Jump to content


Photo

Drive space diminishing and can't install anything


  • This topic is locked This topic is locked
16 replies to this topic

#1 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 14 August 2014 - 08:00 AM

HI,

 

Since past few months drive space in C: is reducing and now i can't install any software,update the system.I allocated about 40GB of my 160GB to drive C: .I am attaching the MBAM log and security check log

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14-Aug-14
Scan Time: 7:08:19 PM
Logfile: mbam.txt
Administrator: Yes

Version: 0.00.0.0000
Malware Database: v0000.00.00.00
Rootkit Database: v0000.00.00.00
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x86
File System: NTFS
User: Samrat

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 4907
Time Elapsed: 1 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

Security Check Log

--------------------------

 Results of screen317's Security Check version 0.99.87  
   x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Kaspersky Internet Security   
Windows Defender              
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner     
 JavaFX 2.1.1    
 Java 7 Update 67  
 Adobe Flash Player     14.0.0.145  
 Adobe Reader XI  
 Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 14.0.0 avpui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````
 


Edited by koolsam, 14 August 2014 - 08:06 AM.


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 15 August 2014 - 11:31 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Wait for further instructions
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 15 August 2014 - 08:54 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-08-2014
Ran by Samrat (administrator) on SAMRAT-PC on 16-08-2014 08:13:49
Running from C:\Users\Samrat\Desktop
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Apache Software Foundation) C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Octoshape ApS) C:\Users\Samrat\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Dropbox, Inc.) C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x86__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Facebook Update] => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Google Update] => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-08] (Google Inc.)
HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [ApacheTomcatMonitor7.0_Tomcat7] => C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7w.exe [102400 2011-09-28] (Apache Software Foundation)
HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Samrat\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [70936 2009-01-08] (Octoshape ApS)
HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3858000 2014-07-23] (Tonec Inc.)
HKU\S-1-5-21-3559879560-2752497012-24936758-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4626712 2014-07-23] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.in.msn.com/...IN&dcc=IN&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB6FD25062B90CE01
SearchScopes: HKCU - {515B5412-F021-436B-B8C4-98DF57D18C2F} URL = http://in.search.yah...p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 123.176.37.38 123.176.37.37

