Jump to content


Photo

Adobe Reader Icon Changed to Image Icon...


  • This topic is locked This topic is locked
13 replies to this topic

#1 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 25 December 2015 - 03:04 AM

Hi

I am Using Windows 10 PC.Recently i see change in adobe reader shortcut icon and i see picture/jpg icon. is my system affected.I am attaching respective logs

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 18-Dec-15
Scan Time: 9:28 AM
Logfile: mbm.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.12.18.01
Rootkit Database: v2015.12.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x86
File System: NTFS
User: Samrat

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 404883
Time Elapsed: 1 hr, 42 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

-----------------------------------------------------------------

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.10586.20  BrowserJavaVersion: 11.45.2
Run by Samrat at 12:37:19 on 2015-12-25
Microsoft Windows 10 Pro  10.0.10586.0.1252.1.1033.18.2814.465 [GMT 5.5:30]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
C:\WINDOWS\system32\conhost.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\sihost.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\WINDOWS\system32\conhost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Samrat\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\FAHWindow32.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
C:\Program Files\WinZip\WZUpdateNotifier.exe
C:\Program Files\WinZip\WzPreloader.exe
C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Microsoft Office\Root\Office16\MsoSync.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\WINDOWS\system32\Macromed\Flash\FlashPlayerPlugin_20_0_0_235.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\conhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\svchost.exe -k HPZ12
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\root\office16\OCHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_45\bin\ssv.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - c:\program files\microsoft office\root\office16\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_45\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Facebook Update] "c:\users\samrat\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "c:\users\samrat\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ApacheTomcatMonitor7.0_Tomcat7] "c:\program files\apache software foundation\tomcat 7.0\bin\Tomcat7w.exe" //MS//Tomcat7
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [uTorrent] "c:\users\samrat\appdata\roaming\utorrent\uTorrent.exe"  /MINIMIZED
uRun: [Dropbox Update] "c:\users\samrat\appdata\local\dropbox\update\DropboxUpdate.exe" /c
uRun: [OneDrive] "c:\users\samrat\appdata\local\microsoft\onedrive\OneDrive.exe" /background
mRun: [RTHDVCPL] "c:\program files\realtek\audio\hda\RtHDVCpl.exe" -s
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [EaseUS EPM tray] c:\program files\easeus\easeus partition master 9.1.1 home edition\bin\EpmNews.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [RealDownloader] c:\program files\realnetworks\realdownloader\downloader2.exe
mRun: [Samsung Link] "c:\program files\samsung\samsung link\Samsung Link Tray Agent.exe"
mRun: [Tencent] "c:\program files\tencent\Tencent.exe" http://down.baidu2016.com/qq/test.txt/start
mRun: [MTview] c:\program files\mtv20151125\MTView.exe -mini
StartupFolder: c:\users\samrat\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\samrat\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\fah.lnk - c:\program files\winzip\FAHConsole.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\realpl~1.lnk - c:\program files\real\realplayer\rpds\bin\rpsystray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\realti~1.lnk - c:\program files\real\realplayer\rpds\bin\rpsystray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\update~1.lnk - c:\program files\winzip\WZUpdateNotifier.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WzPreloader.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\program files\microsoft office\root\office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\microsoft office\root\office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\root\office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft office\root\office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\root\office16\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 202.53.8.8 202.53.8.9
TCP: Interfaces\{ebd637a9-9c05-4add-a4f0-fc6d4b516199} : DHCPNameServer = 202.53.8.8 202.53.8.9
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\system32\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\system32\tbauth.dll
SSODL: WebCheck - <orphaned>
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - c:\windows\system32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\samrat\appdata\roaming\mozilla\firefox\profiles\uiyrbsa7.default-1391762422109\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\program files\adobe\acrobat reader dc\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_45\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft office\root\office16\NPSPWRAP.DLL
FF - plugin: c:\program files\microsoft office\root\vfs\programfilesx86\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.41105.0\npctrlui.dll
FF - plugin: c:\program files\mie\alternatiff\npzzatif.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\users\samrat\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\samrat\appdata\local\google\update\1.3.29.1\npGoogleUpdate3.dll
FF - plugin: c:\users\samrat\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\samrat\appdata\roaming\mozilla\plugins\npo1d.dll
FF - plugin: c:\users\samrat\appdata\roaming\visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_20_0_0_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;c:\windows\system32\drivers\WindowsTrustedRT.sys [2015-10-30 86552]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;c:\windows\system32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 15384]
R0 Wof;Windows Overlay File System Filter Driver;c:\windows\system32\drivers\wof.sys [2015-10-30 173408]
R1 ahcache;Application Compatibility Cache;c:\windows\system32\drivers\ahcache.sys [2015-10-30 183296]
R1 FileCrypt;FileCrypt;c:\windows\system32\drivers\filecrypt.sys [2015-10-30 76288]
R1 GpuEnergyDrv;GPU Energy Driver;c:\windows\system32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R1 MpKsl13ceec59;MpKsl13ceec59;c:\programdata\microsoft\windows defender\definition updates\{6a0296b4-f6ce-45a4-bcba-b46942da4312}\MpKsl13ceec59.sys [2015-12-23 39168]
R1 MpKsl1e7fa775;MpKsl1e7fa775;c:\programdata\microsoft\windows defender\definition updates\{964bef96-9889-4cf3-8213-67bbc577cf02}\MpKsl1e7fa775.sys [2015-12-18 39168]
R1 MpKsl9e525e6e;MpKsl9e525e6e;c:\programdata\microsoft\windows defender\definition updates\{02ca7ed0-ab2c-4d4a-8902-2c7d87e7a713}\MpKsl9e525e6e.sys [2015-12-25 39168]
R2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\samsung\allshare framework dms\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 401800]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\skype\toolbars\autoupdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\skype\toolbars\pnrsvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;c:\program files\common files\microsoft shared\clicktorun\OfficeClickToRun.exe [2015-9-25 1885368]
R2 CoreMessagingRegistrar;CoreMessaging;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 37256]
R2 DiagTrack;Connected User Experiences and Telemetry;c:\windows\system32\svchost.exe -k utcsvc [2015-10-30 37256]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2015-11-9 123968]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-5-18 1513784]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-5-18 1135416]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2014-1-27 773968]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe [2013-10-22 14574368]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2013-6-8 167424]
R2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\rpds\bin\rpdsvc.exe [2015-8-30 1115736]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\real\updateservice\RealPlayerUpdateSvc.exe [2015-11-4 33088]
R2 RealTimes Desktop Service;RealTimes Desktop Service;c:\program files\real\realplayer\rpds\bin\rpdsvc.exe [2015-8-30 1115736]
R2 Samsung Link Service;Samsung Link Service;c:\program files\samsung\samsung link\Samsung Link.exe [2015-12-9 581984]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2015-11-20 416432]
R2 storqosflt;Storage QoS Filter Driver;c:\windows\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 3xHybrid;SAA713x TV Card Service;c:\windows\system32\drivers\3xHybrid.sys [2010-12-1 1141888]
R3 DsSvc;Data Sharing Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
R3 lfsvc;Geolocation Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
R3 LicenseManager;Windows License Manager Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-12-17 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-5-18 170200]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-12-17 51928]
R3 NcbService;Network Connection Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;c:\windows\system32\drivers\NdisVirtualBus.sys [2015-10-30 15872]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-10-22 33568]
R3 rt640x86;Realtek RT640 NT Driver;c:\windows\system32\drivers\rt640x86.sys [2015-10-30 494080]
R3 StateRepository;State Repository Service;c:\windows\system32\svchost.exe -k appmodel [2015-10-30 37256]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;c:\windows\system32\drivers\WdNisDrv.sys [2015-10-30 98648]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\drivers\WUDFRd.sys [2015-10-30 163328]
S2 DoSvc;Delivery Optimization;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S2 MapsBroker;Downloaded Maps Manager;c:\windows\system32\svchost.exe -k NetworkService [2015-10-30 37256]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2015-7-9 327296]
S3 ADP80XX;ADP80XX;c:\windows\system32\drivers\adp80xx.sys [2015-10-30 1038176]
S3 AJRouter;AllJoyn Router Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
S3 AppReadiness;App Readiness;c:\windows\system32\svchost.exe -k AppReadiness [2015-10-30 37256]
S3 AppXSvc;AppX Deployment Service (AppXSVC);c:\windows\system32\svchost.exe -k wsappx [2015-10-30 37256]
S3 bcmfn;bcmfn Service;c:\windows\system32\drivers\bcmfn.sys [2015-10-30 8192]
S3 bcmfn2;bcmfn2 Service;c:\windows\system32\drivers\bcmfn2.sys [2015-10-30 8192]
S3 BthHFSrv;Bluetooth Handsfree Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 37256]
S3 buttonconverter;Service for Portable Device Control devices;c:\windows\system32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;HID driver for CapImg touch screen;c:\windows\system32\drivers\capimg.sys [2015-12-3 96768]
S3 ClipSVC;Client License Service (ClipSVC);c:\windows\system32\svchost.exe -k wsappx [2015-10-30 37256]
S3 DcpSvc;DataCollectionPublishingService;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 DevQueryBroker;DevQuery Background Discovery Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2014-1-22 88576]
S3 diagnosticshub.standardcollector.service;Microsoft ® Diagnostics Hub Standard Collector Service;c:\windows\system32\diagsvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;Device Management Enrollment Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 dmwappushservice;dmwappushsvc;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 embeddedmode;embeddedmode;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 EntAppSvc;Enterprise App Management Service;c:\windows\system32\svchost.exe -k appmodel [2015-10-30 37256]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2014-11-4 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2014-11-4 8456]
S3 genericusbfn;Generic USB Function Class;c:\windows\system32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;Intel SoC GPIO Controller Driver;c:\windows\system32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;c:\windows\system32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2012-12-7 23040]
S3 iai2c;Intel® Serial IO I2C Host Controller;c:\windows\system32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;Intel® Atom™ Processor I2C Controller Service;c:\windows\system32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 iaStorAV;Intel® SATA RAID Controller Windows;c:\windows\system32\drivers\iaStorAV.sys [2015-10-30 524632]
S3 icssvc;Windows Mobile Hotspot Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 37256]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2015-10-30 107008]
S3 intelpep;Intel® Power Engine Plug-in Driver;c:\windows\system32\drivers\intelpep.sys [2015-10-30 40288]
S3 IoQos;IoQos;c:\windows\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;c:\program files\common files\lenovo\easyplussdk\bin\EPHotspot.exe [2015-7-18 509424]
S3 LSI_SAS2i;LSI_SAS2i;c:\windows\system32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S3 LSI_SAS3i;LSI_SAS3i;c:\windows\system32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S3 NetSetupSvc;Network Setup Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 NgcCtnrSvc;Microsoft Passport Container;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 37256]
S3 NgcSvc;Microsoft Passport;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 percsas2i;percsas2i;c:\windows\system32\drivers\percsas2i.sys [2015-10-30 51040]
S3 percsas3i;percsas3i;c:\windows\system32\drivers\percsas3i.sys [2015-10-30 51552]
S3 PhoneSvc;Phone Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
