B82-82DE80DD4107} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated) Task: {8E7AC6B2-8207-4EA6-A822-E75F0AC1093E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {8FCE7BE8-42A4-4D5F-86AB-98808D8E7502} - System32\Tasks\{B2F4EE28-3AF5-4EE1-8D33-F91D4A16D53E} => pcalua.exe -a "E:\Download\XP tools\Drivers\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit\713xDrvInstall.exe" -d "E:\Download\XP tools\Drivers\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit" Task: {9116A72A-1A4D-40C3-B636-47ACF6A15853} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {97196759-CF07-446E-99BC-0E92ADE3ED9A} - System32\Tasks\{1C80D6B2-CDF7-4AF8-AFF4-1B7FEF674250} => pcalua.exe -a "E:\NFSHP2\Need For Speed Hot Pursuit 2_uninst.exe" -d E:\NFSHP2 Task: {9A1E835A-CD6A-4CC6-AB64-EEBA862A6E3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9A673D8A-2710-4153-9691-43E658A45B18} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {A5BA4D86-7755-4909-806A-2C236FB39DED} - \WinZipBackGroundToolsTask -> No File <==== ATTENTION Task: {A69685C0-F39D-4E02-A42F-B461ACB73363} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AD744BD1-0667-4E4D-B206-70CC2D0964BD} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {B7E404AF-3EE3-4213-BC5C-DAD49E4F3C34} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B808E09E-A76A-441A-A7DC-E4F47532D0D5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {BC6BC3DC-CD7A-4E82-B678-A7814410FB5B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {C18F1DB2-CD31-411A-938E-50755D172FC1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {C6648A4A-2325-4EC5-8389-F95BC9653050} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {CDF1D276-082F-4EB3-A57F-6AB480EA70BF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {D11DBDDA-DE29-4B60-9524-A3F24A0B8A12} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D19978BD-7652-4EDD-8D4C-23145305BC57} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {D2F771ED-E696-4BBD-9835-63C12BAF5B60} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D48AFBA2-BD5D-41AC-9300-782890D22D6D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation) Task: {D5490638-A9B2-4201-8231-D91C1F028F94} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-08-24] (Microsoft Corporation) Task: {D5C3DB15-E551-44ED-B3EA-7360DE7552FA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-08-24] (Microsoft Corporation) Task: {D981C769-3BE9-4282-8A73-E7E6B2528161} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {E6238F6C-8523-446C-9449-9AC0224B60E3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {EBD4E9BA-5A46-4D9B-AE5F-EE33362535BB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F3F6DB1C-423B-43B6-A7B0-FAA4B93E46EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F83B2AE5-934C-4AC6-9991-F53C7130F2C8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {F9473D25-2EC2-43FE-BBBA-7CF1505A972C} - System32\Tasks\{40DA7EF0-E555-4377-8998-E0D6CD426A84} => pcalua.exe -a "L:\Current Affairs\Britannica\India and The World\starter.exe" -d "L:\Current Affairs\Britannica\India and The World" Task: {F9C36292-4D71-4FDF-A3BF-637A44F87825} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FA2503DE-AAEB-4E31-8564-1B201E12D9BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 13:55 - 2016-07-16 13:55 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-16 13:55 - 2016-07-16 13:55 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2013-06-08 20:49 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe 2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe 2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 00022016 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 01877504 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 01851904 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll 2013-12-21 11:15 - 2013-12-21 11:15 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\JNIInterface.dll 2013-12-21 11:15 - 2013-12-21 11:15 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ASFAPI.dll 2013-12-21 11:17 - 2013-12-21 11:17 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB_Manager.dll 2013-10-01 09:46 - 2013-10-01 09:46 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB.dll 2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll 2013-12-21 11:17 - 2013-12-21 11:17 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMS_Manager.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 00041472 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll 2016-08-26 10:22 - 2016-08-26 10:22 - 00640512 _____ () C:\Windows\Temp\sqlite-3.7.151-x86-sqlitejdbc.dll 2016-07-16 13:55 - 2016-07-16 13:55 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-07 00:13 - 2016-08-07 00:13 - 00679624 _____ () C:\Users\Samrat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll 2016-03-16 09:45 - 2016-08-24 10:20 - 08921800 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll 2016-07-16 13:55 - 2016-07-16 13:55 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-08-09 22:37 - 2016-08-02 10:02 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-08-09 22:36 - 2016-08-02 09:48 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-08-09 22:36 - 2016-08-02 09:41 - 01149440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-09 22:36 - 2016-08-02 09:40 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-08-09 22:36 - 2016-08-02 09:41 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-08-09 22:36 - 2016-08-02 09:41 - 01741824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-08-09 22:36 - 2016-08-02 09:42 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-08-09 22:36 - 2016-08-02 09:41 - 02514432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Signals.dll 2016-07-05 18:18 - 2016-07-05 18:18 - 00714992 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe 2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll 2016-06-02 16:59 - 2016-06-02 16:59 - 00654608 _____ () C:\Program Files\Real\RealPlayer\RPDS\Lib\r1api.dll 2016-08-25 10:09 - 2016-07-12 07:37 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd 2016-08-25 10:08 - 2016-07-12 07:37 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd 2016-08-25 10:08 - 2016-07-12 07:37 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd 2016-08-25 10:08 - 2016-07-12 07:37 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll 2016-08-25 10:09 - 2016-07-12 07:37 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd 2016-08-25 10:09 - 2016-07-12 07:37 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd 2016-08-25 10:09 - 2016-07-12 07:37 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-08-25 10:09 - 2016-07-12 07:37 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00021312 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00025424 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd 2016-08-25 10:08 - 2016-07-12 07:37 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll 2016-08-25 10:08 - 2016-07-12 07:39 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00114640 _____ () C:\Program Files\Dropbox\Client\win32security.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-08-25 10:09 - 2016-07-12 07:37 - 00144848 _____ () C:\Program Files\Dropbox\Client\_elementtree.pyd 2016-08-25 10:09 - 2016-07-12 07:38 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-08-25 10:08 - 2016-07-12 07:39 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll 2016-08-25 10:08 - 2016-08-24 04:47 - 00031568 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-08-25 10:08 - 2016-08-24 04:32 - 00293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll 2016-08-25 10:08 - 2016-08-24 04:47 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-08-25 10:08 - 2016-08-24 04:47 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd 2016-08-25 10:09 - 2016-07-12 07:37 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 03929392 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 01972016 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00132912 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00224056 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00020288 _____ () C:\Program Files\Dropbox\Client\winffi.user32._winffi_user32.pyd 2016-08-25 10:09 - 2016-07-12 07:39 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00037192 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-08-25 10:09 - 2016-08-24 04:47 - 00024904 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00168248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-08-25 10:08 - 2016-08-24 04:47 - 00042808 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-01-06 22:11 - 2016-01-06 22:11 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll 2016-06-02 17:01 - 2016-06-02 17:01 - 00096136 _____ () C:\Program Files\Real\RealPlayer\CrashRpt\CrashRpt1402.dll 2016-06-02 16:59 - 2016-06-02 16:59 - 00022800 _____ () C:\Program Files\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll 2016-08-13 07:59 - 2016-08-13 07:59 - 00061440 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x86__kzf8qxf38zg5c\SkypeHost.exe 2016-08-13 07:59 - 2016-08-13 07:59 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll 2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll 2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll 2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll 2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll 2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll 2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll 2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll 2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll 2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll 2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll 2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll 2016-08-09 22:36 - 2016-08-02 09:40 - 01146368 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.IntentExtraction.dll 2016-08-24 10:04 - 2016-08-24 10:05 - 00044032 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11607.1001.51.0_x86__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2016-08-09 22:36 - 2016-08-02 09:39 - 00093184 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll 2016-08-09 22:36 - 2016-08-02 09:39 - 00094720 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll 2016-08-09 22:36 - 2016-08-02 09:40 - 00379904 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll 2016-07-16 13:56 - 2016-07-16 15:48 - 00033792 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node 2016-07-16 13:55 - 2016-07-16 13:55 - 00185368 _____ () c:\windows\system32\WerEtw.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 07:34 - 2016-08-26 10:18 - 00000025 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0x00000000000000000000000000000000000000000000000000 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Samrat\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg DNS Servers: 123.176.37.66 - 202.53.8.9 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TVR Scheduler.lnk => C:\Windows\pss\TVR Scheduler.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: LGODDFU => "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot HKLM\...\StartupApproved\Run: => "EaseUS EPM tray" HKLM\...\StartupApproved\Run: => "HTC Sync Loader" HKLM\...\StartupApproved\Run: => "BlueStacks Agent" HKLM\...\StartupApproved\Run: => "Tencent" HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\StartupApproved\Run: => "RGSC" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{E6CB40F6-D1F7-4F65-9D74-00917E8F1DB0}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{550A3EA7-2400-477E-9D97-8EAF35912911}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{6FCB8EB5-E66A-4A18-9FAA-D60F3FF9B0A6}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{04D20ADE-CF8F-41A0-A12A-2C2F4602B41E}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{900D9413-0F2F-4621-89F6-71A21AD8D25F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{8B2DF7C4-0C05-4058-B20D-91DD85BE0059}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{0CA79857-6806-4586-88EF-66B0320AD626}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{1A47BDFB-C53D-435B-9D8D-F05A512786AA}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{EFDDF863-F616-4D01-B676-0F430F8D73F1}] => (Allow) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{E60DE42F-BD76-480C-9B9E-00F12C539E4E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [uDP Query User{FA8F15B1-370B-4AC7-8C2B-75E835665BDC}C:5\return to castle wolfenstein\wolfmp.exe] => (Allow) C:5\return to castle wolfenstein\wolfmp.exe FirewallRules: [TCP Query User{C8BCFC94-170E-4135-9EB4-1CFD266BCE80}C:5\return to castle wolfenstein\wolfmp.exe] => (Allow) C:5\return to castle wolfenstein\wolfmp.exe FirewallRules: [{F96FA6A1-010A-4756-BBC0-64C3D81107FA}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{A85BDF7E-7768-4114-A6CF-A6DCEBF53ADB}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C42EE036-E821-4647-A868-9D9EAA78FCDE}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F05009AC-8CD1-4E7E-A405-51FDCD280B1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{7213D2E3-3DED-43AE-869B-DC94AC2134C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F6183998-3F2C-489D-AFB1-B918BCA7D82C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{E6DAC240-F468-4884-9A43-1ECE6B0E915E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{73228A62-20C1-4F2A-9DB1-F473C1420F8C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{DFCF347E-EA51-4327-A3DD-6C054C4FFE25}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{AC918F41-410E-43EB-8D9D-2034A69C3395}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{EEE83C9E-73F6-4EC6-B8A3-5E6607E6FFF2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{A2AAA5C7-6E20-4F99-9C7D-6081C0E78BAD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{99B45793-75AD-46A2-9D7F-A49E1C46B14D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{209569D1-9F93-42D3-8A40-5E68411A29C8}] => (Allow) C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{874A2225-CA96-4548-9303-8920FBC06BB6}] => (Allow) LPort=1900 FirewallRules: [{A28BE716-47DB-4F36-82AB-6163CF91CA84}] => (Allow) LPort=7900 FirewallRules: [{0F286A75-12AD-4B16-934A-7EFF3E119B49}] => (Allow) LPort=24234 FirewallRules: [{FB64994D-266C-4107-9315-234E1B094FB0}] => (Allow) LPort=7679 FirewallRules: [{3D0BB31A-80DD-4BBC-A3B7-B1A849DF72A7}] => (Allow) LPort=7676 FirewallRules: [{382250AE-90FE-45BB-9991-981CF4239AD4}] => (Allow) LPort=8643 FirewallRules: [{0F234DE0-1E11-4E04-9314-DA7BDB7DA7A5}] => (Allow) LPort=8743 FirewallRules: [{EB51376B-9068-4F10-9CA3-41F374B9AB2C}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{ADDC5571-EBAF-4C75-B4B5-924007AC74ED}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{6D69D31A-0FE9-407A-9723-F030B552995D}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6B3F143A-0BC4-4C3D-B4D2-16795CC956B2}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E45B5A02-B251-41D3-B9F0-A2CC36AB6481}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1469F424-A49F-4057-80D7-7781525235BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CDE5E8B5-FE81-4570-9200-DB71B2646227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{F66D5336-3841-41A5-9713-B17D6D5B64E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{1450963B-60C8-41D6-A585-ABA38C85D444}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{A8E65E91-6F84-437D-AB3F-0067B257B3E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E107D98A-6CF0-44D2-B905-4076A2802824}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{6723F246-C472-4591-A02B-18443CA64751}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [uDP Query User{88F026A7-40CF-473F-A1BB-AEAC22007311}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe FirewallRules: [TCP Query User{71F5B673-A798-42F9-BA71-56D115022419}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe FirewallRules: [{52E8D2B5-2FFF-47F0-8E71-5C8F27E059B7}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{D936D009-0820-4529-979C-E7B41BFF8A38}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe FirewallRules: [{989501A5-5283-4E87-85FA-1007CEFDA5F2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{4C14FA24-1A45-48D3-B9BD-CD1FB5DBD5F3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{C7C3C4D7-612D-4575-B2C7-04BE5304A0A7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{E6B48F0D-093E-4F5D-BC41-33CB1209C5DB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{F1BBE1E1-5399-4389-96C0-1F1348942E5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{B202E51E-489D-4C39-9FE2-EBB729E49C1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{1275B1D3-8B1B-4649-95B3-9921AD80DDF1}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [uDP Query User{9773B2BA-A44A-4555-A920-A7E396294E69}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [{1C7308D7-60E3-4327-9F36-DC75D5AE98E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{2F165ACA-847B-4B00-A370-B3BA656311A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{55E792B1-DB6C-490C-B5CB-9FD99A2F3AE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{2AE96598-F7B1-463B-B5EA-A2F2F9728A78}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{65BE0C3C-A9C2-4D70-BD83-726020521830}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{16EFD293-F4A9-46A3-9660-E2E8369FB11F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{774EC355-6D8F-43CE-9A4E-6F3BC6C840FE}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{5C4705DB-EFD4-4000-966A-7CC4EA5D3F02}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{E37F0C23-BABE-46DA-B7A6-5208DBD0671F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{8E84FAC7-2888-4843-AB19-281C349E5BEE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{DE5AE55C-5E55-4AE4-89B0-E8E4FFE6F149}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C6623973-AEEB-4659-8557-0DE966C072E0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{04077DAD-7698-493D-9E93-5510157C0B44}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the driver