FireFox:
========
FF ProfilePath: C:\Users\Samrat\AppData\Roaming\Mozilla\Firefox\Profiles\uiyrbsa7.default-1391762422109
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @alternatiff.com/AlternaTIFF -> C:\Program Files\MIE\AlternaTIFF\npzzatif.dll (Medical Informatics Engineering, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=17.0.10.8 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=17.0.10 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.10 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=17.0.10 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=17.0.10.8 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Samrat\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll (Octoshape ApS)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Samrat\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Samrat\AppData\Roaming\mozilla\plugins\npoctoshape.dll (Octoshape ApS)
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-08]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-30]
FF HKLM\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-12-26]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-12-26]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-12-26]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-12-26]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-12-26]
FF HKLM\...\Firefox\Extensions: [{7ADCCCD0-FDEC-4A18-A329-550A87710223}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 [2014-08-06]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage:
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.googl...mnlhhddbepgkeaa []
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-11-26]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-11-26]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-11-26]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-05-13]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-11-26]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-07-23]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-11-26]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed]
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-11-26] (Kaspersky Lab ZAO)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\ [0 ] () [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [773968 2014-01-27] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14574368 2013-09-20] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-05-13] ()
R2 RealPlayer Cloud Service; C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-30] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-05-23] () [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [573280 2014-07-29] (Copyright 2013 SAMSUNG)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
R2 Tomcat7; C:\Program Files\Apache Software Foundation\Tomcat 7.0\bin\Tomcat7.exe [74752 2011-09-28] (Apache Software Foundation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279784 2014-03-24] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2014-03-24] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2014-04-03] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Samrat\AppData\Local\Temp\7zS6CAC\hpslpsvc32.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybrid; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [1141888 2010-12-01] (NXP Semiconductors Germany GmbH)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [113424 2014-05-21] (BlueStack Systems)
R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Windows ® Win 7 DDK provider)
R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Windows ® Win 7 DDK provider)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
S3 gdrv; C:\Windows\gdrv.sys [16608 2010-02-23] (Windows ® 2000 DDK provider)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-24] (Intel Corporation)