S3 RetailDemo;Retail Demo Service;c:\windows\system32\svchost.exe -k netsvcs [2015-10-30 37256]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 SensorDataService;Sensor Data Service;c:\windows\system32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;Sensor Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 SerCx2;Serial UART Support Library;c:\windows\system32\drivers\SerCx2.sys [2015-10-30 121696]
S3 smphost;Microsoft Storage Spaces SMP;c:\windows\system32\svchost.exe -k smphost [2015-10-30 37256]
S3 SmsRouter;Microsoft Windows SMS Router Service.;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 37256]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2014-1-22 184192]
S3 stornvme;Microsoft Standard NVM Express Driver;c:\windows\system32\drivers\stornvme.sys [2015-10-30 65376]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;c:\windows\system32\drivers\storufs.sys [2015-10-30 27992]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;c:\windows\system32\drivers\UcmCx.sys [2015-10-30 45056]
S3 UcmUcsi;USB Connector Manager UCSI Client;c:\windows\system32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library;c:\windows\system32\drivers\Udecx.sys [2015-10-30 32768]
S3 UEFI;Microsoft UEFI Driver;c:\windows\system32\drivers\uefi.sys [2015-10-30 23392]
S3 Ufx01000;USB Function Class Extension;c:\windows\system32\drivers\ufx01000.sys [2015-10-30 200032]
S3 UfxChipidea;USB Chipidea Controller;c:\windows\system32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;USB Synopsys Controller;c:\windows\system32\drivers\ufxsynopsys.sys [2015-10-30 104800]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;c:\windows\system32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsCx01000;USB Role-Switch Support Library;c:\windows\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;c:\windows\system32\drivers\urssynopsys.sys [2015-10-30 21856]
S3 vhf;Virtual HID Framework (VHF) Driver;c:\windows\system32\drivers\vhf.sys [2015-10-30 24064]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 wdiwifi;WDI Driver Framework;c:\windows\system32\drivers\WdiWiFi.sys [2015-10-30 497152]
S3 xboxgip;Xbox Game Input Protocol Driver;c:\windows\system32\drivers\xboxgip.sys [2015-10-30 200704]
S3 xinputhid;XINPUT HID Filter Driver;c:\windows\system32\drivers\xinputhid.sys [2015-10-30 18944]
S4 CDPSvc;Connected Device Platform Service;c:\windows\system32\svchost.exe -k LocalService [2015-10-30 37256]
.
=============== Created Last 30 ================
.
2015-12-25 04:06:38    39168    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{02ca7ed0-ab2c-4d4a-8902-2c7d87e7a713}\MpKsl9e525e6e.sys
2015-12-25 04:02:03    --------    d--h--w-    C:\OneDriveTemp
2015-12-24 07:49:22    9014120    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{02ca7ed0-ab2c-4d4a-8902-2c7d87e7a713}\mpengine.dll
2015-12-23 09:54:35    9014120    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2015-12-23 09:37:47    301224    ----a-w-    c:\program files\mozilla firefox\tobedeleted\rep885.tmp
2015-12-23 04:41:09    39168    ------w-    c:\programdata\microsoft\windows defender\definition updates\{6a0296b4-f6ce-45a4-bcba-b46942da4312}\MpKsl13ceec59.sys
2015-12-18 10:15:09    39168    ------w-    c:\programdata\microsoft\windows defender\definition updates\{964bef96-9889-4cf3-8213-67bbc577cf02}\MpKsl1e7fa775.sys
2015-12-18 03:41:59    607744    ----a-w-    c:\windows\system32\MapsStore.dll
2015-12-17 18:02:37    51928    ----a-w-    c:\windows\system32\drivers\mwac.sys
2015-12-17 18:02:37    23256    ----a-w-    c:\windows\system32\drivers\mbam.sys
2015-12-17 15:45:36    --------    d-----w-    c:\users\samrat\appdata\local\Nico Mak Computing
2015-12-17 15:45:27    --------    d-----w-    c:\users\samrat\appdata\local\WinZip
2015-12-17 13:33:33    85328    ----a-w-    c:\program files\common files\microsoft shared\clicktorun\updates\16.0.6366.2036\vcruntime140.dll
2015-12-17 13:33:32    439608    ----a-w-    c:\program files\common files\microsoft shared\clicktorun\updates\16.0.6366.2036\msvcp140.dll
2015-12-10 16:06:49    912000    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{50f8ab16-511e-4f36-b443-cd67ca00468b}\gapaengine.dll
2015-12-04 01:25:16    202928    ----a-w-    c:\program files\common files\microsoft shared\source engine\OSE.EXE
2015-12-04 01:24:58    354512    ----a-w-    c:\program files\common files\microsoft shared\office16\LICLUA.EXE
2015-12-04 01:24:58    16064    ----a-w-    c:\program files\common files\microsoft shared\office16\office setup controller\pkeyconfig.companion.dll
2015-12-03 04:10:31    1268736    ----a-w-    c:\windows\system32\Windows.UI.Xaml.Resources.dll
2015-12-03 04:10:27    5797728    ----a-w-    c:\windows\system32\ntoskrnl.exe
2015-12-03 04:10:23    689152    ----a-w-    c:\windows\system32\modernexecserver.dll
2015-12-03 04:10:00    951808    ----a-w-    c:\windows\system32\wwansvc.dll
2015-12-03 04:10:00    67072    ----a-w-    c:\windows\system32\wwanprotdim.dll
2015-11-26 13:04:42    --------    d-----w-    c:\users\samrat\appdata\roaming\RealNetworks
2015-11-26 13:04:32    --------    d---a-w-    c:\program files\RealNetworks
2015-11-26 13:04:32    --------    d-----w-    c:\programdata\RealNetworks
2015-11-26 13:04:00    --------    d-----w-    c:\program files\common files\xing shared
2015-11-25 14:16:26    704352    ----a-w-    c:\windows\system32\WWAHost.exe
2015-11-25 14:16:26    227840    ----a-w-    c:\windows\system32\deviceaccess.dll
2015-11-25 14:16:26    204800    ----a-w-    c:\windows\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-11-25 12:33:57    --------    d-----w-    c:\windows\system32\SleepStudy
.
==================== Find3M  ====================
.
2015-12-25 06:33:24    170200    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2015-12-09 03:39:28    247976    ------w-    c:\windows\system32\MpSigStub.exe
2015-12-07 04:57:01    973664    ----a-w-    c:\windows\system32\LicenseManager.dll
2015-12-07 04:49:41    309088    ----a-w-    c:\windows\system32\wifitask.exe
2015-12-07 04:48:25    502112    ----a-w-    c:\windows\system32\NetSetupEngine.dll
2015-12-07 04:48:24    84832    ----a-w-    c:\windows\system32\NetSetupApi.dll
2015-12-07 04:48:08    670928    ----a-w-    c:\windows\system32\mfds.dll
2015-12-07 04:48:08    2180136    ----a-w-    c:\windows\system32\mfcore.dll
2015-12-07 04:48:02    450904    ----a-w-    c:\windows\system32\MFCaptureEngine.dll
2015-12-07 04:48:01    462760    ----a-w-    c:\windows\system32\mfreadwrite.dll
2015-12-07 04:48:01    1118208    ----a-w-    c:\windows\system32\mfnetsrc.dll
2015-12-07 04:48:00    983464    ----a-w-    c:\windows\system32\mfasfsrcsnk.dll
2015-12-07 04:48:00    884256    ----a-w-    c:\windows\system32\mfmp4srcsnk.dll
2015-12-07 04:48:00    289248    ----a-w-    c:\windows\system32\MFPlay.dll
2015-12-07 04:47:58    116720    ----a-w-    c:\windows\system32\mfps.dll
2015-12-07 04:47:57    925064    ----a-w-    c:\windows\system32\mfplat.dll
2015-12-07 04:47:57    898184    ----a-w-    c:\windows\system32\mfsrcsnk.dll
2015-12-07 04:47:54    716928    ----a-w-    c:\windows\system32\mfmpeg2srcsnk.dll
2015-12-07 04:45:03    203104    ----a-w-    c:\windows\system32\ContentDeliveryManager.Utilities.dll
2015-12-07 04:12:17    820224    ----a-w-    c:\windows\system32\XboxNetApiSvc.dll
2015-12-07 04:11:50    40448    ----a-w-    c:\windows\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-07 04:06:32    572928    ----a-w-    c:\windows\system32\WpcWebFilter.dll
2015-12-07 04:05:46    25600    ----a-w-    c:\windows\system32\StorageUsage.dll
2015-12-07 04:05:37    73728    ----a-w-    c:\windows\system32\policymanagerprecheck.dll
2015-12-07 04:05:18    109056    ----a-w-    c:\windows\system32\flvprophandler.dll
2015-12-07 04:03:48    103424    ----a-w-    c:\windows\system32\wificonnapi.dll
2015-12-07 04:03:46    13017600    ----a-w-    c:\windows\system32\Windows.UI.Xaml.dll
2015-12-07 04:03:41    53248    ----a-w-    c:\windows\system32\ProvPluginEng.dll
2015-12-07 04:03:00    151552    ----a-w-    c:\windows\system32\KnobsCore.dll
2015-12-07 04:02:54    477696    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2015-12-07 04:02:49    161280    ----a-w-    c:\windows\system32\InstallAgent.exe
2015-12-07 04:01:43    34304    ----a-w-    c:\windows\system32\BackgroundTransferHost.exe
2015-12-07 04:01:27    135168    ----a-w-    c:\windows\system32\provisioningcsp.dll
2015-12-07 04:00:47    44032    ----a-w-    c:\windows\system32\provtool.exe
2015-12-07 04:00:38    50688    ----a-w-    c:\windows\system32\moshost.dll
2015-12-07 03:58:27    203264    ----a-w-    c:\windows\system32\moshostcore.dll
2015-12-07 03:57:40    409088    ----a-w-    c:\windows\system32\StoreAgent.dll
2015-12-07 03:57:28    270848    ----a-w-    c:\windows\system32\MSFlacDecoder.dll
2015-12-07 03:57:24    168448    ----a-w-    c:\windows\system32\wcmcsp.dll
2015-12-07 03:57:21    140288    ----a-w-    c:\windows\system32\NetSetupSvc.dll
2015-12-07 03:57:15    497664    ----a-w-    c:\windows\system32\StorSvc.dll
2015-12-07 03:57:07    97792    ----a-w-    c:\windows\system32\dialserver.dll
2015-12-07 03:56:20    199168    ----a-w-    c:\windows\system32\provhandlers.dll
2015-12-07 03:56:18    204288    ----a-w-    c:\windows\system32\provengine.dll
2015-12-07 03:56:10    433664    ----a-w-    c:\windows\system32\MBMediaManager.dll
2015-12-07 03:55:59    120832    ----a-w-    c:\windows\system32\provdatastore.dll
2015-12-07 03:55:02    346112    ----a-w-    c:\windows\system32\MapConfiguration.dll
2015-12-07 03:54:56    569856    ----a-w-    c:\windows\system32\qdvd.dll
2015-12-07 03:53:28    381952    ----a-w-    c:\windows\system32\mfmkvsrcsnk.dll
2015-12-07 03:53:08    484864    ----a-w-    c:\windows\system32\wcmsvc.dll
2015-12-07 03:49:01    1105920    ----a-w-    c:\windows\system32\Windows.Media.Audio.dll
2015-12-07 03:48:39    1028608    ----a-w-    c:\windows\system32\wifinetworkmanager.dll
2015-12-07 03:48:11    192512    ----a-w-    c:\windows\system32\fveapibase.dll
2015-12-07 03:48:02    6297088    ----a-w-    c:\windows\system32\mos.dll
2015-12-07 03:45:53    683008    ----a-w-    c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:03    1793024    ----a-w-    c:\windows\system32\NetworkMobileSettings.dll
2015-12-07 03:44:48    2796032    ----a-w-    c:\windows\system32\Windows.Media.dll
2015-12-07 03:44:21    2977280    ----a-w-    c:\windows\system32\win32kfull.sys
2015-12-07 03:41:02    2061824    ----a-w-    c:\windows\system32\MFMediaEngine.dll
2015-12-07 03:40:08    1706496    ----a-w-    c:\windows\system32\ActiveSyncProvider.dll
2015-12-07 03:38:14    871936    ----a-w-    c:\windows\system32\MSMPEG2ENC.DLL
2015-12-07 03:37:04    614912    ----a-w-    c:\windows\system32\fveapi.dll
2015-12-07 03:34:06    301056    ----a-w-    c:\windows\system32\MDEServer.exe
2015-12-01 06:51:38    1821024    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2015-12-01 00:33:29    826872    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2015-12-01 00:33:29    176632    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2015-11-26 13:02:30    505616    ----a-w-    c:\windows\system32\msvcp71.dll
2015-11-26 13:02:30    354064    ----a-w-    c:\windows\system32\msvcr71.dll
2015-11-24 11:04:57    1539744    ----a-w-    c:\windows\system32\ntdll.dll
2015-11-24 09:26:34    1273728    ----a-w-    c:\windows\system32\user32.dll
2015-11-24 08:54:21    2756096    ----a-w-    c:\windows\system32\mshtml.tlb
2015-11-24 08:48:09    7680    ----a-w-    c:\windows\system32\readingviewresources.dll
2015-11-24 08:47:41    89600    ----a-w-    c:\windows\system32\win32k.sys
2015-11-24 08:39:54    14848    ----a-w-    c:\windows\system32\wshrm.dll
2015-11-24 08:33:18    121856    ----a-w-    c:\windows\system32\drivers\rmcast.sys
2015-11-24 08:19:38    140800    ----a-w-    c:\windows\system32\shutdownux.dll
2015-11-24 08:14:34    415744    ----a-w-    c:\windows\system32\catsrvut.dll
2015-11-24 08:03:47    503296    ----a-w-    c:\windows\system32\vbscript.dll
2015-11-24 08:02:09    1154560    ----a-w-    c:\windows\system32\win32kbase.sys
2015-11-24 07:59:27    1467392    ----a-w-    c:\windows\system32\GdiPlus.dll
2015-11-24 07:57:56    1328128    ----a-w-    c:\windows\system32\comsvcs.dll
2015-11-24 07:11:35    18678272    ----a-w-    c:\windows\system32\edgehtml.dll
2015-11-24 07:04:25    2155008    ----a-w-    c:\windows\system32\authui.dll
2015-11-22 10:41:04    1859448    ----a-w-    c:\windows\system32\CoreUIComponents.dll
2015-11-22 10:26:06    431232    ----a-w-    c:\windows\system32\WWanAPI.dll
2015-11-22 10:25:38    63528    ----a-w-    c:\windows\system32\wwapi.dll
2015-11-22 10:24:35    51128    ----a-w-    c:\windows\system32\SensorsNativeApi.dll
2015-11-22 10:24:16    43376    ----a-w-    c:\windows\system32\SensorsUtilsV2.dll
2015-11-22 10:23:55    76128    ----a-w-    c:\windows\system32\drivers\sdstor.sys
2015-11-22 10:20:27    139616    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2015-11-22 10:20:25    504624    ----a-w-    c:\windows\system32\drivers\cng.sys
2015-11-22 10:14:03    2185840    ----a-w-    c:\windows\system32\d3d11.dll
2015-11-22 10:12:55    320352    ----a-w-    c:\windows\apppatch\AcRes.dll
2015-11-22 10:09:52    641728    ----a-w-    c:\windows\system32\generaltel.dll
2015-11-22 10:08:32    364176    ----a-w-    c:\windows\system32\services.exe
2015-11-22 09:48:35    74752    ----a-w-    c:\windows\system32\MapsCSP.dll
2015-11-22 09:48:33    58368    ----a-w-    c:\windows\system32\MosResource.dll
2015-11-22 09:45:32    9728    ----a-w-    c:\windows\system32\Microsoft-Windows-MosHost.dll
2015-11-22 09:45:14    10240    ----a-w-    c:\windows\system32\Microsoft-Windows-MosTrace.dll
2015-11-22 09:45:09    36352    ----a-w-    c:\windows\system32\UIAutomationCoreRes.dll
.
============= FINISH: 12:47:13.44 ===============