  3. Contd... 2016-08-06 23:00 - 2009-07-14 13:18 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-08-06 22:59 - 2016-07-16 13:59 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-08-06 22:59 - 2015-11-20 11:25 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-08-06 22:59 - 2009-07-14 10:22 - 00000000 ____D C:\Program Files\Microsoft Games 2016-08-06 22:55 - 2012-07-11 16:57 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Britannica 11.0 2016-08-06 22:50 - 2016-07-16 07:52 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-08-06 22:47 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-08-06 22:47 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-08-06 22:09 - 2012-04-04 21:49 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-08-06 21:41 - 2016-06-02 17:36 - 00000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-08-06 21:15 - 2011-10-08 18:54 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job 2016-08-06 20:05 - 2016-06-07 09:58 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-08-06 20:04 - 2012-02-28 13:41 - 00000932 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job 2016-08-06 19:28 - 2010-02-23 06:49 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Mozilla 2016-08-06 19:18 - 2016-06-02 17:36 - 00000912 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-08-06 17:04 - 2012-02-28 13:41 - 00000910 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job 2016-08-06 10:15 - 2011-10-08 18:54 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job 2016-08-05 19:53 - 2010-02-23 06:50 - 00000000 ____D C:\Program Files\Internet Download Manager 2016-08-03 19:30 - 2016-06-05 13:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-07-29 10:34 - 2014-01-08 21:46 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-28 00:55 - 2010-02-23 06:36 - 00406184 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe ==================== Files in the root of some directories ======= 2012-02-03 20:22 - 2012-02-03 20:26 - 0000166 _____ () C:\Users\Samrat\AppData\Roaming\PLGComp.ini 2016-05-09 20:43 - 2016-05-09 20:43 - 0000094 _____ () C:\Users\Samrat\AppData\Local\fusioncache.dat 2010-02-24 17:06 - 2010-05-02 20:45 - 0007597 _____ () C:\Users\Samrat\AppData\Local\Resmon.ResmonCfg 2012-01-19 20:28 - 2012-01-19 20:28 - 0017408 _____ () C:\Users\Samrat\AppData\Local\WebpageIcons.db 2011-08-16 20:26 - 2011-08-16 20:26 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0002]-[p08].bmp 2011-08-16 20:33 - 2011-08-16 20:33 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0003]-[p08].bmp 2011-08-16 20:51 - 2011-08-16 20:51 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0004]-[p08].bmp 2011-08-16 20:56 - 2011-08-16 20:56 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0005]-[p08].bmp 2016-08-06 22:45 - 2016-08-06 22:45 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2010-08-13 20:50 - 2016-05-06 09:32 - 0026001 _____ () C:\ProgramData\hpzinstall.log Files to move or delete: ==================== C:\Users\Samrat\reset.cmd ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-08-21 11:06 ==================== End of FRST.txt ============================
  4. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-08-2016 01 Ran by Samrat (administrator) on SAMRAT-PC (26-08-2016 10:32:24) Running from C:\Users\Samrat\Desktop Loaded Profiles: Samrat (Available Profiles: Samrat & UpdatusUser) Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (eVenture Limited) C:\Program Files\hide.me VPN\vpnsvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Google Inc.) C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe ( ) C:\Program Files\VJoy\VJoy.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow32.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe (eVenture Limited) C:\Program Files\hide.me VPN\Hide.me.exe (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x86__kzf8qxf38zg5c\SkypeHost.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7167.40727.0_x86__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe (Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [EaseUS EPM tray] => C:\Program Files\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\EpmNews.exe [2086984 2012-11-29] (CHENGDU YIWO Tech Development Co., Ltd) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [293768 2016-06-02] (RealNetworks, Inc.) HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] () HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23889496 2016-08-24] (Dropbox, Inc.) HKLM\...\Run: [samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [582888 2016-03-09] (Samsung Electronics Co.,Ltd) HKLM\...\Run: [sunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Facebook Update] => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Google Update] => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [ApacheTomcatMonitor7.0_Tomcat7] => C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe [102400 2011-09-28] (Apache Software Foundation) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [iDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3952696 2016-08-03] (Tonec Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [uTorrent] => C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe [1972224 2016-08-09] (BitTorrent Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [VJoy] => C:\Program Files\VJoy\VJoy.exe [122880 2012-10-15] ( ) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-02] (Piriform Ltd) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.42.dll [2016-08-24] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-06-02] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-12-18] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2015-12-18] ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-06-02] ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-06-02] ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-06-02] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) Startup: C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2016-08-26] ShortcutTarget: hide.me VPN.lnk -> C:\Program Files\hide.me VPN\Hide.me.exe (eVenture Limited) Startup: C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Seagate Product Registration.lnk [2016-08-15] ShortcutTarget: Seagate Product Registration.lnk -> C:\Users\Samrat\AppData\Roaming\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 0x00000000000000000000000000000000000000000000000000 Tcpip\Parameters: [DhcpNameServer] 123.176.37.66 202.53.8.9 Tcpip\..\Interfaces\{2BCE7521-3D61-409B-B602-8E39A5D8E050}: [DhcpNameServer] 95.211.171.160 95.211.171.161 Tcpip\..\Interfaces\{90A6345F-988F-4616-BE2D-D69421BA1614}: [DhcpNameServer] 95.211.171.160 95.211.171.161 Tcpip\..\Interfaces\{B12DBCDF-CD54-47CF-8F2B-AAF20402D821}: [DhcpNameServer] 95.211.101.197 95.211.101.198 Tcpip\..\Interfaces\{ebd637a9-9c05-4add-a4f0-fc6d4b516199}: [DhcpNameServer] 123.176.37.66 202.53.8.9 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3559879560-2752497012-24936758-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3559879560-2752497012-24936758-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3559879560-2752497012-24936758-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-08-24] (Microsoft Corporation) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-24] (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-24] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-24] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-24] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-24] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984 FF NewTab: about:newtab FF Homepage: about:home FF Session Restore: -> is enabled. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin: @alternatiff.com/AlternaTIFF -> C:\Program Files\MIE\AlternaTIFF\npzzatif.dll [2013-08-14] (Medical Informatics Engineering, Inc.) FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-24] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-24] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation) FF Plugin: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2016-06-02] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-06-02] (RealPlayer) FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Samrat\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @talk.google.com/O1DPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-06-08] FF Extension: (leethax.net extension) - C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984\Extensions\leethax@leethax.net.xpi [2016-08-24] FF Extension: (Skype) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-08] [not signed] FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 [2016-08-03] [not signed] FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi Chrome: ======= CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-06-09] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed] R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2138824 2016-08-11] (Microsoft Corporation) S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-02] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-02] (Dropbox, Inc.) R2 hmevpnsvc; C:\Program Files\hide.me VPN\vpnsvc.exe [192720 2016-07-21] (eVenture Limited) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (Lenovo) R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [773968 2014-01-27] (Nero AG) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14574368 2013-09-20] (NVIDIA Corporation) R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] U2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1115736 2015-08-30] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] () S2 RealTimes Desktop Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1115736 2015-08-30] (RealNetworks, Inc.) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [589544 2016-03-09] (Samsung Electronics Co.,Ltd) S3 ShareItSvc; C:\Program Files\Lenovo\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-22] (TeamViewer GmbH) S2 Tomcat7; C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [74752 2011-09-28] (Apache Software Foundation) [File not signed] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 3xHybrid; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [1141888 2010-12-01] (NXP Semiconductors Germany GmbH) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.) R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows ® Win 7 DDK provider) R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows ® Win 7 DDK provider) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [14216 2011-07-29] () [File not signed] S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-07-29] () [File not signed] S3 gdrv; C:\Windows\gdrv.sys [16608 2010-02-23] (Windows ® 2000 DDK provider) S3 ivusb; C:\WINDOWS\System32\drivers\ivusb.sys [25112 2010-07-29] (Initio Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] () R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation) R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) R3 vhidmini; C:\WINDOWS\System32\drivers\vjoy.sys [13112 2013-04-18] (Headsoft) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation) R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-26 10:32 - 2016-08-26 10:33 - 00028152 _____ C:\Users\Samrat\Desktop\FRST.txt 2016-08-26 10:32 - 2016-08-26 10:32 - 00000000 ____D C:\Users\Samrat\Desktop\FRST-OlderVersion 2016-08-26 10:24 - 2016-08-26 10:24 - 00000000 ____D C:\Users\Samrat\AppData\Local\CrashRpt 2016-08-26 10:24 - 2016-08-26 10:24 - 00000000 ____D C:\ProgramData\IDM 2016-08-26 10:10 - 2016-08-26 09:08 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2016-08-26 09:07 - 2016-08-26 09:07 - 00000000 ___HD C:\OneDriveTemp 2016-08-25 10:09 - 2016-08-25 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-08-25 09:32 - 2016-08-25 13:18 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-08-25 08:55 - 2016-08-26 10:24 - 00000000 ____D C:\Users\Samrat\AppData\LocalLow\uTorrent 2016-08-24 19:34 - 2016-08-24 20:19 - 00000000 ____D C:\zoek_backup 2016-08-24 19:33 - 2016-08-24 19:33 - 01309184 _____ C:\Users\Samrat\Desktop\zoek.exe 2016-08-24 10:44 - 2016-08-24 10:44 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-08-23 22:16 - 2016-08-26 10:32 - 00000000 ____D C:\FRST 2016-08-23 22:15 - 2016-08-26 10:32 - 01746432 _____ (Farbar) C:\Users\Samrat\Desktop\FRST.exe 2016-08-23 22:11 - 2016-08-23 22:11 - 00002904 _____ C:\mbb.txt 2016-08-22 20:47 - 2016-08-22 20:57 - 00000000 ____D C:\Users\Samrat\AppData\Local\MalwareProtectionLive 2016-08-22 20:46 - 2016-08-22 20:53 - 00000000 ____D C:\Users\Samrat\Documents\Vuze Downloads 2016-08-22 20:45 - 2016-08-22 20:55 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Azureus 2016-08-19 14:49 - 2016-08-19 14:49 - 00002072 _____ C:\Users\Public\Desktop\ExtremeCopy Pro.lnk 2016-08-19 14:49 - 2016-08-19 14:49 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\ExtremeCopy 2016-08-19 14:49 - 2016-08-19 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExtremeCopy 2016-08-19 14:49 - 2016-08-19 14:49 - 00000000 ____D C:\Program Files\Easersoft 2016-08-19 14:40 - 2016-08-19 14:40 - 01591923 _____ C:\Users\Samrat\Documents\ssccgl.pdf 2016-08-16 18:39 - 2016-08-23 18:08 - 00353560 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-08-09 22:37 - 2016-08-02 10:32 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-09 22:37 - 2016-08-02 10:26 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-09 22:37 - 2016-08-02 10:25 - 00520200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-09 22:37 - 2016-08-02 10:21 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-09 22:37 - 2016-08-02 10:17 - 00127168 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-09 22:37 - 2016-08-02 10:17 - 00094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2016-08-09 22:37 - 2016-08-02 10:09 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-08-09 22:37 - 2016-08-02 10:07 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-08-09 22:37 - 2016-08-02 10:07 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-08-09 22:37 - 2016-08-02 10:01 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-08-09 22:37 - 2016-08-02 10:00 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-09 22:37 - 2016-08-02 09:58 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-08-09 22:37 - 2016-08-02 09:57 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-08-09 22:37 - 2016-08-02 09:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-08-09 22:37 - 2016-08-02 09:56 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-08-09 22:37 - 2016-08-02 09:55 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-08-09 22:37 - 2016-08-02 09:55 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-09 22:37 - 2016-08-02 09:53 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-08-09 22:37 - 2016-08-02 09:47 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-08-09 22:37 - 2016-08-02 09:46 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-09 22:37 - 2016-08-02 09:43 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-09 22:37 - 2016-08-02 09:43 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-09 22:37 - 2016-08-02 09:43 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-09 22:37 - 2016-08-02 09:43 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-08-09 22:37 - 2016-08-02 09:42 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-09 22:37 - 2016-08-02 09:39 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-08-09 22:36 - 2016-08-02 10:20 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-08-09 22:36 - 2016-08-02 10:06 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-08-09 22:36 - 2016-08-02 10:03 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-08-09 22:36 - 2016-08-02 09:58 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-09 22:36 - 2016-08-02 09:56 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-09 22:36 - 2016-08-02 09:56 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-08-07 12:10 - 2016-08-14 12:24 - 00000000 ___DC C:\WINDOWS\Panther 2016-08-07 12:04 - 2016-08-16 13:15 - 00000000 ____D C:\Windows.old 2016-08-07 12:04 - 2016-08-07 12:04 - 01898848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 01344992 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 01343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00551776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00054624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 00000000 ____D C:\Program Files\CMAK 2016-08-07 12:01 - 2016-08-07 12:01 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-08-07 11:57 - 2016-08-07 11:57 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-08-07 11:57 - 2016-08-07 11:57 - 00000000 ____D C:\Program Files\MSBuild 2016-08-07 11:56 - 2016-05-26 00:33 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-08-07 11:56 - 2016-05-26 00:33 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-08-07 11:56 - 2016-05-26 00:33 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-08-07 00:01 - 2016-08-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-08-06 23:59 - 2016-08-06 23:59 - 00001047 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk 2016-08-06 23:55 - 2016-08-07 06:37 - 00000000 ____D C:\Users\Samrat\AppData\Local\ConnectedDevicesPlatform 2016-08-06 23:55 - 2016-08-06 23:55 - 00000020 ___SH C:\Users\Samrat\ntuser.ini 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\My Documents 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\Documents\My Videos 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\Documents\My Music 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default User\Documents\My Music 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 ____D C:\ProgramData\USOShared 2016-08-06 23:42 - 2016-08-06 23:46 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2016-08-06 23:42 - 2016-08-06 23:46 - 00011433 _____ C:\WINDOWS\diagerr.xml 2016-08-06 23:30 - 2016-08-26 10:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-06 23:15 - 2016-08-06 23:15 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2016-08-06 23:10 - 2016-08-06 23:10 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\RealNetworks 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\RealNetworks 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2016-08-06 22:59 - 2016-08-06 22:59 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2016-08-06 22:58 - 2016-08-06 23:12 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-08-06 22:51 - 2016-08-25 23:19 - 00000000 ____D C:\Users\Samrat 2016-08-06 22:51 - 2016-08-23 21:29 - 00000000 ____D C:\Users\UpdatusUser 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\My Documents 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Videos 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Pictures 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Music 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\My Documents 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\Documents\My Videos 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\Documents\My Pictures 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\Documents\My Music 2016-08-06 22:46 - 2016-08-06 23:12 - 00000000 ____D C:\ProgramData\HP 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____D C:\WINDOWS\system32\RTCOM 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____D C:\WINDOWS\system32\DAX2 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____D C:\Program Files\Realtek 2016-08-06 22:43 - 2016-08-25 23:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-08-06 22:43 - 2016-08-06 22:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-08-06 19:59 - 2016-08-06 19:59 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-SAMRAT-PC-Windows-10-Pro-(32-bit).dat 2016-08-06 17:40 - 2016-08-06 17:40 - 00000000 ____D C:\Program Files\Tweaking.com 2016-08-06 15:59 - 2016-08-06 21:39 - 00000036 _____ C:\WINDOWS\progress.ini 2016-08-06 15:36 - 2016-08-06 23:54 - 00000000 ___HD C:\$GetCurrent 2016-08-06 15:22 - 2016-08-06 23:55 - 00000000 ____D C:\Windows10Upgrade 2016-08-06 15:22 - 2016-08-06 21:16 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk 2016-08-06 15:22 - 2016-08-06 21:16 - 00000719 _____ C:\Users\Samrat\Desktop\Windows 10 Upgrade Assistant.lnk 2016-08-06 14:42 - 2016-08-06 14:42 - 00000000 ____D C:\Program Files\Windows Resource Kits 2016-08-06 14:40 - 2016-08-06 14:40 - 00001122 _____ C:\Users\Samrat\reset.cmd 2016-08-06 13:36 - 2016-08-06 13:36 - 00000000 ____D C:\Users\Samrat\Documents\CCleaner Reg 2016-08-05 22:41 - 2016-08-06 22:55 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-08-05 22:41 - 2016-08-05 22:41 - 00002282 _____ C:\Users\Samrat\Desktop\WhatsApp.lnk 2016-08-05 22:40 - 2016-08-05 22:41 - 00000000 ____D C:\Users\Samrat\AppData\Local\WhatsApp 2016-08-05 22:40 - 2016-08-05 22:41 - 00000000 ____D C:\Users\Samrat\AppData\Local\SquirrelTemp 2016-08-03 20:19 - 2016-08-03 20:19 - 00001048 _____ C:\Users\Samrat\Desktop\Internet Download Manager.lnk 2016-08-01 11:46 - 2016-08-03 22:27 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy 2016-08-01 11:40 - 2016-08-03 22:35 - 00000000 ____D C:\ProgramData\VMware 2016-08-01 11:30 - 2016-08-03 22:35 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Andy 2016-07-28 20:12 - 2016-07-28 20:07 - 00134248 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-26 10:34 - 2010-12-25 10:17 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\uTorrent 2016-08-26 10:28 - 2014-05-29 15:15 - 00000000 ___RD C:\Users\Samrat\Dropbox 2016-08-26 10:27 - 2015-08-07 14:01 - 00000000 ___RD C:\Users\Samrat\OneDrive 2016-08-26 10:25 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-26 10:25 - 2010-02-23 06:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\DMCache 2016-08-26 10:22 - 2015-11-20 11:25 - 00000000 ____D C:\ProgramData\NVIDIA 2016-08-26 10:20 - 2016-07-16 07:52 - 01572864 _____ C:\WINDOWS\system32\config\BBI 2016-08-26 10:12 - 2016-07-16 13:59 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-26 10:05 - 2011-02-02 18:55 - 00000000 ____D C:\Users\Samrat\AppData\Local\Google 2016-08-26 09:25 - 2010-02-23 07:51 - 00000000 ____D C:\Program Files\Microsoft Office 2016-08-25 23:19 - 2012-02-22 19:36 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\vlc 2016-08-25 22:06 - 2016-06-02 19:45 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Hide.me 2016-08-25 13:18 - 2013-02-01 11:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-08-25 10:09 - 2016-06-02 17:36 - 00000000 ____D C:\Program Files\Dropbox 2016-08-25 10:03 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-24 19:12 - 2011-05-15 10:16 - 00000000 ____D C:\Users\Samrat\AppData\LocalLow\Temp 2016-08-24 18:57 - 2012-12-12 09:31 - 00000000 ____D C:\Users\Samrat\AppData\Local\Packages 2016-08-24 10:45 - 2016-07-16 13:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-08-24 10:44 - 2016-07-16 13:59 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-08-23 22:10 - 2016-06-07 09:59 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-08-23 20:11 - 2016-04-09 12:03 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-08-23 20:11 - 2011-01-23 22:49 - 00000000 ____D C:\Program Files\TeamViewer 2016-08-23 20:10 - 2011-01-23 22:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\TeamViewer 2016-08-23 19:05 - 2013-11-19 09:58 - 00000000 ____D C:\Users\Samrat\Downloads\Video 2016-08-23 09:41 - 2013-11-19 09:58 - 00000000 ____D C:\Users\Samrat\Downloads\Compressed 2016-08-20 09:50 - 2014-05-01 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-08-16 17:00 - 2010-02-27 14:40 - 00000000 ____D C:\Users\Samrat\AppData\Local\ElevatedDiagnostics 2016-08-16 16:13 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\rescache 2016-08-13 21:03 - 2010-02-23 06:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\IDM 2016-08-13 20:52 - 2016-07-16 13:58 - 00000000 ____D C:\WINDOWS\INF 2016-08-13 19:59 - 2015-03-09 13:56 - 00000000 ____D C:\Users\Samrat\Downloads\Shareit 2016-08-13 11:23 - 2011-08-14 20:47 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Skype 2016-08-13 07:50 - 2012-12-12 12:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\es-MX 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-08-12 08:40 - 2013-08-18 09:58 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-12 08:26 - 2012-12-15 07:32 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-08 23:12 - 2015-08-07 13:26 - 00890990 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-07 12:10 - 2016-07-16 14:01 - 00000000 ____D C:\WINDOWS\Setup 2016-08-07 12:10 - 2016-07-16 14:00 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-08-07 11:57 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\System 2016-08-07 11:57 - 2016-07-16 13:56 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\winhelp.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\system32\lanman.drv 2016-08-07 11:57 - 2016-07-16 13:56 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplayx.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00177856 _____ (Microsoft Corporation) C:\WINDOWS\system32\typelib.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00169520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole2disp.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00153008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole2nls.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00127213 _____ C:\WINDOWS\system32\ega.cpi 2016-08-07 11:57 - 2016-07-16 13:56 - 00108464 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00092320 _____ (Microsoft Corporation) C:\WINDOWS\system32\krnl386.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\olecli.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system\olecli.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00069886 _____ C:\WINDOWS\system32\edit.com 2016-08-07 11:57 - 2016-07-16 13:56 - 00068992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMSYSTEM.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00068992 _____ (Microsoft Corporation) C:\WINDOWS\system\MMSYSTEM.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\graftabl.com 2016-08-07 11:57 - 2016-07-16 13:56 - 00053600 _____ C:\WINDOWS\system32\dosx.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00050648 _____ C:\WINDOWS\system32\COMMAND.COM 2016-08-07 11:57 - 2016-07-16 13:56 - 00047840 _____ (Microsoft Corporation) C:\WINDOWS\system32\USER.EXE 2016-08-07 11:57 - 2016-07-16 13:56 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpwsockx.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmspl.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00042809 _____ C:\WINDOWS\system32\KEY01.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00042592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole2.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00042537 _____ C:\WINDOWS\system32\KEYBOARD.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDEML.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00039274 _____ C:\WINDOWS\system32\mem.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00035776 _____ C:\WINDOWS\system32\NTIO411.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00035552 _____ C:\WINDOWS\system32\NTIO412.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00034688 _____ C:\WINDOWS\system32\NTIO804.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00034688 _____ C:\WINDOWS\system32\NTIO404.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00033968 _____ C:\WINDOWS\system32\NTIO.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\COMMDLG.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00032816 _____ (Microsoft Corporation) C:\WINDOWS\system\COMMDLG.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00029370 _____ C:\WINDOWS\system32\NTDOS411.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00029274 _____ C:\WINDOWS\system32\NTDOS412.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00029146 _____ C:\WINDOWS\system32\NTDOS804.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00029146 _____ C:\WINDOWS\system32\NTDOS404.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00028420 _____ C:\WINDOWS\system32\bios1.rom 2016-08-07 11:57 - 2016-07-16 13:56 - 00028112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DRWATSON.EXE 2016-08-07 11:57 - 2016-07-16 13:56 - 00027866 _____ C:\WINDOWS\system32\NTDOS.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00027792 _____ (Microsoft Corporation) C:\WINDOWS\system32\compobj.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00027200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ctl3dv2.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00027097 _____ C:\WINDOWS\system32\country.sys 2016-08-07 11:57 - 2016-07-16 13:56 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpmodemx.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\GDI.EXE 2016-08-07 11:57 - 2016-07-16 13:56 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLESVR.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system\OLESVR.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdmredir.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00021232 _____ C:\WINDOWS\system32\graphics.pro 2016-08-07 11:57 - 2016-07-16 13:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplaysvr.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00020634 _____ C:\WINDOWS\system32\debug.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00019694 _____ C:\WINDOWS\system32\GRAPHICS.COM 2016-08-07 11:57 - 2016-07-16 13:56 - 00018896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysedit.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00018832 _____ C:\WINDOWS\system32\v7vga.rom 2016-08-07 11:57 - 2016-07-16 13:56 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdmd.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00014710 _____ C:\WINDOWS\system32\KB16.COM 2016-08-07 11:57 - 2016-07-16 13:56 - 00013888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TOOLHELP.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00013312 _____ C:\WINDOWS\system32\win87em.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00012704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFWNET.DRV 2016-08-07 11:57 - 2016-07-16 13:56 - 00012704 _____ (Microsoft Corporation) C:\WINDOWS\system\WFWNET.DRV 2016-08-07 11:57 - 2016-07-16 13:56 - 00012642 _____ C:\WINDOWS\system32\edlin.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00012498 _____ C:\WINDOWS\system32\append.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00011753 _____ C:\WINDOWS\system32\setver.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00010790 _____ C:\WINDOWS\system32\EDIT.HLP 2016-08-07 11:57 - 2016-07-16 13:56 - 00010544 _____ (Microsoft Corporation) C:\WINDOWS\system32\COMM.drv 2016-08-07 11:57 - 2016-07-16 13:56 - 00009936 _____ (Microsoft Corporation) C:\WINDOWS\system32\lzexpand.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00009936 _____ (Microsoft Corporation) C:\WINDOWS\system\lzexpand.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WIFEMAN.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00009029 _____ C:\WINDOWS\system32\ANSI.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00009008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ver.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00009008 _____ (Microsoft Corporation) C:\WINDOWS\system\ver.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00008424 _____ C:\WINDOWS\system32\exe2bin.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00008191 _____ C:\WINDOWS\system32\bios4.rom 2016-08-07 11:57 - 2016-07-16 13:56 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win.com 2016-08-07 11:57 - 2016-07-16 13:56 - 00007052 _____ C:\WINDOWS\system32\nlsfunc.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00005532 _____ (Microsoft Corporation) C:\WINDOWS\system\stdole.tlb 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WINNLS.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHELL.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system\SHELL.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00004768 _____ C:\WINDOWS\system32\HIMEM.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00004208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storage.dll 2016-08-07 06:38 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\appcompat 2016-08-07 00:18 - 2015-08-07 14:19 - 00002405 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-07 00:08 - 2016-07-16 13:59 - 00000000 __RHD C:\Users\Public\Libraries 2016-08-06 23:47 - 2016-07-16 13:59 - 00000000 ____D C:\ProgramData\USOPrivate 2016-08-06 23:47 - 2016-07-16 07:52 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-08-06 23:42 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\Registration 2016-08-06 23:41 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-08-06 23:41 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2016-08-06 23:31 - 2012-12-12 09:24 - 00021412 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-08-06 23:30 - 2014-01-08 21:46 - 00000910 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-06 23:29 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\Media 2016-08-06 23:13 - 2016-07-16 13:59 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-08-06 23:13 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-08-06 23:13 - 2016-06-07 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters 2016-08-06 23:13 - 2016-06-07 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dtv.at Stereoscopic Player 2016-08-06 23:13 - 2016-06-02 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN 2016-08-06 23:13 - 2016-06-02 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com 2016-08-06 23:13 - 2016-06-02 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-08-06 23:13 - 2016-06-02 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5 2016-08-06 23:13 - 2016-06-02 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks 2016-08-06 23:13 - 2016-04-04 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VJoy 2016-08-06 23:13 - 2015-10-19 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker 2016-08-06 23:13 - 2015-09-25 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2016-08-06 23:13 - 2015-05-26 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView 2016-08-06 23:13 - 2014-12-06 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-08-06 23:13 - 2014-11-04 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.1.1 Home Edition 2016-08-06 23:13 - 2014-10-19 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-08-06 23:13 - 2014-07-29 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-08-06 23:13 - 2014-04-13 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center 2016-08-06 23:13 - 2013-06-20 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7 2016-08-06 23:13 - 2013-01-26 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2016-08-06 23:13 - 2012-11-08 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-08-06 23:13 - 2012-03-11 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSIM 9.0.3 (softkey time-limited) 2016-08-06 23:13 - 2011-10-08 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulzer USB2.0 UVC PC Camera 2016-08-06 23:13 - 2011-10-04 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy 2016-08-06 23:13 - 2011-09-21 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-08-06 23:13 - 2010-08-19 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech TVR 2.5 2016-08-06 23:13 - 2010-08-13 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-08-06 23:13 - 2010-02-23 06:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG ODD Auto Firmware Update 2016-08-06 23:13 - 2010-02-23 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials 2016-08-06 23:13 - 2010-02-23 06:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2016-08-06 23:12 - 2014-12-06 11:24 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-08-06 23:12 - 2014-10-14 15:59 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2016-08-06 23:10 - 2015-10-30 10:43 - 00000000 ____D C:\Users\Default.migrated 2016-08-06 23:03 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\spool 2016-08-06 23:03 - 2013-08-22 13:47 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2016-08-06 23:03 - 2013-08-22 13:47 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2016-08-06 23:03 - 2013-01-26 13:18 - 00000000 ____D C:\WINDOWS\system32\xlive 2016-08-06 23:03 - 2012-01-07 10:17 - 00000000 ____D C:\WINDOWS\system32\SPReview 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\IME 2016-08-06 23:02 - 2016-05-18 16:39 - 00000000 ____D C:\WINDOWS\system32\msv 2016-08-06 23:02 - 2012-01-07 10:14 - 00000000 ____D C:\WINDOWS\system32\EventProviders 2016-08-06 23:02 - 2010-02-25 12:44 - 00000000 ____D C:\WINDOWS\system32\Lang 2016-08-06 23:01 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\schemas 2016-08-06 23:01 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-08-06 23:01 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-08-06 23:01 - 2013-05-24 08:04 - 00000000 ____D C:\WINDOWS\system32\%Report% 2016-08-06 23:01 - 2010-11-16 09:32 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-08-06 23:00 - 2016-07-23 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit 2016-08-06 23:00 - 2016-07-23 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-08-06 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\InputMethod 2016-08-06 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\Help 2016-08-06 23:00 - 2016-06-02 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-08-06 23:00 - 2013-12-31 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016-08-06 23:00 - 2013-11-21 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2016-08-06 23:00 - 2011-05-17 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2016-08-06 23:00 - 2010-12-23 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB 2016-08-06 23:
  5. Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Samrat on 26-Aug-16 at 9:09:45.97. Microsoft Windows 10 Pro 10.0.14393 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Samrat\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2016-08-24-145613.log 5761 bytes ==== System Restore Info ====================== 26-Aug-16 9:26:26 AM Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\IDM deleted successfully C:\Users\UpdatusUser\AppData\LocalLow deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sense deleted successfully ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Users\Samrat\AppData\Local\CrashRpt deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08-Nov-12 12:14 PM] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "mozilla_cc2@internetdownloadmanager.com"="C:\Program Files\Internet Download Manager\idmmzcc2.xpi" [08-Jun-16 02:47 PM] ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Samrat\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ngpampappnmepgilojfohadhhmbhlaek - C:\Program Files\Internet Download Manager\IDMGCExt.crx[09-Jun-16 10:18 PM] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{052FF931-BCCB-47C9-B0F6-8A88D1789BFB}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{052FF931-BCCB-47C9-B0F6-8A88D1789BFB}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar deleted successfully ==== Empty IE Cache ====================== C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Samrat\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Samrat\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Samrat\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Samrat\AppData\Local\Microsoft\Windows\INetCache\Low\IE\04XCY1ZM will be deleted at reboot C:\Users\Samrat\AppData\Local\Microsoft\Windows\INetCache\Low\IE\9909KB50 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Samrat\AppData\Local\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=61 folders=40 41810817 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Samrat\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Samrat\AppData\Local\Microsoft\Windows\INetCache\Low\IE\04XCY1ZM" not found "C:\Users\Samrat\AppData\Local\Microsoft\Windows\INetCache\Low\IE\9909KB50" not found ==== EOF on 26-Aug-16 at 10:23:26.34 ======================
  6. Zoek strucks at firefox extension Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Samrat on 24-Aug-16 at 19:35:06.49. Microsoft Windows 10 Pro 10.0.14393 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Samrat\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== ==== Empty Folders Check ====================== C:\PROGRA~2\Comms deleted successfully C:\PROGRA~2\IDM deleted successfully C:\PROGRA~2\SoftwareDistribution deleted successfully C:\PROGRA~2\WinZipEC deleted successfully C:\Users\UpdatusUser\AppData\LocalLow deleted successfully C:\Users\Samrat\AppData\Local\ActiveSync deleted successfully C:\Users\Samrat\AppData\Local\CrashDumps deleted successfully C:\Users\Samrat\AppData\Local\Downloaded Installations deleted successfully C:\Users\Samrat\AppData\Local\GMail Drive deleted successfully C:\Users\Samrat\AppData\Local\PackageStaging deleted successfully C:\Users\Samrat\AppData\Local\PeerDistRepub deleted successfully C:\Users\Samrat\AppData\Local\Skype deleted successfully C:\Users\Samrat\AppData\Local\WinZip Courier deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3559879560-2752497012-24936758-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.search.defaultenginename", "Yahoo!"); user_pref("browser.search.selectedEngine", "Yahoo!"); user_pref("keyword.URL", "https://in.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p="); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\uiyrbsa7.default-1391762422109\prefs.js: user_pref("browser.startup.homepage", "https://in.search.yahoo.com/?type=994519&fr=spigot-yhp-ff"); Added to C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\uiyrbsa7.default-1391762422109\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984 user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs__0819_.backup ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\uiyrbsa7.default-1391762422109 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs__0819_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Users\Samrat\AppData\Roaming\WhatsApp deleted C:\PROGRA~2\DivX deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\Package Cache deleted C:\Users\Samrat\AppData\Local\BITCF96.tmp deleted C:\Users\Samrat\AppData\Local\CrashRpt deleted C:\WINDOWS\system32\tasks\WinZipBackGroundToolsTask deleted C:\Users\Samrat\Documents\Add-in Express deleted C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984\Yahoo Inc deleted "C:\Users\Samrat\AppData\Local\{6305256B-BCF6-4DD2-B137-55712A815986}" deleted "C:\Users\Samrat\AppData\Local\{A400CBF9-5EF9-4941-8A76-9D3A8A48CB5C}" deleted "C:\Users\Samrat\AppData\Local\{C694F4E2-DF7E-4D74-81F8-5733C851E2EF}" deleted "C:\Users\Samrat\AppData\Local\{FC0AAF47-B169-4AE6-B457-3195258451D1}" deleted "C:\Users\Samrat\AppData\Roaming\Common" deleted "C:\Users\Samrat\AppData\Roaming\MPC-HC" deleted "C:\Users\Samrat\AppData\Roaming\VMware" deleted "C:\Program Files\Windows Defender Advanced Threat Protection" deleted "C:\Program Files\Windows Defender Advanced Threat Protection" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984 user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\uiyrbsa7.default-1391762422109 user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08-Nov-12 12:14 PM] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "mozilla_cc2@internetdownloadmanager.com"="C:\Program Files\Internet Download Manager\idmmzcc2.xpi" [08-Jun-16 02:47 PM]
  7. Fix result of Farbar Recovery Scan Tool (x86) Version: 21-08-2016 01 Ran by Samrat (24-08-2016 19:09:19) Run:1 Running from C:\Users\Samrat\Downloads\Programs Loaded Profiles: Samrat (Available Profiles: Samrat & UpdatusUser) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: EmptyTemp: CloseProcesses: BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File CHR HKLM\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx Task: {F3F491DB-2181-45DF-8C3C-BFBA6852CA0B} - System32\Tasks\Origin => C:\Users\Samrat\AppData\Roaming\Origin\update.vbe <==== ATTENTION C:\Users\Samrat\AppData\Roaming\Origin\update.vbe End ***************** Restore point was successfully created. Processes closed successfully. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}" => key removed successfully. HKCR\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} => key not found. "HKLM\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe" => key removed successfully. "HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\Google\Chrome\Extensions\hegneaniplmfjcmohoclabblbahcbjoe" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F3F491DB-2181-45DF-8C3C-BFBA6852CA0B}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3F491DB-2181-45DF-8C3C-BFBA6852CA0B}" => key removed successfully. C:\Windows\System32\Tasks\Origin => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Origin" => key removed successfully. "C:\Users\Samrat\AppData\Roaming\Origin\update.vbe" => not found. =========== EmptyTemp: ========== BITS transfer queue => 32768 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45468986 B Java, Flash, Steam htmlcache => 3158 B Windows/system/drivers => 23056299 B Edge => 9030230 B Chrome => 0 B Firefox => 389475090 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B LocalService => 874 B NetworkService => 116776 B Samrat => 25524507 B UpdatusUser => 0 B RecycleBin => 0 B EmptyTemp: => 469.9 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 19:12:49 ====
  8. Addition.txt Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-08-2016 01 Ran by Samrat (23-08-2016 22:19:33) Running from C:\Users\Samrat\Downloads\Programs Microsoft Windows 10 Pro Version 1607 (X86) (2016-08-06 18:24:45) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3559879560-2752497012-24936758-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3559879560-2752497012-24936758-503 - Limited - Disabled) Guest (S-1-5-21-3559879560-2752497012-24936758-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3559879560-2752497012-24936758-1002 - Limited - Enabled) Samrat (S-1-5-21-3559879560-2752497012-24936758-1001 - Administrator - Enabled) => C:\Users\Samrat UpdatusUser (S-1-5-21-3559879560-2752497012-24936758-1004 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated) Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated) Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung) Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version: - ) ASUS nVidia Driver (Version: 1.00.0000 - ASUSTek) Hidden Bing Bar (HKLM\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation) Bing Bar (HKLM\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation) BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden Bulzer USB2.0 UVC PC Camera (HKLM\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform) Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.3019 - CyberLink Corp.) Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden DiskMax 5.11 (HKLM\...\DiskMax) (Version: 5.11 - KoshyJohn.com) DJ_AIO_06_F2400_SW_Min (Version: 140.0.851.000 - Hewlett-Packard) Hidden Dropbox (HKLM\...\Dropbox) (Version: 8.4.19 - Dropbox, Inc.) Dropbox Update Helper (Version: 1.3.43.1 - Dropbox, Inc.) Hidden EaseUS Partition Master 9.1.1 Home Edition (HKLM\...\EaseUS Partition Master Home Edition_is1) (Version: - EaseUS) ExtremeCopy (HKLM\...\{9B4091A4-9556-402F-B703-31C203BDE889}) (Version: 2.3.4 - Easersoft) F2400 (Version: 140.0.851.000 - Hewlett-Packard) Hidden Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - ) GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden Google Drive (HKLM\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.) Google Earth Pro (HKLM\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden GoToMeeting 5.7.0.1172 (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline) GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden hide.me VPN 1.2.6 (HKLM\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.2.6 - eVenture Limited) honestechTVR2.5 (HKLM\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech) honestechTVR2.5 (Version: 2.5 - honestech) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation) Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.) IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) K-Lite Mega Codec Pack 12.1.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.1.5 - KLCP) LAV Filters 0.66 (HKLM\...\lavfilters_is1) (Version: 0.66 - Hendrik Leppkes) LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden Metric Collection SDK 35 (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7070.2033 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 48.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 48.0.1 (x86 en-US)) (Version: 48.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 48.0.1.6073 - Mozilla) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nero 7 Essentials (HKLM\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1033}) (Version: 7.03.1303 - Nero AG) Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG) Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG) Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia) NVIDIA 3D Vision Controller Driver 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation) NVIDIA 3D Vision Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation) NVIDIA GeForce Experience 1.6.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1.2 - NVIDIA Corporation) NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (Version: 16.0.7030.1021 - Microsoft Corporation) Hidden PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PSIM 9.0.3 (HKLM\...\{98D13EC5-0C60-48eb-A7FA-1B0008EC4C2D}) (Version: 9.0.3 - Powersim) QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden RAR Password Unlocker (HKLM\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.) RealDownloader (Version: 18.1.4.137 - RealNetworks, Inc.) Hidden RealDownloader (Version: 18.1.4.144 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Samsung Kies3 (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung Link 2.0.0.1603091618 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1603091618 - Samsung Electronics Co.,Ltd) Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden Setup - Don Bradman Cricket 14 ... (HKLM\...\Setup - Don Bradman Cricket 14 ...) (Version: ... - HES Interactive) SHAREit (HKLM\...\SHAREit_is1) (Version: 3.5.0.1144 - Lenovo) SHIELD Streaming (Version: 1.05.42 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.24 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.) SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden Stereoscopic Player (HKLM\...\{a2c29e53-27b7-4e67-b496-b7792f72a171}) (Version: 2.4.3 - 3dtv.at) Stereoscopic Player (Version: 2.4.3 - 3dtv.at) Hidden TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.65280 - TeamViewer) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.) TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden vc2012_redist (Version: 1.0.0.0 - Realnetworks) Hidden Video Downloader (Version: 1.2.0 - RealNetworks) Hidden ViewSonic Monitor Drivers (HKLM\...\{B4FEA924-630D-11D4-B78E-005004566E4D}) (Version: - ) VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version: - Ozone) VJoy 1.2 (HKLM\...\VJoy Virtual Joystick_is1) (Version: - Headsoft) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden WhatsApp (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\WhatsApp) (Version: 0.2.1455 - WhatsApp) WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun) Windows 10 Upgrade Assistant (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17346 - Microsoft Corporation) Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) Windows Resource Kit Tools - SubInAcl.exe (HKLM\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation) WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24104}) (Version: 20.5.12118 - WinZip Computing, S.L. ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1172\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll () CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01B65DA9-0CB3-4F59-9D49-A2741606E3D0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {04CA2995-73B7-4E81-8E3C-0F8FCFDFB843} - System32\Tasks\{DA6F51F6-BF18-47E1-ABBA-7F988E8E2249} => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe Task: {17B25621-F852-4B81-B0E8-95733F473A38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {1AF3F9EA-96A7-42DD-80EF-869A1815AF20} - System32\Tasks\{9F1C2142-6B09-4324-A0A4-C9EE6BF9A926} => pcalua.exe -a "C:\Program Files\Samsung\Samsung Link\uninstall.exe" Task: {2367A7E7-7A86-4D43-AB39-1A2B917799D3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {2A1AFFE3-4D38-46A1-83D6-B0400109F816} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {325F48E4-7832-4724-A575-69F72A64E48E} - System32\Tasks\{6AFE2735-5F26-47CA-937F-50A03C82C8E1} => pcalua.exe -a "c:\program files\real\realplayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|18.0 Task: {36C590B3-F5DA-4A4A-828E-3F0EE99451CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation) Task: {37F67F81-6D5A-4229-8E5A-DDFDA5F3CEA2} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-05-24] () Task: {396D2039-79CE-4D39-80CC-897DA2514D0E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {3E4A3934-522E-4CE3-8705-1295F2AB3A7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3FBA7F96-18F8-4B12-9B74-570338CC5ECC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4B4BA709-BD93-4715-8733-CFC0F1332579} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-06-02] (Dropbox, Inc.) Task: {5064DCDD-ED0C-4E67-BF45-2F877606DBC8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {526974AF-BBE9-441A-913A-A0D53111C880} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated) Task: {52B01E95-E04C-4083-95FD-A3D8801F1861} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {53517DA5-FF54-49C3-871B-DFE279710A84} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-12] (Microsoft Corporation) Task: {5398D6AE-A4FC-4D0C-A857-A0A4C4716821} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {546AE241-26FC-4827-94E9-8C9789BE71DF} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {55D5BB24-78DB-4B72-A568-6D919D3F1FA7} - System32\Tasks\{ABE956DF-1E53-4FE3-8F26-A3B26CBF5911} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{71A51A91-E7D3-11DB-A386-005056C00008}\setup.exe" -c -runfromtemp -l0x0009 -removeonly Task: {56D4E87B-51DF-4A4E-834C-64D86F31E8D6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {580AA43C-8603-4DFE-83CE-65A675B6EF4A} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] () Task: {5B3C9C2E-942D-4D41-9FDD-4A50B8ED0C93} - System32\Tasks\{CBE364C7-8FC3-4EB2-ABB5-9E4F40CBCD8B} => pcalua.exe -a "E:\Download\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit\713xDrvInstall.exe" -d "E:\Download\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit" Task: {5DF6911B-B20C-406E-94A4-721F7E29F90C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-07-26] (Microsoft Corporation) Task: {67C6482D-6256-479F-BE48-A93F1B2644DD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {6D99FC8D-A597-4C54-B789-BB4F61AFCDC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {6EA99B9F-9FF1-4FE0-9936-2392EDE2AF59} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-06-02] (Dropbox, Inc.) Task: {724C603F-F9B3-4D8B-987C-33067D3F189B} - System32\Tasks\{9E396D18-8C75-4945-9E94-DEF75402F4D6} => pcalua.exe -a "D:\nfs2 HOT\setup.exe" -d "D:\nfs2 HOT" Task: {779F64EA-F945-4ED0-8F62-2D36B0E7D26E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7D32F567-2303-4B18-9FE3-BEACF1F74673} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-02] (Piriform Ltd) Task: {7F70833D-C1A8-4087-8565-926F058B4B55} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe Task: {82C55B59-1644-4E06-B630-43B8D46DC3F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {82F91532-B48F-4EE4-B9E3-C616EE798B54} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8412CEA6-21F4-4709-A90A-55BAC3CD1B95} - System32\Tasks\{ECD5AB5F-E90A-4EBB-96CC-2571DA3C943F} => pcalua.exe -a "J:\Samrat\General\Current Affairs\Britannica\India and The World\starter.exe" -d "J:\Samrat\General\Current Affairs\Britannica\India and The World" Task: {85DA8391-97D1-4E25-8551-285E906CDD8E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {8AC9AD4B-E497-4C59-9B82-82DE80DD4107} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated) Task: {8E7AC6B2-8207-4EA6-A822-E75F0AC1093E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {8FCE7BE8-42A4-4D5F-86AB-98808D8E7502} - System32\Tasks\{B2F4EE28-3AF5-4EE1-8D33-F91D4A16D53E} => pcalua.exe -a "E:\Download\XP tools\Drivers\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit\713xDrvInstall.exe" -d "E:\Download\XP tools\Drivers\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit" Task: {9116A72A-1A4D-40C3-B636-47ACF6A15853} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {97196759-CF07-446E-99BC-0E92ADE3ED9A} - System32\Tasks\{1C80D6B2-CDF7-4AF8-AFF4-1B7FEF674250} => pcalua.exe -a "E:\NFSHP2\Need For Speed Hot Pursuit 2_uninst.exe" -d E:\NFSHP2 Task: {9A1E835A-CD6A-4CC6-AB64-EEBA862A6E3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9A673D8A-2710-4153-9691-43E658A45B18} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {A5BA4D86-7755-4909-806A-2C236FB39DED} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.) Task: {A69685C0-F39D-4E02-A42F-B461ACB73363} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AD744BD1-0667-4E4D-B206-70CC2D0964BD} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {B7E404AF-3EE3-4213-BC5C-DAD49E4F3C34} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B808E09E-A76A-441A-A7DC-E4F47532D0D5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {B99C237A-5428-412D-A61E-49E45AE4CB0C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-07-25] (Microsoft Corporation) Task: {BC6BC3DC-CD7A-4E82-B678-A7814410FB5B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {C18F1DB2-CD31-411A-938E-50755D172FC1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.) Task: {C6648A4A-2325-4EC5-8389-F95BC9653050} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {CDF1D276-082F-4EB3-A57F-6AB480EA70BF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {D11DBDDA-DE29-4B60-9524-A3F24A0B8A12} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D19978BD-7652-4EDD-8D4C-23145305BC57} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {D2F771ED-E696-4BBD-9835-63C12BAF5B60} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D981C769-3BE9-4282-8A73-E7E6B2528161} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {E6238F6C-8523-446C-9449-9AC0224B60E3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {E87943CA-AB57-423A-B118-E90E33D25DBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-07-26] (Microsoft Corporation) Task: {EBD4E9BA-5A46-4D9B-AE5F-EE33362535BB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F3F491DB-2181-45DF-8C3C-BFBA6852CA0B} - System32\Tasks\Origin => C:\Users\Samrat\AppData\Roaming\Origin\update.vbe <==== ATTENTION Task: {F3F6DB1C-423B-43B6-A7B0-FAA4B93E46EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F83B2AE5-934C-4AC6-9991-F53C7130F2C8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe Task: {F9473D25-2EC2-43FE-BBBA-7CF1505A972C} - System32\Tasks\{40DA7EF0-E555-4377-8998-E0D6CD426A84} => pcalua.exe -a "L:\Current Affairs\Britannica\India and The World\starter.exe" -d "L:\Current Affairs\Britannica\India and The World" Task: {F9C36292-4D71-4FDF-A3BF-637A44F87825} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FA2503DE-AAEB-4E31-8564-1B201E12D9BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 13:55 - 2016-07-16 13:55 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-16 13:55 - 2016-07-16 13:55 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2013-06-08 20:49 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe 2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe 2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 00022016 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 01877504 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 01851904 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll 2013-12-21 11:15 - 2013-12-21 11:15 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\JNIInterface.dll 2013-12-21 11:15 - 2013-12-21 11:15 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ASFAPI.dll 2013-12-21 11:17 - 2013-12-21 11:17 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB_Manager.dll 2013-10-01 09:46 - 2013-10-01 09:46 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB.dll 2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll 2013-12-21 11:17 - 2013-12-21 11:17 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMS_Manager.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll 2016-07-19 11:06 - 2016-03-09 16:18 - 00041472 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll 2016-08-16 18:42 - 2016-08-16 18:42 - 00640512 _____ () C:\Windows\Temp\sqlite-3.7.151-x86-sqlitejdbc.dll 2016-07-16 13:55 - 2016-07-16 13:55 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-07 00:13 - 2016-08-07 00:13 - 00679624 _____ () C:\Users\Samrat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll 2016-03-16 09:45 - 2016-07-29 10:55 - 08921792 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll 2016-07-16 13:55 - 2016-07-16 13:55 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-08-09 22:37 - 2016-08-02 10:02 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-08-09 22:36 - 2016-08-02 09:48 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-08-09 22:36 - 2016-08-02 09:41 - 01149440 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-09 22:36 - 2016-08-02 09:40 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-08-09 22:36 - 2016-08-02 09:41 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-08-09 22:36 - 2016-08-02 09:41 - 01741824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-08-09 22:36 - 2016-08-02 09:42 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-07-05 18:18 - 2016-07-05 18:18 - 00714992 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe 2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll 2016-06-02 16:59 - 2016-06-02 16:59 - 00654608 _____ () C:\Program Files\Real\RealPlayer\RPDS\Lib\r1api.dll 2016-08-20 09:02 - 2016-07-12 07:37 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd 2016-08-20 09:01 - 2016-07-12 07:37 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd 2016-08-20 09:01 - 2016-07-12 07:37 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd 2016-08-20 09:01 - 2016-07-12 07:37 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll 2016-08-20 09:02 - 2016-07-12 07:37 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd 2016-08-20 09:02 - 2016-07-12 07:37 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd 2016-08-20 09:02 - 2016-07-12 07:37 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-08-20 09:02 - 2016-07-12 07:37 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00021312 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd 2016-08-20 09:01 - 2016-07-12 07:37 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll 2016-08-20 09:01 - 2016-07-12 07:39 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00114640 _____ () C:\Program Files\Dropbox\Client\win32security.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00025424 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-08-20 09:02 - 2016-07-12 07:37 - 00144848 _____ () C:\Program Files\Dropbox\Client\_elementtree.pyd 2016-08-20 09:02 - 2016-07-12 07:38 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-08-20 09:01 - 2016-07-12 07:39 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll 2016-08-20 09:01 - 2016-08-17 00:29 - 00031568 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-08-20 09:01 - 2016-08-17 00:04 - 00293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll 2016-08-20 09:01 - 2016-08-17 00:29 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-08-20 09:01 - 2016-08-17 00:29 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd 2016-08-20 09:02 - 2016-07-12 07:37 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 03929392 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 01972016 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00132912 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00224056 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00020288 _____ () C:\Program Files\Dropbox\Client\winffi.user32._winffi_user32.pyd 2016-08-20 09:02 - 2016-07-12 07:39 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00037192 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-08-20 09:02 - 2016-08-17 00:29 - 00024904 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00168248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-08-20 09:01 - 2016-08-17 00:29 - 00042808 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd 2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll 2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll 2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll 2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll 2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll 2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll 2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll 2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll 2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll 2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll 2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll 2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll 2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll 2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll 2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll 2016-01-06 22:11 - 2016-01-06 22:11 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll 2016-06-02 17:01 - 2016-06-02 17:01 - 00096136 _____ () C:\Program Files\Real\RealPlayer\CrashRpt\CrashRpt1402.dll 2016-06-02 16:59 - 2016-06-02 16:59 - 00022800 _____ () C:\Program Files\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll 2016-08-13 07:59 - 2016-08-13 07:59 - 00061440 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x86__kzf8qxf38zg5c\SkypeHost.exe 2016-08-13 07:59 - 2016-08-13 07:59 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2011-10-04 12:20 - 2012-01-20 14:55 - 00427520 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 07:34 - 2016-08-23 17:57 - 00000025 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0x00000000000000000000000000000000000000000000000000 ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Samrat\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TVR Scheduler.lnk => C:\Windows\pss\TVR Scheduler.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: LGODDFU => "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot HKLM\...\StartupApproved\Run: => "EaseUS EPM tray" HKLM\...\StartupApproved\Run: => "HTC Sync Loader" HKLM\...\StartupApproved\Run: => "BlueStacks Agent" HKLM\...\StartupApproved\Run: => "Tencent" HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\StartupApproved\Run: => "RGSC" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{E6CB40F6-D1F7-4F65-9D74-00917E8F1DB0}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{550A3EA7-2400-477E-9D97-8EAF35912911}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{6FCB8EB5-E66A-4A18-9FAA-D60F3FF9B0A6}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{04D20ADE-CF8F-41A0-A12A-2C2F4602B41E}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{900D9413-0F2F-4621-89F6-71A21AD8D25F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{8B2DF7C4-0C05-4058-B20D-91DD85BE0059}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{0CA79857-6806-4586-88EF-66B0320AD626}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{1A47BDFB-C53D-435B-9D8D-F05A512786AA}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{EFDDF863-F616-4D01-B676-0F430F8D73F1}] => (Allow) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{E60DE42F-BD76-480C-9B9E-00F12C539E4E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [uDP Query User{FA8F15B1-370B-4AC7-8C2B-75E835665BDC}C:5\return to castle wolfenstein\wolfmp.exe] => (Allow) C:5\return to castle wolfenstein\wolfmp.exe FirewallRules: [TCP Query User{C8BCFC94-170E-4135-9EB4-1CFD266BCE80}C:5\return to castle wolfenstein\wolfmp.exe] => (Allow) C:5\return to castle wolfenstein\wolfmp.exe FirewallRules: [{F96FA6A1-010A-4756-BBC0-64C3D81107FA}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{A85BDF7E-7768-4114-A6CF-A6DCEBF53ADB}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C42EE036-E821-4647-A868-9D9EAA78FCDE}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F05009AC-8CD1-4E7E-A405-51FDCD280B1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{7213D2E3-3DED-43AE-869B-DC94AC2134C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F6183998-3F2C-489D-AFB1-B918BCA7D82C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{E6DAC240-F468-4884-9A43-1ECE6B0E915E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{73228A62-20C1-4F2A-9DB1-F473C1420F8C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{DFCF347E-EA51-4327-A3DD-6C054C4FFE25}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{AC918F41-410E-43EB-8D9D-2034A69C3395}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{EEE83C9E-73F6-4EC6-B8A3-5E6607E6FFF2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{A2AAA5C7-6E20-4F99-9C7D-6081C0E78BAD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{99B45793-75AD-46A2-9D7F-A49E1C46B14D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{209569D1-9F93-42D3-8A40-5E68411A29C8}] => (Allow) C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{874A2225-CA96-4548-9303-8920FBC06BB6}] => (Allow) LPort=1900 FirewallRules: [{A28BE716-47DB-4F36-82AB-6163CF91CA84}] => (Allow) LPort=7900 FirewallRules: [{0F286A75-12AD-4B16-934A-7EFF3E119B49}] => (Allow) LPort=24234 FirewallRules: [{FB64994D-266C-4107-9315-234E1B094FB0}] => (Allow) LPort=7679 FirewallRules: [{3D0BB31A-80DD-4BBC-A3B7-B1A849DF72A7}] => (Allow) LPort=7676 FirewallRules: [{382250AE-90FE-45BB-9991-981CF4239AD4}] => (Allow) LPort=8643 FirewallRules: [{0F234DE0-1E11-4E04-9314-DA7BDB7DA7A5}] => (Allow) LPort=8743 FirewallRules: [{EB51376B-9068-4F10-9CA3-41F374B9AB2C}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{ADDC5571-EBAF-4C75-B4B5-924007AC74ED}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{6D69D31A-0FE9-407A-9723-F030B552995D}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6B3F143A-0BC4-4C3D-B4D2-16795CC956B2}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E45B5A02-B251-41D3-B9F0-A2CC36AB6481}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1469F424-A49F-4057-80D7-7781525235BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CDE5E8B5-FE81-4570-9200-DB71B2646227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{F66D5336-3841-41A5-9713-B17D6D5B64E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{1450963B-60C8-41D6-A585-ABA38C85D444}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{A8E65E91-6F84-437D-AB3F-0067B257B3E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E107D98A-6CF0-44D2-B905-4076A2802824}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{6723F246-C472-4591-A02B-18443CA64751}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [uDP