S3 ivusb; C:\WINDOWS\System32\drivers\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [135776 2013-11-26] (Kaspersky Lab ZAO)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [24672 2013-11-26] (Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [552032 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [25696 2013-11-26] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [25184 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [25696 2013-11-26] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\system32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [54880 2014-03-24] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [144992 2013-12-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 MWAC; \??\C:\WINDOWS\system32\drivers\ [0 ] () [File not signed]
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)
R3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [92504 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
R3 WUDFSensorLP; C:\WINDOWS\System32\drivers\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [188416 2014-05-31] (Microsoft Corporation)
U3 idsvc;
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2014-03-24] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-16 08:13 - 2014-08-16 08:14 - 00026091 _____ () C:\Users\Samrat\Desktop\FRST.txt
2014-08-16 08:12 - 2014-08-16 08:14 - 00000000 ____D () C:\FRST
2014-08-16 08:06 - 2014-08-16 08:06 - 01092096 _____ (Farbar) C:\Users\Samrat\Desktop\FRST.exe
2014-08-16 07:56 - 2014-08-16 07:56 - 00025408 _____ () C:\WINDOWS\system32\rsslogs.20140816075500
2014-08-16 07:54 - 2014-08-16 08:02 - 00041782 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-16 07:54 - 2014-08-16 07:54 - 00000106 _____ () C:\WINDOWS\AutoKMS.log
2014-08-16 07:52 - 2014-08-16 07:52 - 00485032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-16 07:52 - 2014-08-16 07:52 - 00010578 _____ () C:\WINDOWS\PFRO.log
2014-08-15 14:11 - 2014-06-10 03:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 08:29 - 2014-08-15 08:29 - 01099797 _____ () C:\WINDOWS\system32\rsslogs.20140815082916
2014-08-14 19:12 - 2014-08-14 19:12 - 00854417 _____ () C:\Users\Samrat\Desktop\SecurityCheck.exe
2014-08-14 19:10 - 2014-08-14 19:10 - 00688992 _____ (Swearware) C:\Users\Samrat\Desktop\dds.scr
2014-08-14 19:09 - 2014-08-14 19:09 - 00001039 _____ () C:\mbam.txt
2014-08-14 18:46 - 2014-08-14 18:46 - 09184897 _____ () C:\rules.ref
2014-08-14 18:45 - 2014-08-14 18:45 - 00021948 _____ () C:\swissarmy.ref
2014-08-14 18:45 - 2014-08-14 18:45 - 00000314 _____ () C:\actions.ref
2014-08-14 17:15 - 2014-08-15 08:29 - 00443681 _____ () C:\WINDOWS\system32\rsslogs.20140814171403
2014-08-14 14:01 - 2014-08-14 17:13 - 00227491 _____ () C:\WINDOWS\system32\rsslogs.20140814140058
2014-08-14 12:19 - 2014-08-14 12:19 - 00014509 _____ () C:\WINDOWS\system32\rsslogs.20140814121842
2014-08-14 12:00 - 2014-08-07 04:11 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-14 12:00 - 2014-08-02 10:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-14 12:00 - 2014-06-20 06:06 - 00805136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-14 12:00 - 2014-06-13 05:40 - 01326936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-14 12:00 - 2014-06-13 05:40 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-14 11:53 - 2014-08-14 11:53 - 00026612 _____ () C:\WINDOWS\system32\rsslogs.20140814115241
2014-08-14 09:37 - 2014-08-14 09:37 - 00160885 _____ () C:\WINDOWS\system32\rsslogs.20140814093604
2014-08-14 08:42 - 2014-08-14 08:42 - 00059251 _____ () C:\WINDOWS\system32\rsslogs.20140814084148
2014-08-13 15:45 - 2014-07-25 19:21 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-13 15:45 - 2014-07-25 18:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-13 15:45 - 2014-07-25 18:00 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 15:45 - 2014-07-25 17:51 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-13 15:45 - 2014-07-25 17:38 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 15:45 - 2014-07-25 17:36 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-13 15:45 - 2014-07-25 17:22 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 15:45 - 2014-07-25 17:13 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 15:45 - 2014-07-25 17:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-13 15:45 - 2014-07-25 