-------------------------------------------------------------------------------------------------------------------------------------------

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 JavaFX 2.1.1    
 Java 8 Update 45  
 Java version 32-bit out of Date!
 Adobe Flash Player     20.0.0.235  
 Mozilla Firefox (43.0.2)
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Windows Defender MpCmdRun.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````
 



#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,165 posts

Posted 25 December 2015 - 08:54 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
  • IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
  • If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
  • ===
     
     
    Download the version of this tool for your operating system.
    and save it to a folder on your computer's Desktop.
    Double-click to run it. When the tool opens click Yes to disclaimer.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
     
    How to attach a file to your reply:
    In the Reply section in the bottom of the topic Click the "more reply Options" button.
    attachlogs.png
     
    Attach the file.
    Select the "Choose a File" navigate to the location of the File.
    Click the file you wish to Attach.
     
    Click the Add reply button.
    ===
     
     
    Wait for further instructions.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #3 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 25 December 2015 - 11:26 PM

    # AdwCleaner v5.026 - Logfile created 26/12/2015 at 09:44:58
    # Updated 21/12/2015 by Xplode
    # Database : 2015-12-23.1 [Server]
    # Operating system : Windows 10 Pro  (x86)
    # Username : Samrat - SAMRAT-PC
    # Running from : C:\Users\Samrat\Desktop\adwcleaner_5.026.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****

    [-] Folder Deleted : C:\Program Files\kmspico
    [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tencent
    [-] Folder Deleted : C:\Users\Samrat\AppData\Roaming\Common\LuaRT

    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
    [-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
    [-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
    [-] Key Deleted : HKU\S-1-5-21-3559879560-2752497012-24936758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SlimWare Utilities Inc

    ***** [ Web browsers ] *****


    *************************

    :: "Tracing" keys removed
    :: Winsock settings cleared

    ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1233 bytes] ##########
     



    #4 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 25 December 2015 - 11:54 PM

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-12-2015
    Ran by Samrat (administrator) on SAMRAT-PC (26-12-2015 10:06:40)
    Running from C:\Users\Samrat\Desktop
    Loaded Profiles: Samrat & UpdatusUser (Available Profiles: Samrat & UpdatusUser)
    Platform: Microsoft Windows 10 Pro Version 1511 (X86) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Edge)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
    (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
    () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
    (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
    (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow32.exe
    (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
    (BitTorrent Inc.) C:\Users\Samrat\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
    (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
    (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
    (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
    (WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
    (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
    (Dropbox, Inc.) C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE
    (Nero AG) C:\Program Files\Nero\Update\NASvc.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
    HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM\...\Run: [EaseUS EPM tray] => C:\Program Files\EaseUS\EaseUS Partition Master 9.1.1 Home Edition\bin\EpmNews.exe [2086984 2012-11-29] (CHENGDU YIWO Tech Development Co., Ltd)
    HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [286992 2015-11-26] (RealNetworks, Inc.)
    HKLM\...\Run: [RealDownloader] => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [719632 2015-11-04] ()
    HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [575328 2015-03-18] (Copyright 2013 SAMSUNG)
    HKLM\...\Run: [Tencent] => "C:\Program Files\Tencent\Tencent.exe" hxxp://down.baidu2016.com/qq/test.txt /start
    HKLM\...\Run: [MTview] => C:\Program Files\MTV20151125\MTView.exe -mini
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Facebook Update] => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Google Update] => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [ApacheTomcatMonitor7.0_Tomcat7] => C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe [102400 2011-09-28] (Apache Software Foundation)
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3911248 2015-11-09] (Tonec Inc.)
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [uTorrent] => C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-04] (BitTorrent Inc.)
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Dropbox Update] => C:\Users\Samrat\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
    HKU\S-1-5-21-3559879560-2752497012-24936758-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2015-10-30] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
    ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google)
    ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-12-18]
    ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-12-18]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk [2015-12-18]
    ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-12-18]
    ShortcutTarget: RealTimes.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2015-12-18]
    ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-12-18]
    ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
    Startup: C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-18]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 202.53.8.8 202.53.8.9
    Tcpip\..\Interfaces\{ebd637a9-9c05-4add-a4f0-fc6d4b516199}: [DhcpNameServer] 202.53.8.8 202.53.8.9

    Internet Explorer:
    ==================
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3559879560-2752497012-24936758-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-09-28] (Internet Download Manager, Tonec Inc.)
    BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
    BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-11-04] (RealDownloader)
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2015-12-17] (Microsoft Corporation)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-12-17] (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
    BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-17] (Microsoft Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\uiyrbsa7.default-1391762422109
    FF Homepage: about:home
    FF Session Restore: -> is enabled.
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
    FF Plugin: @alternatiff.com/AlternaTIFF -> C:\Program Files\MIE\AlternaTIFF\npzzatif.dll [2013-08-14] (Medical Informatics Engineering, Inc.)
    FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
    FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-12-17] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-17] (Microsoft Corporation)
    FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
    FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
    FF Plugin: @real.com/nppl3260;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-11-26] (RealNetworks, Inc.)
    FF Plugin: @real.com/nprpplugin;version=18.1.2.175 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-11-26] (RealPlayer)
    FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Samrat\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-04] (RocketLife, LLP)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
    FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-04-25] (Google)
    FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @talk.google.com/O1DPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-04-25] (Google)
    FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3559879560-2752497012-24936758-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-10-01] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-04-25] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-04-25] (Google)
    FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-11-09]
    FF Extension: leethax.net extension - C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\uiyrbsa7.default-1391762422109\Extensions\leethax@leethax.net.xpi [2015-12-24]
    FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
    FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-08] [not signed]
    FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext => not found
    FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
    FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
    FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5
    FF Extension: IDM CC - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 [2015-11-29] [not signed]
    FF HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi

    Chrome:
    =======
    CHR Profile: C:\Users\Samrat\AppData\Local\Google\Chrome\User Data\Default
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-07-11]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed]
    R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [1885368 2015-12-04] (Microsoft Corporation)
    S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [509424 2015-06-08] (Lenovo)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [773968 2014-01-27] (Nero AG)
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14574368 2013-09-20] (NVIDIA Corporation)
    R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1115736 2015-08-30] (RealNetworks, Inc.)
    R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
    R2 RealTimes Desktop Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1115736 2015-08-30] (RealNetworks, Inc.)
    R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [581984 2015-03-18] (Copyright 2013 SAMSUNG)
    S2 Tomcat7; C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [74752 2011-09-28] (Apache Software Foundation) [File not signed]
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 3xHybrid; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [1141888 2010-12-01] (NXP Semiconductors Germany GmbH)
    R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows ® Win 7 DDK provider)
    R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows ® Win 7 DDK provider)
    R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
    S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [14216 2011-07-29] () [File not signed]
    S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
    S3 gdrv; C:\Windows\gdrv.sys [16608 2010-02-23] (Windows ® 2000 DDK provider)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2015-12-26] (Malwarebytes)
    R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    R1 MpKsl4a005f3a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CD3537AB-34E6-4932-8DF4-80C0EE3D4B79}\MpKsl4a005f3a.sys [39168 2015-12-25] (Microsoft Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)
    R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek                                            )
    R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
    R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-26 10:06 - 2015-12-26 10:07 - 00024685 _____ C:\Users\Samrat\Desktop\FRST.txt
    2015-12-26 10:06 - 2015-12-26 10:06 - 00000000 ____D C:\FRST
    2015-12-26 09:56 - 2015-12-26 09:56 - 01721856 _____ (Farbar) C:\Users\Samrat\Desktop\FRST.exe
    2015-12-26 09:36 - 2015-12-26 09:44 - 00000000 ____D C:\AdwCleaner
    2015-12-26 09:34 - 2015-12-26 09:34 - 01743360 _____ C:\Users\Samrat\Desktop\adwcleaner_5.026.exe
    2015-12-26 09:11 - 2015-12-26 09:11 - 00000000 ___HD C:\OneDriveTemp
    2015-12-25 12:47 - 2015-12-25 12:47 - 00036470 _____ C:\Users\Samrat\Desktop\dds.txt
    2015-12-25 12:47 - 2015-12-25 12:47 - 00020605 _____ C:\Users\Samrat\Desktop\attach.txt
    2015-12-25 12:35 - 2015-12-25 12:35 - 00852798 _____ C:\Users\Samrat\Desktop\SecurityCheck.exe
    2015-12-25 12:35 - 2015-12-25 12:35 - 00688992 ____R (Swearware) C:\Users\Samrat\Desktop\dds.scr
    2015-12-23 14:38 - 2015-12-25 17:29 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2015-12-18 18:19 - 2015-12-19 19:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2015-12-18 18:19 - 2015-12-18 18:19 - 00002094 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2015-12-18 11:12 - 2015-12-18 11:12 - 00001041 _____ C:\mbm.txt
    2015-12-18 09:12 - 2015-12-07 10:27 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2015-12-18 09:12 - 2015-12-07 10:19 - 00309088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2015-12-18 09:12 - 2015-12-07 10:18 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
    2015-12-18 09:12 - 2015-12-07 10:18 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2015-12-18 09:12 - 2015-12-07 10:17 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2015-12-18 09:12 - 2015-12-07 10:17 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2015-12-18 09:12 - 2015-12-07 10:17 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2015-12-18 09:12 - 2015-12-07 10:17 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2015-12-18 09:12 - 2015-12-07 10:16 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-12-18 09:12 - 2015-12-07 10:15 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2015-12-18 09:12 - 2015-12-07 09:42 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
    2015-12-18 09:12 - 2015-12-07 09:36 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2015-12-18 09:12 - 2015-12-07 09:33 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2015-12-18 09:12 - 2015-12-07 09:33 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2015-12-18 09:12 - 2015-12-07 09:32 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2015-12-18 09:12 - 2015-12-07 09:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2015-12-18 09:12 - 2015-12-07 09:27 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
    2015-12-18 09:12 - 2015-12-07 09:27 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
    2015-12-18 09:12 - 2015-12-07 09:27 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
    2015-12-18 09:12 - 2015-12-07 09:26 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2015-12-18 09:12 - 2015-12-07 09:26 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2015-12-18 09:12 - 2015-12-07 09:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2015-12-18 09:12 - 2015-12-07 09:24 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2015-12-18 09:12 - 2015-12-07 09:23 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-12-18 09:12 - 2015-12-07 09:23 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2015-12-18 09:12 - 2015-12-07 09:23 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
    2015-12-18 09:12 - 2015-12-07 09:19 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
    2015-12-18 09:12 - 2015-12-07 09:18 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2015-12-18 09:12 - 2015-12-07 09:15 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2015-12-18 09:12 - 2015-12-07 09:15 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
    2015-12-18 09:12 - 2015-12-07 09:14 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2015-12-18 09:12 - 2015-12-07 09:11 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2015-12-18 09:12 - 2015-12-07 09:10 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2015-12-18 09:12 - 2015-12-07 09:08 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
    2015-12-18 09:12 - 2015-12-07 09:04 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
    2015-12-18 09:11 - 2015-12-07 09:41 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
    2015-12-18 09:11 - 2015-12-07 09:35 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
    2015-12-18 09:11 - 2015-12-07 09:35 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
    2015-12-18 09:11 - 2015-12-07 09:35 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
    2015-12-18 09:11 - 2015-12-07 09:33 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2015-12-18 09:11 - 2015-12-07 09:33 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
    2015-12-18 09:11 - 2015-12-07 09:31 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2015-12-18 09:11 - 2015-12-07 09:31 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
    2015-12-18 09:11 - 2015-12-07 09:30 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2015-12-18 09:11 - 2015-12-07 09:30 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2015-12-18 09:11 - 2015-12-07 09:28 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2015-12-18 09:11 - 2015-12-07 09:27 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2015-12-18 09:11 - 2015-12-07 09:27 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2015-12-18 09:11 - 2015-12-07 09:25 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2015-12-18 09:11 - 2015-12-07 09:25 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2015-12-18 09:11 - 2015-12-07 09:22 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2015-12-18 09:11 - 2015-12-07 09:18 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2015-12-18 09:11 - 2015-12-07 09:18 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2015-12-18 09:11 - 2015-12-07 09:14 - 02977280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2015-12-18 09:11 - 2015-12-07 09:07 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2015-12-17 23:32 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2015-12-17 23:32 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-12-17 22:10 - 2015-12-17 22:10 - 00000000 ____D C:\ProgramData\WinZip
    2015-12-17 21:15 - 2015-12-18 13:44 - 00002109 _____ C:\Users\Public\Desktop\WinZip.lnk
    2015-12-17 21:15 - 2015-12-18 11:12 - 00002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2015-12-17 21:15 - 2015-12-18 00:04 - 00000000 ____D C:\Users\Samrat\AppData\Local\WinZip
    2015-12-17 21:15 - 2015-12-17 21:15 - 00000000 ____D C:\Users\Samrat\AppData\Local\Nico Mak Computing
    2015-12-17 21:15 - 2015-12-17 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
    2015-12-17 21:15 - 2015-12-17 21:15 - 00000000 ____D C:\Program Files\WinZip
    2015-12-17 19:19 - 2015-12-17 19:19 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
    2015-12-10 10:03 - 2015-12-10 10:03 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-12-09 09:31 - 2015-12-01 12:21 - 01821024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2015-12-09 09:31 - 2015-11-24 16:34 - 01539744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2015-12-09 09:31 - 2015-11-24 14:56 - 01273728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2015-12-09 09:31 - 2015-11-24 14:24 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2015-12-09 09:31 - 2015-11-24 14:18 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
    2015-12-09 09:31 - 2015-11-24 14:17 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2015-12-09 09:31 - 2015-11-24 14:09 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
    2015-12-09 09:31 - 2015-11-24 14:03 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
    2015-12-09 09:31 - 2015-11-24 13:49 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2015-12-09 09:31 - 2015-11-24 13:44 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
    2015-12-09 09:31 - 2015-11-24 13:33 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-12-09 09:31 - 2015-11-24 13:32 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2015-12-09 09:31 - 2015-11-24 13:29 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2015-12-09 09:31 - 2015-11-24 13:27 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
    2015-12-09 09:31 - 2015-11-24 12:41 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2015-12-09 09:31 - 2015-11-24 12:38 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-12-09 09:31 - 2015-11-24 12:34 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2015-12-04 10:05 - 2015-12-26 09:49 - 00000000 ____D C:\Users\Samrat\AppData\LocalLow\uTorrent
    2015-12-03 09:40 - 2015-11-22 16:11 - 05797728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-12-03 09:40 - 2015-11-22 15:14 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2015-12-03 09:40 - 2015-11-22 15:12 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2015-12-03 09:40 - 2015-11-22 14:57 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2015-12-03 09:40 - 2015-11-22 14:56 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2015-12-03 09:39 - 2015-11-22 16:11 - 01859448 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2015-12-03 09:39 - 2015-11-22 16:04 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2015-12-03 09:39 - 2015-11-22 15:56 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2015-12-03 09:39 - 2015-11-22 15:55 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
    2015-12-03 09:39 - 2015-11-22 15:54 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
    2015-12-03 09:39 - 2015-11-22 15:54 - 00043376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
    2015-12-03 09:39 - 2015-11-22 15:53 - 00076128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
    2015-12-03 09:39 - 2015-11-22 15:50 - 00504624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2015-12-03 09:39 - 2015-11-22 15:50 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2015-12-03 09:39 - 2015-11-22 15:44 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2015-12-03 09:39 - 2015-11-22 15:39 - 00641728 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2015-12-03 09:39 - 2015-11-22 15:38 - 00364176 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2015-12-03 09:39 - 2015-11-22 15:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2015-12-03 09:39 - 2015-11-22 15:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
    2015-12-03 09:39 - 2015-11-22 15:15 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
    2015-12-03 09:39 - 2015-11-22 15:15 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
    2015-12-03 09:39 - 2015-11-22 15:15 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
    2015-12-03 09:39 - 2015-11-22 15:15 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
    2015-12-03 09:39 - 2015-11-22 15:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2015-12-03 09:39 - 2015-11-22 15:14 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
    2015-12-03 09:39 - 2015-11-22 15:14 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
    2015-12-03 09:39 - 2015-11-22 15:13 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
    2015-12-03 09:39 - 2015-11-22 15:13 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
    2015-12-03 09:39 - 2015-11-22 15:12 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
    2015-12-03 09:39 - 2015-11-22 15:12 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
    2015-12-03 09:39 - 2015-11-22 15:12 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
    2015-12-03 09:39 - 2015-11-22 15:12 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
    2015-12-03 09:39 - 2015-11-22 15:12 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
    2015-12-03 09:39 - 2015-11-22 15:12 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
    2015-12-03 09:39 - 2015-11-22 15:12 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2015-12-03 09:39 - 2015-11-22 15:12 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
    2015-12-03 09:39 - 2015-11-22 15:10 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
    2015-12-03 09:39 - 2015-11-22 15:10 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
    2015-12-03 09:39 - 2015-11-22 15:10 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2015-12-03 09:39 - 2015-11-22 15:09 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2015-12-03 09:39 - 2015-11-22 15:09 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2015-12-03 09:39 - 2015-11-22 15:09 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2015-12-03 09:39 - 2015-11-22 15:09 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2015-12-03 09:39 - 2015-11-22 15:09 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
    2015-12-03 09:39 - 2015-11-22 15:08 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
    2015-12-03 09:39 - 2015-11-22 15:08 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
    2015-12-03 09:39 - 2015-11-22 15:07 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2015-12-03 09:39 - 2015-11-22 15:07 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
    2015-12-03 09:39 - 2015-11-22 15:07 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
    2015-12-03 09:39 - 2015-11-22 15:04 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
    2015-12-03 09:39 - 2015-11-22 15:03 - 06529024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2015-12-03 09:39 - 2015-11-22 15:03 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2015-12-03 09:39 - 2015-11-22 15:03 - 00205824 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
    2015-12-03 09:39 - 2015-11-22 15:03 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2015-12-03 09:39 - 2015-11-22 15:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
    2015-12-03 09:39 - 2015-11-22 15:02 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
    2015-12-03 09:39 - 2015-11-22 15:02 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
    2015-12-03 09:39 - 2015-11-22 15:02 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2015-12-03 09:39 - 2015-11-22 15:02 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2015-12-03 09:39 - 2015-11-22 15:01 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
    2015-12-03 09:39 - 2015-11-22 15:01 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2015-12-03 09:39 - 2015-11-22 15:00 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2015-12-03 09:39 - 2015-11-22 15:00 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2015-12-03 09:39 - 2015-11-22 14:59 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2015-12-03 09:39 - 2015-11-22 14:59 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2015-12-03 09:39 - 2015-11-22 14:58 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2015-12-03 09:39 - 2015-11-22 14:58 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2015-12-03 09:39 - 2015-11-22 14:58 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2015-12-03 09:39 - 2015-11-22 14:58 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2015-12-03 09:39 - 2015-11-22 14:58 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2015-12-03 09:39 - 2015-11-22 14:58 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2015-12-03 09:39 - 2015-11-22 14:57 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2015-12-03 09:39 - 2015-11-22 14:57 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2015-12-03 09:39 - 2015-11-22 14:57 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2015-12-03 09:39 - 2015-11-22 14:57 - 00706048 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2015-12-03 09:39 - 2015-11-22 14:57 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
    2015-12-03 09:39 - 2015-11-22 14:56 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2015-12-03 09:39 - 2015-11-22 14:56 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
    2015-12-03 09:39 - 2015-11-22 14:56 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2015-12-03 09:39 - 2015-11-22 14:55 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
    2015-12-03 09:39 - 2015-11-22 14:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2015-12-03 09:39 - 2015-11-22 14:54 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
    2015-12-03 09:39 - 2015-11-22 14:54 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
    2015-12-03 09:39 - 2015-11-22 14:53 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2015-12-03 09:39 - 2015-11-22 14:53 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2015-12-03 09:39 - 2015-11-22 14:50 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2015-12-03 09:39 - 2015-11-22 14:50 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2015-12-03 09:39 - 2015-11-22 14:49 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2015-12-03 09:39 - 2015-11-22 14:48 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-12-03 09:39 - 2015-11-22 14:48 - 00748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2015-12-03 09:39 - 2015-11-22 14:47 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2015-12-03 09:39 - 2015-11-22 14:47 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-12-03 09:39 - 2015-11-22 14:47 - 01925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2015-12-03 09:39 - 2015-11-22 14:47 - 01086464 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2015-12-03 09:39 - 2015-11-22 14:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2015-11-26 18:34 - 2015-12-18 13:44 - 00000936 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk
    2015-11-26 18:34 - 2015-11-26 18:34 - 00351419 _____ C:\WINDOWS\system32\rsslogs.20151126183300
    2015-11-26 18:34 - 2015-11-26 18:34 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\RealNetworks
    2015-11-26 18:34 - 2015-11-26 18:34 - 00000000 ____D C:\ProgramData\RealNetworks
    2015-11-26 18:34 - 2015-11-26 18:34 - 00000000 ____D C:\Program Files\RealNetworks
    2015-11-26 18:34 - 2015-11-26 18:34 - 00000000 ____D C:\Program Files\Common Files\xing shared
    2015-11-26 18:33 - 2015-11-26 18:33 - 00278800 _____ (Progressive Networks) C:\WINDOWS\system32\pncrt.dll
    2015-11-26 18:33 - 2015-11-26 18:33 - 00200976 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\rmoc3260.dll
    2015-11-26 18:26 - 2015-11-26 18:32 - 00012853 _____ C:\WINDOWS\system32\rsslogs.20151126182521