Query User{88F026A7-40CF-473F-A1BB-AEAC22007311}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe FirewallRules: [TCP Query User{71F5B673-A798-42F9-BA71-56D115022419}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe FirewallRules: [{52E8D2B5-2FFF-47F0-8E71-5C8F27E059B7}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{D936D009-0820-4529-979C-E7B41BFF8A38}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe FirewallRules: [{989501A5-5283-4E87-85FA-1007CEFDA5F2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{4C14FA24-1A45-48D3-B9BD-CD1FB5DBD5F3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{C7C3C4D7-612D-4575-B2C7-04BE5304A0A7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{E6B48F0D-093E-4F5D-BC41-33CB1209C5DB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{F1BBE1E1-5399-4389-96C0-1F1348942E5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{B202E51E-489D-4C39-9FE2-EBB729E49C1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [TCP Query User{1275B1D3-8B1B-4649-95B3-9921AD80DDF1}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [uDP Query User{9773B2BA-A44A-4555-A920-A7E396294E69}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [{1C7308D7-60E3-4327-9F36-DC75D5AE98E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{2F165ACA-847B-4B00-A370-B3BA656311A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{55E792B1-DB6C-490C-B5CB-9FD99A2F3AE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{2AE96598-F7B1-463B-B5EA-A2F2F9728A78}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{65BE0C3C-A9C2-4D70-BD83-726020521830}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{16EFD293-F4A9-46A3-9660-E2E8369FB11F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{25D8549B-4A4E-47C9-9561-B46D577EAA50}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe FirewallRules: [{774EC355-6D8F-43CE-9A4E-6F3BC6C840FE}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{5C4705DB-EFD4-4000-966A-7CC4EA5D3F02}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{E37F0C23-BABE-46DA-B7A6-5208DBD0671F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{8E84FAC7-2888-4843-AB19-281C349E5BEE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{DE5AE55C-5E55-4AE4-89B0-E8E4FFE6F149}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C6623973-AEEB-4659-8557-0DE966C072E0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/23/2016 06:57:10 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={6A946A5C-1528-4549-81E3-DCF3C01E0D2E}: The user SYSTEM dialed a connection named Hide.ME IKEV2 which has failed. The error code returned on failure is 809. Error: (08/23/2016 06:40:30 PM) (Source: RasClient) (EventID: 20227) (User: ) Description: CoId={47B4A4B0-14C2-40F2-AB41-B5F7C9806869}: The u
  9. FRST.log Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-08-2016 01 Ran by Samrat (administrator) on SAMRAT-PC (23-08-2016 22:17:11) Running from C:\Users\Samrat\Downloads\Programs Loaded Profiles: Samrat (Available Profiles: Samrat & UpdatusUser) Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (eVenture Limited) C:\Program Files\hide.me VPN\vpnsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe (Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe (Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Google Inc.) C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe ( ) C:\Program Files\VJoy\VJoy.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow32.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (eVenture Limited) C:\Program Files\hide.me VPN\Hide.me.exe (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x86__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE (Nero AG) C:\Program Files\Nero\Update\NASvc.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [EaseUS EPM tray] => C:\Program Files\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\EpmNews.exe [2086984 2012-11-29] (CHENGDU YIWO Tech Development Co., Ltd) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\Update\realsched.exe [293768 2016-06-02] (RealNetworks, Inc.) HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] () HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [23892200 2016-08-17] (Dropbox, Inc.) HKLM\...\Run: [samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [582888 2016-03-09] (Samsung Electronics Co.,Ltd) HKLM\...\Run: [sunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Facebook Update] => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Google Update] => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [ApacheTomcatMonitor7.0_Tomcat7] => C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe [102400 2011-09-28] (Apache Software Foundation) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [iDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3952696 2016-08-03] (Tonec Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [uTorrent] => C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe [1972224 2016-08-09] (BitTorrent Inc.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [VJoy] => C:\Program Files\VJoy\VJoy.exe [122880 2012-10-15] ( ) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6690520 2016-06-02] (Piriform Ltd) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-07-29] (Google) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.40.dll [2016-08-17] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-06-02] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-12-18] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2015-12-18] ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-06-02] ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-06-02] ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-06-02] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) Startup: C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2016-08-23] ShortcutTarget: hide.me VPN.lnk -> C:\Program Files\hide.me VPN\Hide.me.exe (eVenture Limited) Startup: C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Seagate Product Registration.lnk [2016-08-15] ShortcutTarget: Seagate Product Registration.lnk -> C:\Users\Samrat\AppData\Roaming\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 0x00000000000000000000000000000000000000000000000000 Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{2BCE7521-3D61-409B-B602-8E39A5D8E050}: [DhcpNameServer] 95.211.171.160 95.211.171.161 Tcpip\..\Interfaces\{90A6345F-988F-4616-BE2D-D69421BA1614}: [DhcpNameServer] 95.211.101.200 95.211.101.202 Tcpip\..\Interfaces\{B12DBCDF-CD54-47CF-8F2B-AAF20402D821}: [DhcpNameServer] 95.211.101.197 95.211.101.198 Tcpip\..\Interfaces\{ebd637a9-9c05-4add-a4f0-fc6d4b516199}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3559879560-2752497012-24936758-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3559879560-2752497012-24936758-1001 -> DefaultScope {052FF931-BCCB-47C9-B0F6-8A88D1789BFB} URL = BHO: No Name -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> No File BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-07-25] (Microsoft Corporation) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-07-25] (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation) BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-25] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-25] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-25] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-07-25] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984 FF DefaultSearchEngine: Yahoo! FF SelectedSearchEngine: Yahoo! FF Homepage: about:home FF Keyword.URL: hxxps://in.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin: @alternatiff.com/AlternaTIFF -> C:\Program Files\MIE\AlternaTIFF\npzzatif.dll [2013-08-14] (Medical Informatics Engineering, Inc.) FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation) FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-25] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-07-25] (Microsoft Corporation) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation) FF Plugin: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2016-06-02] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-06-02] (RealPlayer) FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Samrat\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @talk.google.com/O1DPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Extension: leethax.net extension - C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984\extensions\leethax@leethax.net.xpi [2016-08-23] FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-06-08] FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-08] [not signed] FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 [2016-08-03] [not signed] FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi Chrome: ======= CHR Profile: C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-06-09] CHR HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed] R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2118856 2016-07-25] (Microsoft Corporation) S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-02] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-02] (Dropbox, Inc.) R2 hmevpnsvc; C:\Program Files\hide.me VPN\vpnsvc.exe [192720 2016-07-21] (eVenture Limited) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (Lenovo) R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [773968 2014-01-27] (Nero AG) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed] R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14574368 2013-09-20] (NVIDIA Corporation) S3 ose; c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-07-23] (Microsoft Corporation) [File not signed] R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed] U2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1115736 2015-08-30] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] () S2 RealTimes Desktop Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1115736 2015-08-30] (RealNetworks, Inc.) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [589544 2016-03-09] (Samsung Electronics Co.,Ltd) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-07-16] (Microsoft Corporation) S3 ShareItSvc; C:\Program Files\Lenovo\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-22] (TeamViewer GmbH) S2 Tomcat7; C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [74752 2011-09-28] (Apache Software Foundation) [File not signed] R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 3xHybrid; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [1141888 2010-12-01] (NXP Semiconductors Germany GmbH) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.) R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows ® Win 7 DDK provider) R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows ® Win 7 DDK provider) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [14216 2011-07-29] () [File not signed] S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-07-29] () [File not signed] S3 gdrv; C:\Windows\gdrv.sys [16608 2010-02-23] (Windows ® 2000 DDK provider) S3 ivusb; C:\WINDOWS\System32\drivers\ivusb.sys [25112 2010-07-29] (Initio Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] () R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation) R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The OpenVPN Project) S4 UevAgentDriver; C:\WINDOWS\system32\drivers\UevAgentDriver.sys [36192 2016-07-16] (Microsoft Corporation) R3 vhidmini; C:\WINDOWS\System32\drivers\vjoy.sys [13112 2013-04-18] (Headsoft) S3 vmgid; C:\WINDOWS\System32\drivers\vmgid.sys [8704 2016-07-16] (Microsoft Corporation) R0 volume; C:\WINDOWS\System32\drivers\volume.sys [14176 2016-07-16] (Microsoft Corporation) R2 wcifs; C:\WINDOWS\system32\drivers\wcifs.sys [95072 2016-07-16] (Microsoft Corporation) R2 wcnfs; C:\WINDOWS\system32\drivers\wcnfs.sys [52736 2016-07-16] (Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation) R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-23 22:16 - 2016-08-23 22:17 - 00000000 ____D C:\FRST 2016-08-23 22:11 - 2016-08-23 22:11 - 00002904 _____ C:\mbb.txt 2016-08-23 18:11 - 2016-08-23 18:11 - 00000000 ___HD C:\OneDriveTemp 2016-08-22 20:47 - 2016-08-22 20:57 - 00000000 ____D C:\Users\Samrat\AppData\Local\MalwareProtectionLive 2016-08-22 20:47 - 2016-08-22 20:47 - 00000000 ____D C:\Users\Samrat\AppData\Local\{B5F70934-5E12-42d2-882D-62D42EA1FA67} 2016-08-22 20:46 - 2016-08-22 20:53 - 00000000 ____D C:\Users\Samrat\Documents\Vuze Downloads 2016-08-22 20:45 - 2016-08-22 20:55 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Azureus 2016-08-20 16:39 - 2016-08-23 21:32 - 00000000 ____D C:\Users\Samrat\AppData\LocalLow\uTorrent 2016-08-20 09:02 - 2016-08-20 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-08-19 14:49 - 2016-08-19 14:49 - 00002072 _____ C:\Users\Public\Desktop\ExtremeCopy Pro.lnk 2016-08-19 14:49 - 2016-08-19 14:49 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\ExtremeCopy 2016-08-19 14:49 - 2016-08-19 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExtremeCopy 2016-08-19 14:49 - 2016-08-19 14:49 - 00000000 ____D C:\Program Files\Easersoft 2016-08-19 14:40 - 2016-08-19 14:40 - 01591923 _____ C:\Users\Samrat\Documents\ssccgl.pdf 2016-08-18 22:54 - 2016-08-19 13:32 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-08-16 18:39 - 2016-08-23 18:08 - 00353560 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-08-09 22:37 - 2016-08-02 10:32 - 00145248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-09 22:37 - 2016-08-02 10:26 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-09 22:37 - 2016-08-02 10:25 - 00520200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-09 22:37 - 2016-08-02 10:21 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-09 22:37 - 2016-08-02 10:17 - 00127168 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-09 22:37 - 2016-08-02 10:17 - 00094528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2016-08-09 22:37 - 2016-08-02 10:09 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-08-09 22:37 - 2016-08-02 10:07 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-08-09 22:37 - 2016-08-02 10:07 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-08-09 22:37 - 2016-08-02 10:01 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-08-09 22:37 - 2016-08-02 10:00 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-09 22:37 - 2016-08-02 09:58 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-08-09 22:37 - 2016-08-02 09:57 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-08-09 22:37 - 2016-08-02 09:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-08-09 22:37 - 2016-08-02 09:56 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-08-09 22:37 - 2016-08-02 09:55 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-08-09 22:37 - 2016-08-02 09:55 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-09 22:37 - 2016-08-02 09:53 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-08-09 22:37 - 2016-08-02 09:47 - 03776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-08-09 22:37 - 2016-08-02 09:46 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-09 22:37 - 2016-08-02 09:43 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-09 22:37 - 2016-08-02 09:43 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-09 22:37 - 2016-08-02 09:43 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-09 22:37 - 2016-08-02 09:43 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-08-09 22:37 - 2016-08-02 09:42 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-09 22:37 - 2016-08-02 09:39 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-08-09 22:36 - 2016-08-02 10:20 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-08-09 22:36 - 2016-08-02 10:06 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-08-09 22:36 - 2016-08-02 10:03 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-08-09 22:36 - 2016-08-02 09:58 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-09 22:36 - 2016-08-02 09:56 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-09 22:36 - 2016-08-02 09:56 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-08-09 11:43 - 2016-08-13 16:35 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\MPC-HC 2016-08-07 12:10 - 2016-08-14 12:24 - 00000000 ___DC C:\WINDOWS\Panther 2016-08-07 12:04 - 2016-08-16 13:15 - 00000000 ____D C:\Windows.old 2016-08-07 12:04 - 2016-08-07 12:04 - 01898848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 01344992 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 01343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00551776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-07 12:04 - 2016-08-07 12:04 - 00054624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-08-07 12:04 - 2016-08-07 12:04 - 00000000 ____D C:\Program Files\CMAK 2016-08-07 12:01 - 2016-08-07 12:01 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-08-07 11:57 - 2016-08-07 11:57 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-08-07 11:57 - 2016-08-07 11:57 - 00000000 ____D C:\Program Files\MSBuild 2016-08-07 11:56 - 2016-05-26 00:33 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-08-07 11:56 - 2016-05-26 00:33 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-08-07 11:56 - 2016-05-26 00:33 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-08-07 00:01 - 2016-08-07 00:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-08-06 23:59 - 2016-08-06 23:59 - 00001047 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk 2016-08-06 23:55 - 2016-08-07 06:37 - 00000000 ____D C:\Users\Samrat\AppData\Local\ConnectedDevicesPlatform 2016-08-06 23:55 - 2016-08-06 23:55 - 00000020 ___SH C:\Users\Samrat\ntuser.ini 