16:59 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-13 15:45 - 2014-07-25 16:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-13 15:45 - 2014-07-25 16:39 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 15:45 - 2014-07-25 16:39 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 15:45 - 2014-07-25 16:37 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-13 15:45 - 2014-07-25 16:33 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-13 15:45 - 2014-07-25 15:39 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 15:45 - 2014-07-25 15:35 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-13 15:45 - 2014-07-25 15:30 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-13 15:38 - 2014-08-07 05:06 - 01090280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 15:38 - 2014-08-07 04:12 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-13 15:38 - 2014-07-15 22:37 - 02257584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 15:38 - 2014-07-15 13:33 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 15:38 - 2014-07-15 13:25 - 02045440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 15:38 - 2014-07-12 09:13 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 15:38 - 2014-06-04 13:52 - 00107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 15:38 - 2014-06-04 10:13 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 15:38 - 2014-06-04 10:08 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 15:38 - 2014-06-04 07:44 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 14:07 - 2014-08-14 08:42 - 00639571 _____ () C:\WINDOWS\system32\rsslogs.20140813140653
2014-08-13 11:07 - 2014-08-13 11:07 - 00102725 _____ () C:\WINDOWS\system32\rsslogs.20140813110649
2014-08-12 16:39 - 2014-08-13 11:07 - 00636902 _____ () C:\WINDOWS\system32\rsslogs.20140812163807
2014-08-12 13:13 - 2014-08-12 13:13 - 00094275 _____ () C:\WINDOWS\system32\rsslogs.20140812131242
2014-08-12 10:34 - 2014-08-12 13:12 - 00190997 _____ () C:\WINDOWS\system32\rsslogs.20140812103357
2014-08-11 21:39 - 2014-08-11 21:39 - 00197141 _____ () C:\WINDOWS\system32\rsslogs.20140811213815
2014-08-11 20:27 - 2014-08-11 21:38 - 00085866 _____ () C:\WINDOWS\system32\rsslogs.20140811202625
2014-08-11 20:20 - 2014-06-05 18:44 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-11 20:20 - 2014-06-02 06:36 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2014-08-11 20:20 - 2014-06-02 06:36 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-11 20:20 - 2014-05-31 14:02 - 00382296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-11 20:20 - 2014-05-31 14:02 - 00376152 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-11 20:20 - 2014-05-31 14:02 - 00338264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-11 20:20 - 2014-05-31 14:02 - 00072536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-11 20:20 - 2014-05-31 14:02 - 00023384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-11 20:20 - 2014-05-31 11:03 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-11 20:20 - 2014-05-31 11:00 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-11 20:20 - 2014-05-31 10:59 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-11 20:20 - 2014-05-31 09:03 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-11 20:20 - 2014-05-31 09:03 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-11 20:20 - 2014-05-31 09:03 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-11 20:20 - 2014-05-29 10:53 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-08-11 20:20 - 2014-05-27 20:16 - 01871704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-11 20:20 - 2014-05-27 15:23 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-11 20:20 - 2014-05-17 09:43 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-11 20:20 - 2014-05-08 10:07 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-08-11 20:20 - 2014-04-30 09:22 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-08-11 15:43 - 2014-08-11 15:43 - 00339538 _____ () C:\WINDOWS\system32\rsslogs.20140811154236