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-12-26 10:07 - 2010-12-25 10:17 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\uTorrent
    2015-12-26 10:06 - 2015-10-30 10:43 - 00000000 ____D C:\Windows
    2015-12-26 09:59 - 2015-06-18 08:49 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job
    2015-12-26 09:51 - 2014-05-29 15:15 - 00000000 ___RD C:\Users\Samrat\Dropbox
    2015-12-26 09:51 - 2014-05-29 15:03 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Dropbox
    2015-12-26 09:49 - 2015-08-07 14:01 - 00000000 ___RD C:\Users\Samrat\OneDrive
    2015-12-26 09:49 - 2014-05-18 11:07 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2015-12-26 09:48 - 2014-01-08 21:46 - 00000910 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-12-26 09:47 - 2015-11-20 12:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-12-26 09:47 - 2015-11-20 11:25 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-12-26 09:46 - 2015-10-30 10:43 - 01572864 ___SH C:\WINDOWS\system32\config\BBI
    2015-12-26 09:45 - 2015-11-20 11:31 - 00000000 ____D C:\Users\UpdatusUser
    2015-12-26 09:45 - 2015-05-11 09:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Common
    2015-12-26 09:35 - 2014-01-08 21:46 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-12-26 09:13 - 2011-10-08 18:54 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job
    2015-12-25 22:31 - 2015-11-20 11:31 - 00000000 ____D C:\Users\Samrat
    2015-12-25 22:30 - 2012-02-22 19:36 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\vlc
    2015-12-25 22:30 - 2010-02-23 06:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\DMCache
    2015-12-25 22:09 - 2012-04-04 21:49 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-12-25 20:04 - 2012-02-28 13:41 - 00000932 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job
    2015-12-25 17:29 - 2013-02-01 11:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2015-12-25 17:04 - 2012-02-28 13:41 - 00000910 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job
    2015-12-25 12:59 - 2015-06-18 08:49 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job
    2015-12-25 12:20 - 2012-12-12 09:31 - 00000000 ____D C:\Users\Samrat\AppData\Local\Packages
    2015-12-25 12:16 - 2015-10-30 11:17 - 00000000 ____D C:\WINDOWS\INF
    2015-12-25 12:16 - 2015-08-07 13:26 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-12-25 10:12 - 2011-10-08 18:54 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job
    2015-12-25 09:42 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\system32\NDF
    2015-12-24 17:56 - 2013-11-19 09:58 - 00000000 ____D C:\Users\Samrat\Downloads\Video
    2015-12-23 14:53 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-12-23 13:24 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\LiveKernelReports
    2015-12-22 20:01 - 2013-11-19 09:58 - 00000000 ____D C:\Users\Samrat\Downloads\Compressed
    2015-12-22 12:39 - 2015-10-30 11:18 - 00000000 ___HD C:\Program Files\WindowsApps
    2015-12-18 23:48 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-12-18 23:48 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\Provisioning
    2015-12-18 23:48 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\bcastdvr
    2015-12-18 18:22 - 2014-06-13 19:52 - 00000000 ____D C:\Users\Samrat\AppData\Local\Adobe
    2015-12-18 18:19 - 2011-06-18 19:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2015-12-18 18:19 - 2010-02-23 06:48 - 00000000 ____D C:\Program Files\Adobe
    2015-12-18 15:35 - 2015-10-30 11:09 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-12-18 13:44 - 2015-10-08 20:28 - 00002628 _____ C:\Users\Public\Desktop\Skype.lnk
    2015-12-18 13:44 - 2015-08-07 14:19 - 00002405 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-12-18 13:44 - 2015-03-09 13:51 - 00001956 _____ C:\Users\Public\Desktop\SHAREit.lnk
    2015-12-18 13:44 - 2014-11-08 13:43 - 00001931 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
    2015-12-18 13:44 - 2014-09-30 15:12 - 00001293 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
    2015-12-18 13:44 - 2014-09-30 15:12 - 00001135 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
    2015-12-18 13:44 - 2014-07-27 09:49 - 00001982 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
    2015-12-18 13:44 - 2014-07-10 22:38 - 00001968 _____ C:\Users\Public\Desktop\Stereoscopic Player.lnk
    2015-12-18 13:44 - 2013-12-15 18:03 - 00000879 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
    2015-12-18 13:44 - 2013-03-07 14:30 - 00000291 _____ C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
    2015-12-18 13:44 - 2013-02-01 11:07 - 00001117 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-12-18 13:44 - 2010-08-19 14:36 - 00002093 _____ C:\Users\Public\Desktop\honestech TVR 2.5.lnk
    2015-12-18 13:44 - 2010-02-23 06:17 - 00002654 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
    2015-12-18 13:43 - 2015-11-20 13:36 - 00002080 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
    2015-12-18 13:43 - 2015-04-07 14:17 - 00002031 _____ C:\Users\Public\Desktop\DiskMax.lnk
    2015-12-18 13:43 - 2014-05-01 12:39 - 00002035 _____ C:\Users\Public\Desktop\Google Slides.lnk
    2015-12-18 13:43 - 2014-05-01 12:39 - 00002035 _____ C:\Users\Public\Desktop\Google Sheets.lnk
    2015-12-18 13:43 - 2014-05-01 12:39 - 00002031 _____ C:\Users\Public\Desktop\Google Docs.lnk
    2015-12-18 13:43 - 2013-12-19 18:58 - 00000981 _____ C:\Users\Public\Desktop\Acrobat_com.lnk
    2015-12-18 13:43 - 2011-10-08 19:03 - 00002023 _____ C:\Users\Public\Desktop\amcap.lnk
    2015-12-18 13:43 - 2010-02-23 06:13 - 00002026 _____ C:\Users\Public\Desktop\CyberLink DVD Suite.lnk
    2015-12-18 13:42 - 2015-02-08 10:16 - 00002148 _____ C:\Users\Samrat\Desktop\HP Photo Creations.lnk
    2015-12-18 13:42 - 2014-05-29 15:15 - 00001059 _____ C:\Users\Samrat\Desktop\Dropbox.lnk
    2015-12-18 13:42 - 2014-05-01 12:41 - 00001766 _____ C:\Users\Samrat\Desktop\Google Drive.lnk
    2015-12-18 13:38 - 2009-07-14 13:19 - 00000000 ____D C:\WINDOWS\CSC
    2015-12-18 11:14 - 2015-11-20 11:48 - 00001508 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
    2015-12-18 11:14 - 2015-09-25 11:02 - 00002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
    2015-12-18 11:14 - 2013-12-19 18:58 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat_com.lnk
    2015-12-18 11:14 - 2013-02-01 11:07 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-12-18 11:12 - 2014-09-30 15:12 - 00001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
    2015-12-18 11:12 - 2010-02-23 06:50 - 00000000 ____D C:\Program Files\Internet Download Manager
    2015-12-17 23:32 - 2014-05-18 11:06 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2015-12-17 21:54 - 2015-08-07 17:35 - 00000000 ___RD C:\Users\Samrat\3D Objects
    2015-12-17 21:15 - 2009-07-14 07:34 - 00000487 _____ C:\WINDOWS\win.ini
    2015-12-17 19:20 - 2015-10-30 11:18 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2015-12-17 19:19 - 2015-10-30 11:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2015-12-17 19:17 - 2010-02-23 07:51 - 00000000 ____D C:\Program Files\Microsoft Office
    2015-12-13 21:56 - 2013-08-18 09:58 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-12-13 21:50 - 2012-12-15 07:32 - 137798368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-12-10 09:27 - 2015-11-20 11:22 - 00348712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-12-10 09:26 - 2011-09-21 11:39 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2015-12-09 22:34 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\system32\oobe
    2015-12-09 11:33 - 2011-09-21 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-12-09 10:08 - 2014-07-29 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
    2015-12-09 10:05 - 2014-07-01 16:44 - 00000000 ____D C:\Program Files\Samsung
    2015-12-09 09:09 - 2010-02-23 06:36 - 00247976 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2015-12-08 23:28 - 2014-04-20 14:54 - 00000000 __RDO C:\Users\Samrat\SkyDrive
    2015-12-07 19:31 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\rescache
    2015-12-03 19:44 - 2015-10-30 11:18 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2015-12-01 06:03 - 2015-10-30 11:19 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2015-12-01 06:03 - 2015-10-30 11:19 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2015-11-29 18:44 - 2010-02-23 06:50 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\IDM
    2015-11-26 18:35 - 2010-02-23 06:54 - 00000000 ____D C:\Users\Samrat\AppData\Roaming\Real
    2015-11-26 18:34 - 2014-09-30 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
    2015-11-26 18:34 - 2012-09-21 09:12 - 00000000 ____D C:\ProgramData\Package Cache
    2015-11-26 18:34 - 2010-02-23 06:54 - 00000000 ____D C:\ProgramData\Real
    2015-11-26 18:34 - 2010-02-23 06:53 - 00000000 ____D C:\Program Files\Real
    2015-11-26 18:32 - 2010-02-23 06:54 - 00505616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll
    2015-11-26 18:32 - 2010-02-23 06:54 - 00354064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
    2015-11-26 18:26 - 2015-11-25 19:29 - 00566056 _____ C:\WINDOWS\system32\rsslogs.20151125192833

    ==================== Files in the root of some directories =======

    2012-02-03 20:22 - 2012-02-03 20:26 - 0000166 _____ () C:\Users\Samrat\AppData\Roaming\PLGComp.ini
    2015-11-02 19:24 - 2015-11-02 19:24 - 0000000 ____H () C:\Users\Samrat\AppData\Local\BITCF96.tmp
    2010-09-26 15:23 - 2010-10-08 21:18 - 0004608 _____ () C:\Users\Samrat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2010-02-24 17:06 - 2010-05-02 20:45 - 0007597 _____ () C:\Users\Samrat\AppData\Local\Resmon.ResmonCfg
    2012-01-19 20:28 - 2012-01-19 20:28 - 0017408 _____ () C:\Users\Samrat\AppData\Local\WebpageIcons.db
    2011-08-16 20:26 - 2011-08-16 20:26 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0002]-[p08].bmp
    2011-08-16 20:33 - 2011-08-16 20:33 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0003]-[p08].bmp
    2011-08-16 20:51 - 2011-08-16 20:51 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0004]-[p08].bmp
    2011-08-16 20:56 - 2011-08-16 20:56 - 2338050 _____ () C:\Users\Samrat\AppData\Local\[j0005]-[p08].bmp
    2014-10-09 06:53 - 2014-10-09 06:57 - 0000000 _____ () C:\Users\Samrat\AppData\Local\{6305256B-BCF6-4DD2-B137-55712A815986}
    2014-06-30 08:50 - 2014-06-30 08:52 - 0000000 _____ () C:\Users\Samrat\AppData\Local\{A400CBF9-5EF9-4941-8A76-9D3A8A48CB5C}
    2015-11-02 19:24 - 2015-11-02 19:24 - 0000000 _____ () C:\Users\Samrat\AppData\Local\{C694F4E2-DF7E-4D74-81F8-5733C851E2EF}
    2014-12-23 06:41 - 2014-12-23 06:41 - 0000000 _____ () C:\Users\Samrat\AppData\Local\{FC0AAF47-B169-4AE6-B457-3195258451D1}
    2015-11-20 11:26 - 2015-11-20 11:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2010-08-13 20:50 - 2015-02-19 10:02 - 0025550 _____ () C:\ProgramData\hpzinstall.log