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\My Documents 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\Documents\My Videos 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default\Documents\My Music 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 _SHDL C:\Users\Default User\Documents\My Music 2016-08-06 23:47 - 2016-08-06 23:47 - 00000000 ____D C:\ProgramData\USOShared 2016-08-06 23:42 - 2016-08-06 23:46 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2016-08-06 23:42 - 2016-08-06 23:46 - 00011433 _____ C:\WINDOWS\diagerr.xml 2016-08-06 23:30 - 2016-08-23 21:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-08-06 23:15 - 2016-08-06 23:15 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2016-08-06 23:10 - 2016-08-06 23:10 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\RealNetworks 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\RealNetworks 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2016-08-06 23:10 - 2016-08-06 23:10 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2016-08-06 22:59 - 2016-08-06 22:59 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines 2016-08-06 22:58 - 2016-08-06 23:12 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-08-06 22:51 - 2016-08-23 21:29 - 00000000 ____D C:\Users\UpdatusUser 2016-08-06 22:51 - 2016-08-23 21:29 - 00000000 ____D C:\Users\Samrat 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\My Documents 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Videos 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Pictures 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\My Music 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\My Documents 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\Documents\My Videos 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\Documents\My Pictures 2016-08-06 22:51 - 2016-08-06 22:51 - 00000000 _SHDL C:\Users\Samrat\Documents\My Music 2016-08-06 22:46 - 2016-08-06 23:12 - 00000000 ____D C:\ProgramData\HP 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____D C:\WINDOWS\system32\RTCOM 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____D C:\WINDOWS\system32\DAX2 2016-08-06 22:45 - 2016-08-06 22:45 - 00000000 ____D C:\Program Files\Realtek 2016-08-06 22:43 - 2016-08-23 21:29 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-08-06 22:43 - 2016-08-06 22:43 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-08-06 19:59 - 2016-08-06 19:59 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-SAMRAT-PC-Windows-10-Pro-(32-bit).dat 2016-08-06 17:40 - 2016-08-06 17:40 - 00000000 ____D C:\Program Files\Tweaking.com 2016-08-06 15:59 - 2016-08-06 21:39 - 00000036 _____ C:\WINDOWS\progress.ini 2016-08-06 15:36 - 2016-08-06 23:54 - 00000000 ___HD C:\$GetCurrent 2016-08-06 15:22 - 2016-08-06 23:55 - 00000000 ____D C:\Windows10Upgrade 2016-08-06 15:22 - 2016-08-06 21:16 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk 2016-08-06 15:22 - 2016-08-06 21:16 - 00000719 _____ C:\Users\Samrat\Desktop\Windows 10 Upgrade Assistant.lnk 2016-08-06 14:42 - 2016-08-06 14:42 - 00000000 ____D C:\Program Files\Windows Resource Kits 2016-08-06 14:40 - 2016-08-06 14:40 - 00001122 _____ C:\Users\Samrat\reset.cmd 2016-08-06 13:36 - 2016-08-06 13:36 - 00000000 ____D C:\Users\Samrat\Documents\CCleaner Reg 2016-08-05 22:41 - 2016-08-06 22:55 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2016-08-05 22:41 - 2016-08-05 22:49 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\WhatsApp 2016-08-05 22:41 - 2016-08-05 22:41 - 00002282 _____ C:\Users\Samrat\Desktop\WhatsApp.lnk 2016-08-05 22:40 - 2016-08-05 22:41 - 00000000 ____D C:\Users\Samrat\AppData\Local\WhatsApp 2016-08-05 22:40 - 2016-08-05 22:41 - 00000000 ____D C:\Users\Samrat\AppData\Local\SquirrelTemp 2016-08-03 20:19 - 2016-08-03 20:19 - 00001048 _____ C:\Users\Samrat\Desktop\Internet Download Manager.lnk 2016-08-01 11:47 - 2016-08-03 22:27 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\VMware 2016-08-01 11:46 - 2016-08-03 22:27 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy 2016-08-01 11:40 - 2016-08-03 22:35 - 00000000 ____D C:\ProgramData\VMware 2016-08-01 11:30 - 2016-08-03 22:35 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Andy 2016-07-29 11:03 - 2016-07-29 11:03 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-07-28 20:12 - 2016-07-28 20:07 - 00134248 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys 2016-07-24 08:40 - 2016-07-24 08:40 - 00000000 ____D C:\Program Files\Common Files\Java ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-08-23 22:18 - 2010-12-25 10:17 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\uTorrent 2016-08-23 22:10 - 2016-06-07 09:59 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-08-23 21:36 - 2014-05-29 15:15 - 00000000 ___RD C:\Users\Samrat\Dropbox 2016-08-23 21:33 - 2015-08-07 14:01 - 00000000 ___RD C:\Users\Samrat\OneDrive 2016-08-23 21:29 - 2015-11-20 11:25 - 00000000 ____D C:\ProgramData\NVIDIA 2016-08-23 21:16 - 2012-02-22 19:36 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\vlc 2016-08-23 21:05 - 2010-02-23 06:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\DMCache 2016-08-23 20:11 - 2016-04-09 12:03 - 00000998 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-08-23 20:11 - 2011-01-23 22:49 - 00000000 ____D C:\Program Files\TeamViewer 2016-08-23 20:10 - 2011-01-23 22:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\TeamViewer 2016-08-23 19:05 - 2013-11-19 09:58 - 00000000 ____D C:\Users\Samrat\Downloads\Video 2016-08-23 18:57 - 2016-06-02 19:45 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Hide.me 2016-08-23 18:06 - 2016-07-16 07:52 - 01572864 _____ C:\WINDOWS\system32\config\BBI 2016-08-23 09:41 - 2013-11-19 09:58 - 00000000 ____D C:\Users\Samrat\Downloads\Compressed 2016-08-23 09:26 - 2016-07-16 13:59 - 00000000 ___HD C:\Program Files\WindowsApps 2016-08-23 09:26 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-08-20 09:50 - 2014-05-01 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-08-20 09:02 - 2016-06-02 17:36 - 00000000 ____D C:\Program Files\Dropbox 2016-08-19 14:40 - 2011-05-15 10:16 - 00000000 ____D C:\Users\Samrat\AppData\LocalLow\Temp 2016-08-19 13:32 - 2013-02-01 11:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-08-16 17:00 - 2010-02-27 14:40 - 00000000 ____D C:\Users\Samrat\AppData\Local\ElevatedDiagnostics 2016-08-16 16:13 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\rescache 2016-08-14 09:03 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-08-13 21:03 - 2010-02-23 06:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\IDM 2016-08-13 20:52 - 2016-07-16 13:58 - 00000000 ____D C:\WINDOWS\INF 2016-08-13 19:59 - 2015-03-09 13:56 - 00000000 ____D C:\Users\Samrat\Downloads\Shareit 2016-08-13 11:23 - 2011-08-14 20:47 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Skype 2016-08-13 07:50 - 2012-12-12 12:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\es-MX 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-08-12 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-08-12 08:40 - 2013-08-18 09:58 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-12 08:26 - 2012-12-15 07:32 - 144884648 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-08 23:12 - 2015-08-07 13:26 - 00890990 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-08-07 12:10 - 2016-07-16 14:01 - 00000000 ____D C:\WINDOWS\Setup 2016-08-07 12:10 - 2016-07-16 14:00 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-08-07 11:57 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\System 2016-08-07 11:57 - 2016-07-16 13:56 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\winhelp.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\system32\lanman.drv 2016-08-07 11:57 - 2016-07-16 13:56 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplayx.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00177856 _____ (Microsoft Corporation) C:\WINDOWS\system32\typelib.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00169520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole2disp.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00153008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole2nls.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00127213 _____ C:\WINDOWS\system32\ega.cpi 2016-08-07 11:57 - 2016-07-16 13:56 - 00108464 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00092320 _____ (Microsoft Corporation) C:\WINDOWS\system32\krnl386.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\olecli.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system\olecli.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00069886 _____ C:\WINDOWS\system32\edit.com 2016-08-07 11:57 - 2016-07-16 13:56 - 00068992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMSYSTEM.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00068992 _____ (Microsoft Corporation) C:\WINDOWS\system\MMSYSTEM.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\graftabl.com 2016-08-07 11:57 - 2016-07-16 13:56 - 00053600 _____ C:\WINDOWS\system32\dosx.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00050648 _____ C:\WINDOWS\system32\COMMAND.COM 2016-08-07 11:57 - 2016-07-16 13:56 - 00047840 _____ (Microsoft Corporation) C:\WINDOWS\system32\USER.EXE 2016-08-07 11:57 - 2016-07-16 13:56 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpwsockx.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmspl.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00042809 _____ C:\WINDOWS\system32\KEY01.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00042592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole2.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00042537 _____ C:\WINDOWS\system32\KEYBOARD.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDEML.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00039274 _____ C:\WINDOWS\system32\mem.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00035776 _____ C:\WINDOWS\system32\NTIO411.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00035552 _____ C:\WINDOWS\system32\NTIO412.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00034688 _____ C:\WINDOWS\system32\NTIO804.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00034688 _____ C:\WINDOWS\system32\NTIO404.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00033968 _____ C:\WINDOWS\system32\NTIO.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\COMMDLG.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00032816 _____ (Microsoft Corporation) C:\WINDOWS\system\COMMDLG.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00029370 _____ C:\WINDOWS\system32\NTDOS411.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00029274 _____ C:\WINDOWS\system32\NTDOS412.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00029146 _____ C:\WINDOWS\system32\NTDOS804.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00029146 _____ C:\WINDOWS\system32\NTDOS404.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00028420 _____ C:\WINDOWS\system32\bios1.rom 2016-08-07 11:57 - 2016-07-16 13:56 - 00028112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DRWATSON.EXE 2016-08-07 11:57 - 2016-07-16 13:56 - 00027866 _____ C:\WINDOWS\system32\NTDOS.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00027792 _____ (Microsoft Corporation) C:\WINDOWS\system32\compobj.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00027200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ctl3dv2.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00027097 _____ C:\WINDOWS\system32\country.sys 2016-08-07 11:57 - 2016-07-16 13:56 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpmodemx.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\GDI.EXE 2016-08-07 11:57 - 2016-07-16 13:56 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\OLESVR.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system\OLESVR.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdmredir.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00021232 _____ C:\WINDOWS\system32\graphics.pro 2016-08-07 11:57 - 2016-07-16 13:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplaysvr.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00020634 _____ C:\WINDOWS\system32\debug.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00019694 _____ C:\WINDOWS\system32\GRAPHICS.COM 2016-08-07 11:57 - 2016-07-16 13:56 - 00018896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysedit.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00018832 _____ C:\WINDOWS\system32\v7vga.rom 2016-08-07 11:57 - 2016-07-16 13:56 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdmd.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00014710 _____ C:\WINDOWS\system32\KB16.COM 2016-08-07 11:57 - 2016-07-16 13:56 - 00013888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TOOLHELP.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00013312 _____ C:\WINDOWS\system32\win87em.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00012704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFWNET.DRV 2016-08-07 11:57 - 2016-07-16 13:56 - 00012704 _____ (Microsoft Corporation) C:\WINDOWS\system\WFWNET.DRV 2016-08-07 11:57 - 2016-07-16 13:56 - 00012642 _____ C:\WINDOWS\system32\edlin.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00012498 _____ C:\WINDOWS\system32\append.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00011753 _____ C:\WINDOWS\system32\setver.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00010790 _____ C:\WINDOWS\system32\EDIT.HLP 2016-08-07 11:57 - 2016-07-16 13:56 - 00010544 _____ (Microsoft Corporation) C:\WINDOWS\system32\COMM.drv 2016-08-07 11:57 - 2016-07-16 13:56 - 00009936 _____ (Microsoft Corporation) C:\WINDOWS\system32\lzexpand.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00009936 _____ (Microsoft Corporation) C:\WINDOWS\system\lzexpand.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WIFEMAN.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00009029 _____ C:\WINDOWS\system32\ANSI.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00009008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ver.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00009008 _____ (Microsoft Corporation) C:\WINDOWS\system\ver.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00008424 _____ C:\WINDOWS\system32\exe2bin.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00008191 _____ C:\WINDOWS\system32\bios4.rom 2016-08-07 11:57 - 2016-07-16 13:56 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win.com 2016-08-07 11:57 - 2016-07-16 13:56 - 00007052 _____ C:\WINDOWS\system32\nlsfunc.exe 2016-08-07 11:57 - 2016-07-16 13:56 - 00005532 _____ (Microsoft Corporation) C:\WINDOWS\system\stdole.tlb 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WINNLS.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHELL.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2016-08-07 11:57 - 2016-07-16 13:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system\SHELL.DLL 2016-08-07 11:57 - 2016-07-16 13:56 - 00004768 _____ C:\WINDOWS\system32\HIMEM.SYS 2016-08-07 11:57 - 2016-07-16 13:56 - 00004208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storage.dll 2016-08-07 06:52 - 2012-12-12 09:31 - 00000000 ____D C:\Users\Samrat\AppData\Local\Packages 2016-08-07 06:38 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\appcompat 2016-08-07 00:18 - 2015-08-07 14:19 - 00002405 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-08-07 00:08 - 2016-07-16 13:59 - 00000000 __RHD C:\Users\Public\Libraries 2016-08-06 23:47 - 2016-07-16 13:59 - 00000000 ____D C:\ProgramData\USOPrivate 2016-08-06 23:47 - 2016-07-16 07:52 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-08-06 23:42 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\Registration 2016-08-06 23:41 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-08-06 23:41 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2016-08-06 23:31 - 2012-12-12 09:24 - 00021412 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-08-06 23:30 - 2014-01-08 21:46 - 00000910 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-08-06 23:29 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\Media 2016-08-06 23:13 - 2016-07-16 13:59 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-08-06 23:13 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-08-06 23:13 - 2016-07-16 13:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-08-06 23:13 - 2016-06-07 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters 2016-08-06 23:13 - 2016-06-07 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3dtv.at Stereoscopic Player 2016-08-06 23:13 - 2016-06-02 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN 2016-08-06 23:13 - 2016-06-02 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com 2016-08-06 23:13 - 2016-06-02 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2016-08-06 23:13 - 2016-06-02 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 20.5 2016-08-06 23:13 - 2016-06-02 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks 2016-08-06 23:13 - 2016-04-04 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VJoy 2016-08-06 23:13 - 2015-10-19 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker 2016-08-06 23:13 - 2015-09-25 11:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2016-08-06 23:13 - 2015-05-26 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView 2016-08-06 23:13 - 2014-12-06 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-08-06 23:13 - 2014-11-04 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.1.1 Home Edition 2016-08-06 23:13 - 2014-10-19 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-08-06 23:13 - 2014-07-29 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-08-06 23:13 - 2014-04-13 08:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center 