2014-08-11 14:09 - 2014-08-11 14:09 - 00032645 _____ () C:\WINDOWS\system32\rsslogs.20140811140830
2014-08-11 14:03 - 2014-08-11 14:05 - 00000000 ____D () C:\AdwCleaner
2014-08-11 13:20 - 2014-08-11 13:20 - 00056962 _____ () C:\WINDOWS\system32\rsslogs.20140811131924
2014-08-11 09:11 - 2014-08-11 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-11 09:11 - 2014-08-11 09:11 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-11 09:11 - 2014-08-11 09:10 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-11 09:11 - 2014-08-11 09:10 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-11 09:11 - 2014-08-11 09:10 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-11 09:11 - 2014-08-11 09:10 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-11 09:10 - 2014-08-11 09:10 - 00000000 ____D () C:\Program Files\Java
2014-08-11 09:00 - 2014-08-11 09:00 - 00308108 _____ () C:\WINDOWS\system32\rsslogs.20140811085955
2014-08-10 15:34 - 2014-08-10 15:34 - 00529326 _____ () C:\WINDOWS\system32\rsslogs.20140810153342
2014-08-10 08:56 - 2014-08-10 08:56 - 00258662 _____ () C:\WINDOWS\system32\rsslogs.20140810085537
2014-08-09 19:19 - 2014-08-09 19:19 - 00268400 _____ () C:\WINDOWS\system32\rsslogs.20140809191848
2014-08-09 16:41 - 2014-08-09 16:41 - 00180068 _____ () C:\WINDOWS\system32\rsslogs.20140809164057
2014-08-09 14:40 - 2014-08-09 14:40 - 00134145 _____ () C:\WINDOWS\system32\rsslogs.20140809143924
2014-08-09 07:48 - 2014-08-09 07:48 - 00343171 _____ () C:\WINDOWS\system32\rsslogs.20140809074730
2014-08-08 19:00 - 2014-08-08 19:00 - 00332344 _____ () C:\WINDOWS\system32\rsslogs.20140808185957
2014-08-08 15:17 - 2014-08-08 15:17 - 00242896 _____ () C:\WINDOWS\system32\rsslogs.20140808151614
2014-08-08 09:44 - 2014-08-08 09:44 - 00202987 _____ () C:\WINDOWS\system32\rsslogs.20140808094422
2014-08-07 15:16 - 2014-08-08 09:44 - 00738552 _____ () C:\WINDOWS\system32\rsslogs.20140807151532
2014-08-07 12:24 - 2014-08-07 12:24 - 00010890 _____ () C:\WINDOWS\system32\rsslogs.20140807122357
2014-08-07 08:39 - 2014-08-07 08:39 - 00263403 _____ () C:\WINDOWS\system32\rsslogs.20140807083851
2014-08-06 17:37 - 2014-08-06 17:37 - 00408347 _____ () C:\WINDOWS\system32\rsslogs.20140806173647
2014-08-06 14:18 - 2014-08-06 14:18 - 00010889 _____ () C:\WINDOWS\system32\rsslogs.20140806141730
2014-08-06 14:01 - 2014-08-06 14:01 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-08-06 14:01 - 2014-08-06 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-08-06 13:52 - 2014-08-06 13:52 - 00027820 _____ () C:\WINDOWS\system32\rsslogs.20140806135155
2014-08-06 12:53 - 2014-08-06 12:53 - 00068947 _____ () C:\WINDOWS\system32\rsslogs.20140806125224
2014-08-06 11:04 - 2014-08-06 11:04 - 00129384 _____ () C:\WINDOWS\system32\rsslogs.20140806110329
2014-08-06 07:54 - 2014-08-06 07:54 - 00042328 _____ () C:\WINDOWS\system32\rsslogs.20140806075337
2014-08-05 20:46 - 2014-08-05 20:46 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\JAM Software
2014-08-05 20:46 - 2014-08-05 20:46 - 00000000 ____D () C:\Program Files\JAM Software
2014-08-05 14:31 - 2014-08-05 14:31 - 00636864 _____ () C:\WINDOWS\system32\rsslogs.20140805143040
2014-08-05 08:33 - 2014-08-05 08:33 - 00286392 _____ () C:\WINDOWS\system32\rsslogs.20140805083205
2014-08-04 20:16 - 2014-08-04 20:16 - 00152289 _____ () C:\WINDOWS\system32\rsslogs.20140804201512
2014-08-04 14:41 - 2014-08-04 14:41 - 00305633 _____ () C:\WINDOWS\system32\rsslogs.20140804144037
2014-08-04 10:15 - 2014-08-04 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-04 08:59 - 2014-08-04 08:59 - 00256165 _____ () C:\WINDOWS\system32\rsslogs.20140804085832
2014-08-02 10:10 - 2014-08-02 10:10 - 00007264 _____ () C:\WINDOWS\system32\rsslogs.20140802100925
2014-08-01 22:15 - 2014-08-01 22:15 - 00186307 _____ () C:\WINDOWS\system32\rsslogs.20140801221448
2014-08-01 14:41 - 2014-08-01 14:41 - 00478450 _____ () C:\WINDOWS\system32\rsslogs.20140801144002
2014-08-01 12:06 - 2014-08-01 12:06 - 00032616 _____ () C:\WINDOWS\system32\rsslogs.20140801120554