    Some files in TEMP:
    ====================
    C:\Users\Samrat\AppData\Local\Temp\ADSafe.30619-9.exe
    C:\Users\Samrat\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkufgur.dll
    C:\Users\Samrat\AppData\Local\Temp\lowproc.exe
    C:\Users\Samrat\AppData\Local\Temp\rnsetup0.exe
    C:\Users\Samrat\AppData\Local\Temp\sqlite3.dll
    C:\Users\Samrat\AppData\Local\Temp\stubhelper.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-12-21 16:49

    ==================== End of FRST.txt ============================



    #5 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 25 December 2015 - 11:56 PM

    As Addition.txt file is large i am pasting it here

     

    Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-12-2015
    Ran by Samrat (2015-12-26 10:08:46)
    Running from C:\Users\Samrat\Desktop
    Microsoft Windows 10 Pro (X86) (2015-11-20 06:52:06)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3559879560-2752497012-24936758-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3559879560-2752497012-24936758-503 - Limited - Disabled)
    Guest (S-1-5-21-3559879560-2752497012-24936758-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3559879560-2752497012-24936758-1002 - Limited - Enabled)
    Samrat (S-1-5-21-3559879560-2752497012-24936758-1001 - Administrator - Enabled) => C:\Users\Samrat
    UpdatusUser (S-1-5-21-3559879560-2752497012-24936758-1004 - Limited - Enabled) => C:\Users\UpdatusUser

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
    32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
    Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
    Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
    AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung)
    Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version:  - )
    ASUS nVidia Driver (Version: 1.00.0000 - ASUSTek) Hidden
    Bing Bar (HKLM\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
    Bing Bar (HKLM\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
    BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    Bulzer USB2.0 UVC PC Camera (HKLM\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corporation)
    Copy (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.3019 - CyberLink Corp.)
    Destinations (Version: 140.0.253.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    DiskMax 4.85 (HKLM\...\DiskMax) (Version: 4.85 - KoshyJohn.com)
    DJ_AIO_06_F2400_SW_Min (Version: 140.0.851.000 - Hewlett-Packard) Hidden
    Dropbox (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
    EaseUS Partition Master 9.1.1 Home Edition (HKLM\...\EaseUS Partition Master Home Edition_is1) (Version:  - EaseUS)
    F2400 (Version: 140.0.851.000 - Hewlett-Packard) Hidden
    Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
    Free Picture Resize Starter 4.5 (HKLM\...\Picture Resize_is1) (Version: 5.5.18 - Bidgood Svcs)
    GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden
    Google Drive (HKLM\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
    Google Talk Plugin (HKLM\...\{8E29C1CE-346A-3F59-AE22-8C5B7F230498}) (Version: 5.3.1.18536 - Google)
    Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
    Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
    GoToMeeting 5.7.0.1172 (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline)
    GPBaseService2 (Version: 140.0.297.000 - Hewlett-Packard) Hidden
    honestechTVR2.5 (HKLM\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
    honestechTVR2.5 (Version: 2.5 - honestech) Hidden
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photo Creations (HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)
    HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    HPSSupply (Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
    Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
    Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
    IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
    Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
    JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    K-Lite Codec Pack 9.3.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
    LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Metric Collection SDK 35 (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
    Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.6366.2036 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
    Mozilla Firefox 43.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.2 (x86 en-US)) (Version: 43.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
    MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
    MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    Nero 7 Essentials (HKLM\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1033}) (Version: 7.03.1303 - Nero AG)
    Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
    Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
    Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
    NVIDIA 3D Vision Controller Driver 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
    NVIDIA GeForce Experience 1.6.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1.2 - NVIDIA Corporation)
    NVIDIA Graphics Driver 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
    PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
    PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    PSIM 9.0.3 (HKLM\...\{98D13EC5-0C60-48eb-A7FA-1B0008EC4C2D}) (Version: 9.0.3 - Powersim)
    QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
    RAR Password Unlocker (HKLM\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version:  - RAR Password Unlocker, Inc.)
    RealDownloader (Version: 18.1.2.176 - RealNetworks, Inc.) Hidden
    RealDownloader (Version: 18.1.2.179 - RealNetworks) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealPlayer (RealTimes) (HKLM\...\RealPlayer 18.1) (Version: 18.1.2 - RealNetworks)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
    RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    Resolver version 2.2 (HKLM\...\{FEE1B498-C441-40CA-820C-CD275BAA204B}_is1) (Version: 2.2 - ACT)
    Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
    Samsung Kies3 (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Link 2.0.0.1503181422 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1503181422 - Copyright 2013 SAMSUNG)
    Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden
    SHAREit (HKLM\...\SHAREit_is1) (Version: 2.5.1.1 - Lenovo Group Limited)
    SHIELD Streaming (Version: 1.05.42 - NVIDIA Corporation) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
    Skype™ 7.8 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
    SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
    SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden
    Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden
    Stereoscopic Player (HKLM\...\{0B67DFA8-E3F5-4E1A-893E-526F9F4EFBAE}) (Version: 2.1.4 - 3dtv.at)
    TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
    TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
    Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden
    Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
    TrayApp (Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
    UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (Version: 1.0.0 - RealNetworks) Hidden
    ViewSonic Monitor Drivers (HKLM\...\{B4FEA924-630D-11D4-B78E-005004566E4D}) (Version:  - )
    VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
    VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version:  - Ozone)
    VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
    WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
    WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
    Windows 8.1 Product Key Finder Ultimate v13.10.1 (HKLM\...\Windows 8.1 Product Key Finder Ultimate v13.10.1_is1) (Version: v13.09.8 - )
    Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
    WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EE}) (Version: 20.0.11659 - WinZip Computing, S.L. )

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1172\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.29.1\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Samrat\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-apoctoshap (the data entry has 16 more characters).
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1172\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\HP Photo Creations\RLPNUpload.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\HP Photo Creations\ContentMan.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncApi.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\HP Photo Creations\RocketEngine.dll => No File