2016-08-06 23:13 - 2013-06-20 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 7.0 Tomcat7 2016-08-06 23:13 - 2013-01-26 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2016-08-06 23:13 - 2012-11-08 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-08-06 23:13 - 2012-03-11 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSIM 9.0.3 (softkey time-limited) 2016-08-06 23:13 - 2011-10-08 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulzer USB2.0 UVC PC Camera 2016-08-06 23:13 - 2011-10-04 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy 2016-08-06 23:13 - 2011-09-21 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-08-06 23:13 - 2010-08-19 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\honestech TVR 2.5 2016-08-06 23:13 - 2010-08-13 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-08-06 23:13 - 2010-02-23 06:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG ODD Auto Firmware Update 2016-08-06 23:13 - 2010-02-23 06:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials 2016-08-06 23:13 - 2010-02-23 06:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2016-08-06 23:12 - 2014-12-06 11:24 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-08-06 23:12 - 2014-10-14 15:59 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP 2016-08-06 23:10 - 2015-10-30 10:43 - 00000000 ____D C:\Users\Default.migrated 2016-08-06 23:03 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\spool 2016-08-06 23:03 - 2013-08-22 13:47 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2016-08-06 23:03 - 2013-08-22 13:47 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2016-08-06 23:03 - 2013-01-26 13:18 - 00000000 ____D C:\WINDOWS\system32\xlive 2016-08-06 23:03 - 2012-01-07 10:17 - 00000000 ____D C:\WINDOWS\system32\SPReview 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-08-06 23:02 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\system32\IME 2016-08-06 23:02 - 2016-05-18 16:39 - 00000000 ____D C:\WINDOWS\system32\msv 2016-08-06 23:02 - 2012-01-07 10:14 - 00000000 ____D C:\WINDOWS\system32\EventProviders 2016-08-06 23:02 - 2010-02-25 12:44 - 00000000 ____D C:\WINDOWS\system32\Lang 2016-08-06 23:01 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\schemas 2016-08-06 23:01 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-08-06 23:01 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-08-06 23:01 - 2013-05-24 08:04 - 00000000 ____D C:\WINDOWS\system32\%Report% 2016-08-06 23:01 - 2010-11-16 09:32 - 00000000 ____D C:\WINDOWS\system32\appmgmt 2016-08-06 23:00 - 2016-07-23 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit 2016-08-06 23:00 - 2016-07-23 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-08-06 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\InputMethod 2016-08-06 23:00 - 2016-07-16 13:59 - 00000000 ____D C:\WINDOWS\Help 2016-08-06 23:00 - 2016-06-02 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-08-06 23:00 - 2013-12-31 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016-08-06 23:00 - 2013-11-21 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2016-08-06 23:00 - 2011-05-17 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games 2016-08-06 23:00 - 2010-12-23 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB 2016-08-06 23:00 - 2009-07-14 13:18 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-08-06 22:59 - 2016-07-16 13:59 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-08-06 22:59 - 2016-07-16 13:59 - 00000000 ____D C:\Program Files\Common Fi
  10. Hi I am using an Windows 10 OS.I have two Internal HDD one with 160GB(with OS) and another with 1000GB(for Data Storage).Everything worked fine for past 2-3 Years.Since few days my external HDD is not been dectecting whereas Flash Drive is been detected by the same USB port and When ever i Copy a file from 160 GB HDD to 1000GB HDD the 1000GB HDD reads File is not Accessible.Here is the Malware bytes Log Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 23-Aug-16 Scan Time: 12:51 PM Logfile: mbb.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.08.23.03 Rootkit Database: v2016.08.15.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x86 File System: NTFS User: Samrat Scan Type: Threat Scan Result: Completed Objects Scanned: 357126 Time Elapsed: 1 hr, 10 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Enabled Processes: 1 PUP.Optional.ConvertAd, C:\Users\Samrat\AppData\Local\Temp\sps.exe, 7124, Delete-on-Reboot, [1768da74386272c4da7f3296a0614fb1] Modules: 0 (No malicious items detected) Registry Keys: 2 PUP.Optional.Spigot, HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\APPDATALOW\SOFTWARE\SETTINGS MANAGER, Quarantined, [205f0945cbcf181e999ae008b44fd42c], PUP.Optional.Spigot, HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{052FF931-BCCB-47C9-B0F6-8A88D1789BFB}, Quarantined, [225d004e5b3fb87ed9725c5a4db6b64a], Registry Values: 3 PUP.Optional.Spigot, HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\APPDATALOW\SOFTWARE\SETTINGS MANAGER|HP_IE, https://in.search.yahoo.com/?type=994519&fr=spigot-yhp-ie, Quarantined, [205f0945cbcf181e999ae008b44fd42c] PUP.Optional.Spigot, HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\APPDATALOW\SOFTWARE\SETTINGS MANAGER|HP_FF, https://in.search.yahoo.com/?type=994519&fr=spigot-yhp-ff, Quarantined, [215e51fde5b5ce6847ec7f695da69c64] PUP.Optional.Spigot, HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{052FF931-BCCB-47C9-B0F6-8A88D1789BFB}|URL, https://in.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms},Quarantined, [225d004e5b3fb87ed9725c5a4db6b64a] Registry Data: 1 PUP.Optional.Spigot, HKU\S-1-5-21-3559879560-2752497012-24936758-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://in.search.yahoo.com/?type=994519&fr=spigot-yhp-ie, Good: (www.google.com), Bad: (https://in.search.yahoo.com/?type=994519&fr=spigot-yhp-ie),Replaced,[6c13c28c62383df9fe6c483021e3639d] Folders: 0 (No malicious items detected) Files: 2 PUP.Optional.ConvertAd, C:\Users\Samrat\AppData\Local\Temp\sps.exe, Delete-on-Reboot, [1768da74386272c4da7f3296a0614fb1], PUP.Optional.Spigot, C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\ks92n2qt.default-1468912065984\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://in.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=994519&p="),Replaced,[97e891bdeab0f73f5d1b4b4eca3a4ab6] Physical Sectors: 0 (No malicious items detected) (end)
  11. It is showing in Chinese...which i can't understand
  12. Problem with adobe icon is cleared but have an another problem
  13. The adobe reader still shows the Jpeg icon and i cannot change the icon.Change icon is greyed out.
  14. ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 07:34 - 2012-11-28 09:57 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3559879560-2752497012-24936758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Samrat\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg HKU\S-1-5-21-3559879560-2752497012-24936758-1004\Control Panel\Desktop\\Wallpaper -> DNS Servers: 202.53.8.8 - 202.53.8.9 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TVR Scheduler.lnk => C:\Windows\pss\TVR Scheduler.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: LGODDFU => "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot HKLM\...\StartupApproved\Run: => "EaseUS EPM tray" HKLM\...\StartupApproved\Run: => "HTC Sync Loader" HKLM\...\StartupApproved\Run: => "BlueStacks Agent" HKLM\...\StartupApproved\Run: => "Tencent" HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\StartupApproved\Run: => "RGSC" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{16EFD293-F4A9-46A3-9660-E2E8369FB11F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{65BE0C3C-A9C2-4D70-BD83-726020521830}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{2AE96598-F7B1-463B-B5EA-A2F2F9728A78}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{55E792B1-DB6C-490C-B5CB-9FD99A2F3AE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{BB047823-55C6-4ADF-82CF-22D4A2412994}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{2F165ACA-847B-4B00-A370-B3BA656311A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{1C7308D7-60E3-4327-9F36-DC75D5AE98E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [uDP Query User{83BFA110-5302-47D2-BB72-4832414E3523}C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{C176F8CE-719F-40A2-87CC-410DA4BC1D22}C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [uDP Query User{9773B2BA-A44A-4555-A920-A7E396294E69}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [TCP Query User{1275B1D3-8B1B-4649-95B3-9921AD80DDF1}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe FirewallRules: [{B202E51E-489D-4C39-9FE2-EBB729E49C1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{F1BBE1E1-5399-4389-96C0-1F1348942E5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E6B48F0D-093E-4F5D-BC41-33CB1209C5DB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{C7C3C4D7-612D-4575-B2C7-04BE5304A0A7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{4C14FA24-1A45-48D3-B9BD-CD1FB5DBD5F3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{989501A5-5283-4E87-85FA-1007CEFDA5F2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{D936D009-0820-4529-979C-E7B41BFF8A38}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe FirewallRules: [{52E8D2B5-2FFF-47F0-8E71-5C8F27E059B7}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [TCP Query User{71F5B673-A798-42F9-BA71-56D115022419}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe FirewallRules: [uDP Query User{88F026A7-40CF-473F-A1BB-AEAC22007311}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe FirewallRules: [{6723F246-C472-4591-A02B-18443CA64751}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{E107D98A-6CF0-44D2-B905-4076A2802824}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe FirewallRules: [{A8E65E91-6F84-437D-AB3F-0067B257B3E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{1450963B-60C8-41D6-A585-ABA38C85D444}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{F66D5336-3841-41A5-9713-B17D6D5B64E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{CDE5E8B5-FE81-4570-9200-DB71B2646227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{1469F424-A49F-4057-80D7-7781525235BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E45B5A02-B251-41D3-B9F0-A2CC36AB6481}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{6B3F143A-0BC4-4C3D-B4D2-16795CC956B2}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6D69D31A-0FE9-407A-9723-F030B552995D}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{ADDC5571-EBAF-4C75-B4B5-924007AC74ED}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{EB51376B-9068-4F10-9CA3-41F374B9AB2C}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe FirewallRules: [{045E4682-FF8C-47B7-9403-F0399E415C68}] => (Allow) C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{DAC7B14D-4C9D-4FFB-938E-3DFE93C085CD}] => (Allow) C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{0F234DE0-1E11-4E04-9314-DA7BDB7DA7A5}] => (Allow) LPort=8743 FirewallRules: [{382250AE-90FE-45BB-9991-981CF4239AD4}] => (Allow) LPort=8643 FirewallRules: [{3D0BB31A-80DD-4BBC-A3B7-B1A849DF72A7}] => (Allow) LPort=7676 FirewallRules: [{FB64994D-266C-4107-9315-234E1B094FB0}] => (Allow) LPort=7679 FirewallRules: [{0F286A75-12AD-4B16-934A-7EFF3E119B49}] => (Allow) LPort=24234 FirewallRules: [{A28BE716-47DB-4F36-82AB-6163CF91CA84}] => (Allow) LPort=7900 FirewallRules: [{874A2225-CA96-4548-9303-8920FBC06BB6}] => (Allow) LPort=1900 FirewallRules: [{209569D1-9F93-42D3-8A40-5E68411A29C8}] => (Allow) C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{99B45793-75AD-46A2-9D7F-A49E1C46B14D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{A2AAA5C7-6E20-4F99-9C7D-6081C0E78BAD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{EEE83C9E-73F6-4EC6-B8A3-5E6607E6FFF2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{AC918F41-410E-43EB-8D9D-2034A69C3395}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{DFCF347E-EA51-4327-A3DD-6C054C4FFE25}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{73228A62-20C1-4F2A-9DB1-F473C1420F8C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{E6DAC240-F468-4884-9A43-1ECE6B0E915E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{F6183998-3F2C-489D-AFB1-B918BCA7D82C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{7213D2E3-3DED-43AE-869B-DC94AC2134C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F05009AC-8CD1-4E7E-A405-51FDCD280B1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C42EE036-E821-4647-A868-9D9EAA78FCDE}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A85BDF7E-7768-4114-A6CF-A6DCEBF53ADB}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F96FA6A1-010A-4756-BBC0-64C3D81107FA}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{5A9E5DC1-0FA8-4435-B666-71B451F34DD6}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{DFF13C2D-394F-4498-9F02-D304D0E8FFF9}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{9945821E-DF9C-4CD3-8BF1-0447390DFA67}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{A9529B03-5D2E-4AFB-9B2B-71905A87F90F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{C0E04B6C-AE0B-4532-BCEB-E25A07607798}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{54FE5DE8-3024-4697-827C-D57CFEDC9870}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{2E3F4584-7C1E-4436-9EBC-FC3F7574D741}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{94878442-15C9-4912-908D-BA43F1181118}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{F4F84BA7-6979-4D16-8D29-17100034B50E}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/26/2015 09:48:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (12/26/2015 09:48:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (12/26/2015 09:13:28 AM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC) Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error: (12/25/2015 08:12:33 PM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC) Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error: (12/25/2015 05:30:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] Error: (12/25/2015 05:30:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0] Error: (12/25/2015 03:13:45 PM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC) Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel. Error: (12/25/2015 12:03:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAMRAT-PC) Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/25/2015 12:03:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAMRAT-PC) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (12/25/2015 10:13:32 AM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC) Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel. System errors: ============= Error: (12/26/2015 10:14:23 AM) (Source: DCOM) (EventID: 10016) (User: SAMRAT-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Samrat-PCSamratS-1-5-21-3559879560-2752497012-24936758-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (12/26/2015 10:14:23 AM) (Source: DCOM) (EventID: 10016) (User: SAMRAT-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Samrat-PCSamratS-1-5-21-3559879560-2752497012-24936758-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (12/26/2015 09:47:40 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Tomcat7 service terminated with the following service-specific error: %%0 Error: (12/26/2015 09:47:33 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The HomeGroupListener service terminated with the following service-specific error: %%2147944153 Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect. Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect. Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect. Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect. Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect. Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect. CodeIntegrity: =================================== Date: 2015-12-19 10:48:50.908 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-17 21:25:44.134 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:44.082 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:44.033 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:43.976 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:43.914 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:43.900 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:41.943 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:41.877 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-17 21:25:41.859 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Pentium® Dual CPU E2200 @ 2.20GHz Percentage of memory in use: 62% Total physical RAM: 2814.49 MB Available physical RAM: 1067.18 MB Total Virtual: 5630.49 MB Available Virtual: 3424.54 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:109.56 GB) (Free:68.95 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive e: () (Fixed) (Total:39.04 GB) (Free:24.3 GB) NTFS Drive i: (New Volume) (Fixed) (Total:232.88 GB) (Free:228.38 GB) NTFS Drive j: (New Volume) (Fixed) (Total:232.88 GB) (Free:215.68 GB) NTFS Drive k: (New Volume) (Fixed) (Total:232.88 GB) (Free:169.77 GB) NTFS Drive l: (New Volume) (Fixed) (Total:232.88 GB) (Free:201.28 GB) NTFS Drive m: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:73.26 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 18A0189F) Partition 1: (Active) - (Size=109.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=449 MB) - (Type=27) Partition 3: (Not Active) - (Size=39 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2FDBF25D) Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=698.6 GB) - (Type=OF Extended) ======================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 6DD7CDDA) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================