2014-07-30 15:47 - 2014-07-30 15:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-29 20:26 - 2014-07-29 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-07-27 09:49 - 2014-07-27 10:06 - 00001982 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-07-26 14:58 - 2014-07-10 09:38 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-07-26 14:58 - 2014-07-10 09:29 - 03922432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-07-26 14:58 - 2014-07-10 09:04 - 00877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-07-23 16:32 - 2014-06-09 14:10 - 00113680 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-16 08:15 - 2014-01-08 21:46 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-16 08:14 - 2014-08-16 08:13 - 00026091 _____ () C:\Users\Samrat\Desktop\FRST.txt
2014-08-16 08:14 - 2014-08-16 08:12 - 00000000 ____D () C:\FRST
2014-08-16 08:13 - 2010-02-23 06:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-16 08:09 - 2012-04-04 21:49 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-16 08:06 - 2014-08-16 08:06 - 01092096 _____ (Farbar) C:\Users\Samrat\Desktop\FRST.exe
2014-08-16 08:04 - 2012-02-28 13:41 - 00000932 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job
2014-08-16 08:02 - 2014-08-16 07:54 - 00041782 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-16 07:59 - 2014-05-29 15:15 - 00000000 ___RD () C:\Users\Samrat\Dropbox
2014-08-16 07:59 - 2014-04-20 14:54 - 00000000 __RDO () C:\Users\Samrat\SkyDrive
2014-08-16 07:58 - 2014-05-29 15:03 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\Dropbox
2014-08-16 07:56 - 2014-08-16 07:56 - 00025408 _____ () C:\WINDOWS\system32\rsslogs.20140816075500
2014-08-16 07:54 - 2014-08-16 07:54 - 00000106 _____ () C:\WINDOWS\AutoKMS.log
2014-08-16 07:54 - 2014-01-08 21:46 - 00000902 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-16 07:54 - 2013-10-19 09:06 - 00000000 ____D () C:\Users\Samrat
2014-08-16 07:54 - 2013-08-22 12:53 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-16 07:54 - 2012-12-12 11:52 - 00000222 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2014-08-16 07:53 - 2013-10-19 09:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-16 07:52 - 2014-08-16 07:52 - 00485032 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-16 07:52 - 2014-08-16 07:52 - 00010578 _____ () C:\WINDOWS\PFRO.log
2014-08-15 23:33 - 2011-10-08 18:54 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job
2014-08-15 23:30 - 2013-08-22 13:47 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-15 17:04 - 2012-02-28 13:41 - 00000910 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job
2014-08-15 16:39 - 2012-02-22 19:36 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\vlc
2014-08-15 14:50 - 2013-08-22 13:47 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-15 14:24 - 2013-08-22 13:47 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-08-15 14:24 - 2012-07-26 12:13 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-15 13:45 - 2014-05-21 15:37 - 00000000 ____D () C:\Users\Samrat\AppData\Local\CrashDumps
2014-08-15 12:32 - 2011-10-08 18:54 - 00000860 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job
2014-08-15 09:23 - 2010-04-19 09:22 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\dvdcss
2014-08-15 08:43 - 2011-08-14 20:46 - 00000000 ____D () C:\ProgramData\Skype
2014-08-15 08:29 - 2014-08-15 08:29 - 01099797 _____ () C:\WINDOWS\system32\rsslogs.20140815082916
2014-08-15 08:29 - 2014-08-14 17:15 - 00443681 _____ () C:\WINDOWS\system32\rsslogs.20140814171403
2014-08-14 22:14 - 2013-11-19 09:58 - 00000000 ____D () C:\Users\Samrat\Downloads\Compressed
2014-08-14 22:12 - 2013-11-19 09:58 - 00000000 ____D () C:\Users\Samrat\Downloads\Video
2014-08-14 19:12 - 2014-08-14 19:12 - 00854417 _____ () C:\Users\Samrat\Desktop\SecurityCheck.exe
2014-08-14 19:10 - 2014-08-14 19:10 - 00688992 _____ (Swearware) C:\Users\Samrat\Desktop\dds.scr
2014-08-14 19:09 - 2014-08-14 19:09 - 00001039 _____ () C:\mbam.txt
2014-08-14 19:07 - 2014-05-18 11:07 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2014-08-14 18:46 - 2014-08-14 18:46 - 09184897 _____ () C:\rules.ref