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01B65DA9-0CB3-4F59-9D49-A2741606E3D0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {04CA2995-73B7-4E81-8E3C-0F8FCFDFB843} - System32\Tasks\{DA6F51F6-BF18-47E1-ABBA-7F988E8E2249} => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
    Task: {183FB544-5A71-4F16-89D8-39F08F444F98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {1AF3F9EA-96A7-42DD-80EF-869A1815AF20} - System32\Tasks\{9F1C2142-6B09-4324-A0A4-C9EE6BF9A926} => pcalua.exe -a "C:\Program Files\Samsung\Samsung Link\uninstall.exe"
    Task: {2367A7E7-7A86-4D43-AB39-1A2B917799D3} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
    Task: {26CDB1A1-BD83-49F3-BEA4-295B05F9F28C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {2A1AFFE3-4D38-46A1-83D6-B0400109F816} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {2F006B9D-D575-4BB4-A95F-5354E3C4869B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {325F48E4-7832-4724-A575-69F72A64E48E} - System32\Tasks\{6AFE2735-5F26-47CA-937F-50A03C82C8E1} => pcalua.exe -a "c:\program files\real\realplayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|18.0
    Task: {396D2039-79CE-4D39-80CC-897DA2514D0E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {3CA357EB-211F-4495-8AB4-509F3604B0F1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {3E4A3934-522E-4CE3-8705-1295F2AB3A7F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {3FBA7F96-18F8-4B12-9B74-570338CC5ECC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {41E039D2-04F8-4C90-9BEF-4EBF5CF4CE3C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
    Task: {49BE0423-C5CB-40AE-8783-4A7CD4276A54} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-13] (Microsoft Corporation)
    Task: {5064DCDD-ED0C-4E67-BF45-2F877606DBC8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {52298E17-D54A-4119-AF1D-EEB78704BF2C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-12-17] (Microsoft Corporation)
    Task: {5398D6AE-A4FC-4D0C-A857-A0A4C4716821} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {55D5BB24-78DB-4B72-A568-6D919D3F1FA7} - System32\Tasks\{ABE956DF-1E53-4FE3-8F26-A3B26CBF5911} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{71A51A91-E7D3-11DB-A386-005056C00008}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
    Task: {56D4E87B-51DF-4A4E-834C-64D86F31E8D6} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
    Task: {5B1D3B07-A663-4915-828A-D9A4287C4C4B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2015-12-17] (Microsoft Corporation)
    Task: {5B3C9C2E-942D-4D41-9FDD-4A50B8ED0C93} - System32\Tasks\{CBE364C7-8FC3-4EB2-ABB5-9E4F40CBCD8B} => pcalua.exe -a "E:\Download\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit\713xDrvInstall.exe" -d "E:\Download\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit"
    Task: {611FF306-EEF7-49ED-87E1-856C61C1FAC6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {67C6482D-6256-479F-BE48-A93F1B2644DD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {6B97B116-DF6E-4C54-B334-06335D157465} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2015-11-04] ()
    Task: {6D99FC8D-A597-4C54-B789-BB4F61AFCDC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {724C603F-F9B3-4D8B-987C-33067D3F189B} - System32\Tasks\{9E396D18-8C75-4945-9E94-DEF75402F4D6} => pcalua.exe -a "D:\nfs2 HOT\setup.exe" -d "D:\nfs2 HOT"
    Task: {735A9FF8-174F-490A-A4D7-D025C8572AE6} - \CCleanerSkipUAC -> No File <==== ATTENTION
    Task: {7573D41F-0D89-45A3-BD69-87F89EC1A3CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
    Task: {779F64EA-F945-4ED0-8F62-2D36B0E7D26E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {7F70833D-C1A8-4087-8565-926F058B4B55} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
    Task: {82C55B59-1644-4E06-B630-43B8D46DC3F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {82F91532-B48F-4EE4-B9E3-C616EE798B54} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {8412CEA6-21F4-4709-A90A-55BAC3CD1B95} - System32\Tasks\{ECD5AB5F-E90A-4EBB-96CC-2571DA3C943F} => pcalua.exe -a "J:\Samrat\General\Current Affairs\Britannica\India and The World\starter.exe" -d "J:\Samrat\General\Current Affairs\Britannica\India and The World"
    Task: {8AC9AD4B-E497-4C59-9B82-82DE80DD4107} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
    Task: {8E7AC6B2-8207-4EA6-A822-E75F0AC1093E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
    Task: {8FCE7BE8-42A4-4D5F-86AB-98808D8E7502} - System32\Tasks\{B2F4EE28-3AF5-4EE1-8D33-F91D4A16D53E} => pcalua.exe -a "E:\Download\XP tools\Drivers\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit\713xDrvInstall.exe" -d "E:\Download\XP tools\Drivers\tv675_win-7_support\TV-675 WINDOW-7 SUPPORT\Driver_32bit"
    Task: {9116A72A-1A4D-40C3-B636-47ACF6A15853} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
    Task: {93BAC2D8-5723-4751-93AF-85FC5124E707} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
    Task: {97196759-CF07-446E-99BC-0E92ADE3ED9A} - System32\Tasks\{1C80D6B2-CDF7-4AF8-AFF4-1B7FEF674250} => pcalua.exe -a "E:\NFSHP2\Need For Speed Hot Pursuit 2_uninst.exe" -d E:\NFSHP2
    Task: {98CDB8D8-E9A0-4375-ACE0-1DEF3007DDDB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {9943D6DA-2BFE-4843-9398-3062D80204EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {9A1E835A-CD6A-4CC6-AB64-EEBA862A6E3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {9A673D8A-2710-4153-9691-43E658A45B18} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {A69685C0-F39D-4E02-A42F-B461ACB73363} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {ABAA1ACE-92B1-4AFA-865D-A54DDF76BF1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {B7E404AF-3EE3-4213-BC5C-DAD49E4F3C34} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {B808E09E-A76A-441A-A7DC-E4F47532D0D5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
    Task: {BC6BC3DC-CD7A-4E82-B678-A7814410FB5B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
    Task: {BD0D008A-5265-4896-8F43-E2F88A153107} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {C6648A4A-2325-4EC5-8389-F95BC9653050} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
    Task: {C811C2CA-9E2F-4FF2-8022-6A1D6AA9333F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
    Task: {CCADD279-BA30-445D-BC5B-4B065DE8FDBF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
    Task: {CDF1D276-082F-4EB3-A57F-6AB480EA70BF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
    Task: {D11DBDDA-DE29-4B60-9524-A3F24A0B8A12} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {D19978BD-7652-4EDD-8D4C-23145305BC57} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
    Task: {D1F790EE-9A54-4C47-B1A6-B533CC6050FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {D21614CB-DC54-4B05-8DA1-F4D72D4C698A} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
    Task: {D2F771ED-E696-4BBD-9835-63C12BAF5B60} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {D981C769-3BE9-4282-8A73-E7E6B2528161} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
    Task: {DD5FF456-350A-403E-817C-6D6701644067} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3559879560-2752497012-24936758-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.)
    Task: {E6238F6C-8523-446C-9449-9AC0224B60E3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
    Task: {EBD4E9BA-5A46-4D9B-AE5F-EE33362535BB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {ECA75BD9-2282-4B02-8116-41BE09A58A1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {ED52FAEB-3C83-4238-B54A-B1558C1C8E78} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core => C:\Users\Samrat\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
    Task: {F3F6DB1C-423B-43B6-A7B0-FAA4B93E46EC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {F3FABE99-8447-434C-9C69-5934A674BF27} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA => C:\Users\Samrat\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
    Task: {F83B2AE5-934C-4AC6-9991-F53C7130F2C8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
    Task: {F9473D25-2EC2-43FE-BBBA-7CF1505A972C} - System32\Tasks\{40DA7EF0-E555-4377-8998-E0D6CD426A84} => pcalua.exe -a "L:\Current Affairs\Britannica\India and The World\starter.exe" -d "L:\Current Affairs\Britannica\India and The World"
    Task: {F9C36292-4D71-4FDF-A3BF-637A44F87825} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {FA2503DE-AAEB-4E31-8564-1B201E12D9BB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
    Task: {FE2F0B10-EF43-4D0A-B213-C8CD35FB3822} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2015-10-30 11:14 - 2015-10-30 11:14 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2015-11-20 11:25 - 2015-10-13 22:17 - 00113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
    2015-09-25 10:56 - 2015-12-04 03:17 - 00134312 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
    2013-06-08 20:49 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    2015-11-04 15:20 - 2015-11-04 15:20 - 00033088 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
    2015-11-04 15:20 - 2015-11-04 15:20 - 00037720 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll
    2015-11-04 15:19 - 2015-11-04 15:19 - 00039768 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll
    2015-11-04 15:20 - 2015-11-04 15:20 - 00037728 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll
    2015-12-09 10:06 - 2015-03-18 14:22 - 00022016 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
    2015-12-09 10:06 - 2015-03-18 14:22 - 01893888 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
    2015-12-09 10:06 - 2015-03-18 14:22 - 01840128 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
    2013-12-21 11:15 - 2013-12-21 11:15 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\JNIInterface.dll
    2013-12-21 11:15 - 2013-12-21 11:15 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ASFAPI.dll
    2013-12-21 11:17 - 2013-12-21 11:17 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB_Manager.dll
    2013-10-01 09:46 - 2013-10-01 09:46 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB.dll
    2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
    2013-12-21 11:17 - 2013-12-21 11:17 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMS_Manager.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
    2015-12-09 10:06 - 2015-03-18 14:22 - 00041472 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
    2015-11-20 13:47 - 2015-11-20 13:47 - 00640512 _____ () C:\Windows\Temp\sqlite-3.7.151-x86-sqlitejdbc.dll
    2015-12-17 19:10 - 2015-12-17 19:10 - 08903848 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
    2015-12-03 09:39 - 2015-11-22 16:11 - 01859448 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-12-03 09:39 - 2015-11-22 16:11 - 01859448 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2011-10-04 12:20 - 2012-01-20 14:55 - 00427520 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
    2015-12-18 09:12 - 2015-12-07 09:04 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2015-12-18 09:11 - 2015-12-07 09:41 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2015-12-18 09:11 - 2015-12-07 09:27 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-12-18 09:12 - 2015-12-07 09:08 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2015-12-18 09:12 - 2015-12-07 09:05 - 00696320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2015-12-18 09:12 - 2015-12-07 09:04 - 02365952 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-12-18 09:12 - 2015-12-07 09:07 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-11-04 13:28 - 2015-11-04 13:28 - 00719632 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe
    2015-11-04 13:20 - 2015-11-04 13:20 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll
    2015-08-30 11:43 - 2015-11-26 18:32 - 00653608 _____ () c:\program files\real\realplayer\RPDS\Lib\r1api.dll
    2015-11-26 18:32 - 2015-11-26 18:32 - 00022312 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
    2015-08-30 11:43 - 2015-11-26 18:32 - 01520936 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
    2015-08-30 11:43 - 2015-11-26 18:32 - 04274984 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
    2015-08-30 11:43 - 2015-11-26 18:32 - 00322856 _____ () c:\program files\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
    2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
    2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
    2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
    2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
    2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
    2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
    2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
    2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
    2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
    2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
    2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
    2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
    2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
    2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
    2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
    2015-12-10 10:03 - 2015-10-31 06:29 - 00034768 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00019408 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\faulthandler.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00022848 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00023352 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00042296 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
    2015-12-10 10:02 - 2015-10-31 06:29 - 00116688 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\pywintypes27.dll
    2015-12-10 10:03 - 2015-10-31 06:29 - 00093640 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_ctypes.pyd
    2015-12-10 10:02 - 2015-10-31 06:29 - 00018376 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\select.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00019760 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00105928 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32api.pyd
    2015-12-10 10:02 - 2015-10-31 06:29 - 00392144 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\pythoncom27.dll
    2015-12-10 10:02 - 2015-12-09 03:06 - 00381752 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
    2015-12-10 10:02 - 2015-10-31 06:29 - 00692688 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\unicodedata.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00020816 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
    2015-12-10 10:03 - 2015-10-31 06:30 - 00109520 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 01737032 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00020808 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
    2015-12-10 10:03 - 2015-12-09 03:06 - 00020800 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
    2015-12-10 10:03 - 2015-12-09 03:06 - 00021840 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00038696 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\fastpath.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00024528 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32event.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00020936 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\mmapfile.pyd
    2015-12-10 10:03 - 2015-10-31 06:30 - 00114640 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32security.pyd
    2015-12-10 10:03 - 2015-12-09 03:06 - 00021320 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00124880 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32file.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00030160 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32pipe.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00043472 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32process.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00175560 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32gui.pyd
    2015-12-10 10:03 - 2015-10-31 06:30 - 00028616 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32ts.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00024016 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
    2015-12-10 10:03 - 2015-10-31 06:30 - 00048592 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32service.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00024392 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00036296 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\librsync.dll
    2015-12-10 10:03 - 2015-10-31 06:30 - 00024016 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\win32profile.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00117056 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00031568 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
    2015-10-04 13:17 - 2015-11-05 05:34 - 00293392 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
    2015-12-10 10:03 - 2015-12-09 03:06 - 00023376 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
    2015-12-10 10:03 - 2015-10-31 06:29 - 00134608 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_elementtree.pyd
    2015-12-10 10:02 - 2015-10-31 06:29 - 00134088 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\pyexpat.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00240584 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\jpegtran.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00020280 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00052024 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00021304 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
    2015-12-10 10:03 - 2015-10-31 06:30 - 00350152 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\winxpgui.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00084792 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
    2015-12-10 10:02 - 2015-12-09 03:06 - 01826608 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
    2015-12-10 10:02 - 2015-10-31 06:30 - 00083912 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\sip.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 03891504 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 01950000 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00519984 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00133936 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00225080 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00207672 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
    2015-12-10 10:03 - 2015-12-09 03:06 - 00024904 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00486704 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
    2015-12-10 10:02 - 2015-12-09 03:06 - 00357680 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
    2015-12-10 10:02 - 2015-10-31 06:31 - 00019920 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    2015-12-10 10:02 - 2015-10-31 06:30 - 00786904 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-12-10 10:02 - 2015-10-31 06:30 - 00063448 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-12-10 10:02 - 2015-10-31 06:30 - 00019408 _____ () C:\Users\Samrat\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
    2015-12-18 20:22 - 2015-12-18 20:23 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2015-12-18 20:22 - 2015-12-18 20:23 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2015-12-18 20:22 - 2015-12-18 20:23 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== EXE Associa


    #6 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 25 December 2015 - 11:59 PM

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 07:34 - 2012-11-28 09:57 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    127.0.0.1       localhost

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Samrat\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\windows photo viewer wallpaper.jpg
    HKU\S-1-5-21-3559879560-2752497012-24936758-1004\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 202.53.8.8 - 202.53.8.9
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TVR Scheduler.lnk => C:\Windows\pss\TVR Scheduler.lnk.CommonStartup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
    MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
    MSCONFIG\startupreg: LGODDFU => "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
    MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
    MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot
    HKLM\...\StartupApproved\Run: => "EaseUS EPM tray"
    HKLM\...\StartupApproved\Run: => "HTC Sync Loader"
    HKLM\...\StartupApproved\Run: => "BlueStacks Agent"
    HKLM\...\StartupApproved\Run: => "Tencent"
    HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\StartupApproved\Run: => "RGSC"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{16EFD293-F4A9-46A3-9660-E2E8369FB11F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{65BE0C3C-A9C2-4D70-BD83-726020521830}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{2AE96598-F7B1-463B-B5EA-A2F2F9728A78}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{55E792B1-DB6C-490C-B5CB-9FD99A2F3AE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{BB047823-55C6-4ADF-82CF-22D4A2412994}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{2F165ACA-847B-4B00-A370-B3BA656311A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{1C7308D7-60E3-4327-9F36-DC75D5AE98E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [UDP Query User{83BFA110-5302-47D2-BB72-4832414E3523}C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [TCP Query User{C176F8CE-719F-40A2-87CC-410DA4BC1D22}C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\samrat\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{9773B2BA-A44A-4555-A920-A7E396294E69}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
    FirewallRules: [TCP Query User{1275B1D3-8B1B-4649-95B3-9921AD80DDF1}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
    FirewallRules: [{B202E51E-489D-4C39-9FE2-EBB729E49C1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{F1BBE1E1-5399-4389-96C0-1F1348942E5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{E6B48F0D-093E-4F5D-BC41-33CB1209C5DB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    FirewallRules: [{C7C3C4D7-612D-4575-B2C7-04BE5304A0A7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
    FirewallRules: [{4C14FA24-1A45-48D3-B9BD-CD1FB5DBD5F3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
    FirewallRules: [{989501A5-5283-4E87-85FA-1007CEFDA5F2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    FirewallRules: [{D936D009-0820-4529-979C-E7B41BFF8A38}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
    FirewallRules: [{52E8D2B5-2FFF-47F0-8E71-5C8F27E059B7}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
    FirewallRules: [TCP Query User{71F5B673-A798-42F9-BA71-56D115022419}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe
    FirewallRules: [UDP Query User{88F026A7-40CF-473F-A1BB-AEAC22007311}C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe] => (Allow) C:\users\samrat\appdata\local\google\google talk plugin\googletalkplugin.exe
    FirewallRules: [{6723F246-C472-4591-A02B-18443CA64751}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{E107D98A-6CF0-44D2-B905-4076A2802824}] => (Allow) C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    FirewallRules: [{A8E65E91-6F84-437D-AB3F-0067B257B3E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{1450963B-60C8-41D6-A585-ABA38C85D444}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{F66D5336-3841-41A5-9713-B17D6D5B64E9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{CDE5E8B5-FE81-4570-9200-DB71B2646227}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{1469F424-A49F-4057-80D7-7781525235BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{E45B5A02-B251-41D3-B9F0-A2CC36AB6481}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{6B3F143A-0BC4-4C3D-B4D2-16795CC956B2}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{6D69D31A-0FE9-407A-9723-F030B552995D}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{ADDC5571-EBAF-4C75-B4B5-924007AC74ED}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
    FirewallRules: [{EB51376B-9068-4F10-9CA3-41F374B9AB2C}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
    FirewallRules: [{045E4682-FF8C-47B7-9403-F0399E415C68}] => (Allow) C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{DAC7B14D-4C9D-4FFB-938E-3DFE93C085CD}] => (Allow) C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe
    FirewallRules: [{0F234DE0-1E11-4E04-9314-DA7BDB7DA7A5}] => (Allow) LPort=8743
    FirewallRules: [{382250AE-90FE-45BB-9991-981CF4239AD4}] => (Allow) LPort=8643
    FirewallRules: [{3D0BB31A-80DD-4BBC-A3B7-B1A849DF72A7}] => (Allow) LPort=7676
    FirewallRules: [{FB64994D-266C-4107-9315-234E1B094FB0}] => (Allow) LPort=7679
    FirewallRules: [{0F286A75-12AD-4B16-934A-7EFF3E119B49}] => (Allow) LPort=24234
    FirewallRules: [{A28BE716-47DB-4F36-82AB-6163CF91CA84}] => (Allow) LPort=7900
    FirewallRules: [{874A2225-CA96-4548-9303-8920FBC06BB6}] => (Allow) LPort=1900
    FirewallRules: [{209569D1-9F93-42D3-8A40-5E68411A29C8}] => (Allow) C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
    FirewallRules: [{99B45793-75AD-46A2-9D7F-A49E1C46B14D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
    FirewallRules: [{A2AAA5C7-6E20-4F99-9C7D-6081C0E78BAD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
    FirewallRules: [{EEE83C9E-73F6-4EC6-B8A3-5E6607E6FFF2}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
    FirewallRules: [{AC918F41-410E-43EB-8D9D-2034A69C3395}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
    FirewallRules: [{DFCF347E-EA51-4327-A3DD-6C054C4FFE25}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
    FirewallRules: [{73228A62-20C1-4F2A-9DB1-F473C1420F8C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
    FirewallRules: [{E6DAC240-F468-4884-9A43-1ECE6B0E915E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
    FirewallRules: [{F6183998-3F2C-489D-AFB1-B918BCA7D82C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
    FirewallRules: [{7213D2E3-3DED-43AE-869B-DC94AC2134C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{F05009AC-8CD1-4E7E-A405-51FDCD280B1F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{C42EE036-E821-4647-A868-9D9EAA78FCDE}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{A85BDF7E-7768-4114-A6CF-A6DCEBF53ADB}] => (Allow) C:\Users\Samrat\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{F96FA6A1-010A-4756-BBC0-64C3D81107FA}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
    FirewallRules: [{5A9E5DC1-0FA8-4435-B666-71B451F34DD6}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
    FirewallRules: [{DFF13C2D-394F-4498-9F02-D304D0E8FFF9}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe
    FirewallRules: [{9945821E-DF9C-4CD3-8BF1-0447390DFA67}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
    FirewallRules: [{A9529B03-5D2E-4AFB-9B2B-71905A87F90F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    FirewallRules: [{C0E04B6C-AE0B-4532-BCEB-E25A07607798}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    FirewallRules: [{54FE5DE8-3024-4697-827C-D57CFEDC9870}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    FirewallRules: [{2E3F4584-7C1E-4436-9EBC-FC3F7574D741}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    FirewallRules: [{94878442-15C9-4912-908D-BA43F1181118}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
    FirewallRules: [{F4F84BA7-6979-4D16-8D29-17100034B50E}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/26/2015 09:48:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (12/26/2015 09:48:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (12/26/2015 09:13:28 AM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC)
    Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.

    Error: (12/25/2015 08:12:33 PM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC)
    Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.

    Error: (12/25/2015 05:30:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcNvVAD initialization failed [6]

    Error: (12/25/2015 05:30:17 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
    Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

    Error: (12/25/2015 03:13:45 PM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC)
    Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.

    Error: (12/25/2015 12:03:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAMRAT-PC)
    Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/25/2015 12:03:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SAMRAT-PC)
    Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (12/25/2015 10:13:32 AM) (Source: MsiInstaller) (EventID: 11404) (User: SAMRAT-PC)
    Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control.  System error .  Verify that you have sufficient access to that key, or contact your support personnel.


    System errors:
    =============
    Error: (12/26/2015 10:14:23 AM) (Source: DCOM) (EventID: 10016) (User: SAMRAT-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Samrat-PCSamratS-1-5-21-3559879560-2752497012-24936758-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

    Error: (12/26/2015 10:14:23 AM) (Source: DCOM) (EventID: 10016) (User: SAMRAT-PC)
    Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Samrat-PCSamratS-1-5-21-3559879560-2752497012-24936758-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

    Error: (12/26/2015 09:47:40 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Tomcat7 service terminated with the following service-specific error:
    %%0

    Error: (12/26/2015 09:47:33 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The HomeGroupListener service terminated with the following service-specific error:
    %%2147944153

    Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect.

    Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect.

    Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect.

    Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect.

    Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect.

    Error: (12/26/2015 09:45:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_17a0374 service to connect.


    CodeIntegrity:
    ===================================
      Date: 2015-12-19 10:48:50.908
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

      Date: 2015-12-17 21:25:44.134
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:44.082
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:44.033
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:43.976
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:43.914
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:43.900
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:41.943
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:41.877
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

      Date: 2015-12-17 21:25:41.859
      Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel® Pentium® Dual CPU E2200 @ 2.20GHz
    Percentage of memory in use: 62%
    Total physical RAM: 2814.49 MB
    Available physical RAM: 1067.18 MB
    Total Virtual: 5630.49 MB
    Available Virtual: 3424.54 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:109.56 GB) (Free:68.95 GB) NTFS ==>[drive with boot components (obtained from BCD)]
    Drive e: () (Fixed) (Total:39.04 GB) (Free:24.3 GB) NTFS
    Drive i: (New Volume) (Fixed) (Total:232.88 GB) (Free:228.38 GB) NTFS
    Drive j: (New Volume) (Fixed) (Total:232.88 GB) (Free:215.68 GB) NTFS
    Drive k: (New Volume) (Fixed) (Total:232.88 GB) (Free:169.77 GB) NTFS
    Drive l: (New Volume) (Fixed) (Total:232.88 GB) (Free:201.28 GB) NTFS
    Drive m: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:73.26 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 18A0189F)
    Partition 1: (Active) - (Size=109.6 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
    Partition 3: (Not Active) - (Size=39 GB) - (Type=OF Extended)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2FDBF25D)
    Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=698.6 GB) - (Type=OF Extended)

    ========================================================
    Disk: 2 (Size: 931.5 GB) (Disk ID: 6DD7CDDA)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================



    #7 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,165 posts

    Posted 26 December 2015 - 08:00 AM

     
    Nothing malicious was found in your logs.
    This is just a cleanup of empty items.
     
    Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. This will  open the RUN BOX.
    Type Notepad and and click the OK key.
    Please copy the entire contents of the code box below to the a new file.
     
     
    start
     
    CreateRestorePoint:
    EmptyTemp:
    CloseProcesses:
     
    FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext => not found
    FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\HP Photo Creations\RLPNUpload.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\HP Photo Creations\ContentMan.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncApi.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\HP Photo Creations\RocketEngine.dll => No File
    Task: {183FB544-5A71-4F16-89D8-39F08F444F98} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {2F006B9D-D575-4BB4-A95F-5354E3C4869B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {3CA357EB-211F-4495-8AB4-509F3604B0F1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {611FF306-EEF7-49ED-87E1-856C61C1FAC6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {735A9FF8-174F-490A-A4D7-D025C8572AE6} - \CCleanerSkipUAC -> No File <==== ATTENTION
    Task: {98CDB8D8-E9A0-4375-ACE0-1DEF3007DDDB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {9943D6DA-2BFE-4843-9398-3062D80204EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {ABAA1ACE-92B1-4AFA-865D-A54DDF76BF1E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {BD0D008A-5265-4896-8F43-E2F88A153107} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {D1F790EE-9A54-4C47-B1A6-B533CC6050FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {ECA75BD9-2282-4B02-8116-41BE09A58A1A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {FE2F0B10-EF43-4D0A-B213-C8CD35FB3822} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    C:\Users\Samrat\AppData\Local\Temp\ADSafe.30619-9.exe
    C:\Users\Samrat\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkufgur.dll
    C:\Users\Samrat\AppData\Local\Temp\lowproc.exe
    C:\Users\Samrat\AppData\Local\Temp\rnsetup0.exe
    C:\Users\Samrat\AppData\Local\Temp\sqlite3.dll
    C:\Users\Samrat\AppData\Local\Temp\stubhelper.dll
     
     
    End
    
    Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
    The location is listed in the 3rd line of the Farbar log you have submitted.
     
    Run FRST and click Fix only once and wait.
     
    Restart the computer normally to reset the registry.
     
    The tool will create a log (Fixlog.txt) please post it to your reply.
    ===
     
    Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
     
    You can manually check your present version and update as recommended.
     
    Be careful not to install malware posing as Java update!
    Important read this blog.
     
    Quoted from the page.
    "In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
     
    How to disable Java in your browsers
     
     
    If present remove the old version(s) of Java using the Control Panel > Programs and Features applet.
     
    Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
     
    Let me know if the problem persists.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #8 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 26 December 2015 - 12:03 PM

    The adobe reader still shows the Jpeg icon and i cannot change the icon.Change icon is greyed out.



    #9 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,165 posts

    Posted 27 December 2015 - 07:39 AM

    Your ShellIconCache may be corrupted.
     
    Reset it. Follow the instructions on this page.
     
     
    If the first method fails I'm not suggesting you use the 3rd party tool.
    If you do it's at your own risk.
     
    Keep me posted.

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #10 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 29 December 2015 - 12:50 AM

    No change...



    #11 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 29 December 2015 - 06:59 AM

    Problem with adobe icon is cleared but have an another problem

     

    244z7ti.jpg



    #12 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,165 posts

    Posted 29 December 2015 - 07:45 AM

    What is the problem with the BMP file shorcut?

    Please explain.


    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #13 koolsam

    koolsam

      SWI Junkie

    • Full Member
    • PipPipPipPip
    • 251 posts

    Posted 30 December 2015 - 12:12 AM

    It is showing in Chinese...which i can't understand



    #14 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,165 posts

    Posted 30 December 2015 - 08:25 AM

    Delete it.

    Leave it in your Recycle bin.

    If an application needs it you will receive an error message.


    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760




    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    Member of

    Support SpywareInfo Forum - click the button
    PayPal - The safer, easier way to pay online!