2014-08-14 18:45 - 2014-08-14 18:45 - 00021948 _____ () C:\swissarmy.ref
2014-08-14 18:45 - 2014-08-14 18:45 - 00000314 _____ () C:\actions.ref
2014-08-14 18:44 - 2014-05-18 11:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-14 18:44 - 2013-11-21 19:39 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-08-14 18:44 - 2011-08-14 17:01 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\Malwarebytes
2014-08-14 18:20 - 2013-10-20 12:17 - 00000000 ____D () C:\Program Files\Windows 8.1 Product Key Finder Ultimate v13.10.1
2014-08-14 17:13 - 2014-08-14 14:01 - 00227491 _____ () C:\WINDOWS\system32\rsslogs.20140814140058
2014-08-14 12:19 - 2014-08-14 12:19 - 00014509 _____ () C:\WINDOWS\system32\rsslogs.20140814121842
2014-08-14 12:14 - 2013-08-22 11:43 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-14 12:13 - 2014-07-11 23:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-14 12:13 - 2010-02-23 06:50 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\DMCache
2014-08-14 12:12 - 2013-08-18 09:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 12:12 - 2010-02-23 07:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 12:09 - 2012-12-15 07:32 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-14 12:08 - 2013-03-01 19:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-14 11:53 - 2014-08-14 11:53 - 00026612 _____ () C:\WINDOWS\system32\rsslogs.20140814115241
2014-08-14 09:37 - 2014-08-14 09:37 - 00160885 _____ () C:\WINDOWS\system32\rsslogs.20140814093604
2014-08-14 09:32 - 2013-08-22 13:47 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-14 08:42 - 2014-08-14 08:42 - 00059251 _____ () C:\WINDOWS\system32\rsslogs.20140814084148
2014-08-14 08:42 - 2014-08-13 14:07 - 00639571 _____ () C:\WINDOWS\system32\rsslogs.20140813140653
2014-08-13 23:28 - 2010-12-25 10:17 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\uTorrent
2014-08-13 14:24 - 2014-07-09 08:56 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 14:24 - 2014-04-22 15:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 14:24 - 2014-04-22 15:40 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 14:24 - 2014-04-22 15:40 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 14:24 - 2014-04-22 15:40 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 14:24 - 2014-04-22 15:40 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 14:24 - 2014-04-22 15:39 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 14:24 - 2014-04-22 15:31 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 11:07 - 2014-08-13 11:07 - 00102725 _____ () C:\WINDOWS\system32\rsslogs.20140813110649
2014-08-13 11:07 - 2014-08-12 16:39 - 00636902 _____ () C:\WINDOWS\system32\rsslogs.20140812163807
2014-08-12 13:13 - 2014-08-12 13:13 - 00094275 _____ () C:\WINDOWS\system32\rsslogs.20140812131242
2014-08-12 13:12 - 2014-08-12 10:34 - 00190997 _____ () C:\WINDOWS\system32\rsslogs.20140812103357
2014-08-11 21:45 - 2012-07-26 16:48 - 00000000 ____D () C:\Program Files\GetData
2014-08-11 21:39 - 2014-08-11 21:39 - 00197141 _____ () C:\WINDOWS\system32\rsslogs.20140811213815
2014-08-11 21:38 - 2014-08-11 20:27 - 00085866 _____ () C:\WINDOWS\system32\rsslogs.20140811202625
2014-08-11 21:34 - 2014-07-09 12:25 - 00000000 ____D () C:\Program Files\Unlocker
2014-08-11 20:18 - 2014-05-18 19:59 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-11 18:12 - 2013-10-19 09:26 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-11 15:43 - 2014-08-11 15:43 - 00339538 _____ () C:\WINDOWS\system32\rsslogs.20140811154236
2014-08-11 14:09 - 2014-08-11 14:09 - 00032645 _____ () C:\WINDOWS\system32\rsslogs.20140811140830
2014-08-11 14:05 - 2014-08-11 14:03 - 00000000 ____D () C:\AdwCleaner
2014-08-11 13:55 - 2012-11-08 20:24 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-11 13:20 - 2014-08-11 13:20 - 00056962 _____ () C:\WINDOWS\system32\rsslogs.20140811131924
2014-08-11 09:11 - 2014-08-11 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-11 09:11 - 2014-08-11 09:11 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-11 09:11 - 2013-10-17 22:30 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 09:10 - 2014-08-11 09:11 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-11 09:10 - 2014-08-11 09:11 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-11 09:10 - 2014-08-11 09:11 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-08-11 09:10 - 2014-08-11 09:11 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-11 09:10 - 2014-08-11 09:10 - 00000000 ____D () C:\Program Files\Java
2014-08-11 09:00 - 2014-08-11 09:00 - 00308108 _____ () C:\WINDOWS\system32\rsslogs.20140811085955
2014-08-10 15:34 - 2014-08-10 15:34 - 00529326 _____ () C:\WINDOWS\system32\rsslogs.20140810153342
2014-08-10 08:56 - 2014-08-10 08:56 - 00258662 _____ () C:\WINDOWS\system32\rsslogs.20140810085537
2014-08-09 19:19 - 2014-08-09 19:19 - 00268400 _____ () C:\WINDOWS\system32\rsslogs.20140809191848
2014-08-09 16:41 - 2014-08-09 16:41 - 00180068 _____ () C:\WINDOWS\system32\rsslogs.20140809164057
2014-08-09 14:40 - 2014-08-09 14:40 - 00134145 _____ () C:\WINDOWS\system32\rsslogs.20140809143924
2014-08-09 07:48 - 2014-08-09 07:48 - 00343171 _____ () C:\WINDOWS\system32\rsslogs.20140809074730
2014-08-08 19:00 - 2014-08-08 19:00 - 00332344 _____ () C:\WINDOWS\system32\rsslogs.20140808185957
2014-08-08 15:17 - 2014-08-08 15:17 - 00242896 _____ () C:\WINDOWS\system32\rsslogs.20140808151614
2014-08-08 09:44 - 2014-08-08 09:44 - 00202987 _____ () C:\WINDOWS\system32\rsslogs.20140808094422
2014-08-08 09:44 - 2014-08-07 15:16 - 00738552 _____ () C:\WINDOWS\system32\rsslogs.20140807151532
2014-08-07 12:24 - 2014-08-07 12:24 - 00010890 _____ () C:\WINDOWS\system32\rsslogs.20140807122357
2014-08-07 08:39 - 2014-08-07 08:39 - 00263403 _____ () C:\WINDOWS\system32\rsslogs.20140807083851
2014-08-07 05:06 - 2014-08-13 15:38 - 01090280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 04:12 - 2014-08-13 15:38 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-07 04:11 - 2014-08-14 12:00 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 17:37 - 2014-08-06 17:37 - 00408347 _____ () C:\WINDOWS\system32\rsslogs.20140806173647
2014-08-06 14:18 - 2014-08-06 14:18 - 00010889 _____ () C:\WINDOWS\system32\rsslogs.20140806141730
2014-08-06 14:05 - 2010-02-23 06:50 - 00000000 ____D () C:\Program Files\Internet Download Manager
2014-08-06 14:02 - 2010-02-23 06:50 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\IDM
2014-08-06 14:01 - 2014-08-06 14:01 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-08-06 14:01 - 2014-08-06 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2014-08-06 13:52 - 2014-08-06 13:52 - 00027820 _____ () C:\WINDOWS\system32\rsslogs.20140806135155
2014-08-06 12:53 - 2014-08-06 12:53 - 00068947 _____ () C:\WINDOWS\system32\rsslogs.20140806125224
2014-08-06 12:53 - 2013-12-26 10:14 - 00002292 _____ () C:\Users\Samrat\Desktop\Safe Money.lnk
2014-08-06 11:04 - 2014-08-06 11:04 - 00129384 _____ () C:\WINDOWS\system32\rsslogs.20140806110329
2014-08-06 07:54 - 2014-08-06 07:54 - 00042328 _____ () C:\WINDOWS\system32\rsslogs.20140806075337
2014-08-05 20:46 - 2014-08-05 20:46 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\JAM Software
2014-08-05 20:46 - 2014-08-05 20:46 - 00000000 ____D () C:\Program Files\JAM Software
2014-08-05 14:31 - 2014-08-05 14:31 - 00636864 _____ () C:\WINDOWS\system32\rsslogs.20140805143040
2014-08-05 08:33 - 2014-08-05 08:33 - 00286392 _____ () C:\WINDOWS\system32\rsslogs.20140805083205
2014-08-04 20:16 - 2014-08-04 20:16 - 00152289 _____ () C:\WINDOWS\system32\rsslogs.20140804201512
2014-08-04 14:41 - 2014-08-04 14:41 - 00305633 _____ () C:\WINDOWS\system32\rsslogs.20140804144037
2014-08-04 11:27 - 2012-12-13 08:18 - 00182609 _____ () C:\WINDOWS\hpoins44.dat
2014-08-04 11:27 - 2010-08-13 20:50 - 00017738 _____ () C:\ProgramData\hpzinstall.log
2014-08-04 11:26 - 2009-07-14 07:34 - 00000578 _____ () C:\WINDOWS\win.ini
2014-08-04 10:15 - 2014-08-04 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-04 08:59 - 2014-08-04 08:59 - 00256165 _____ () C:\WINDOWS\system32\rsslogs.20140804085832
2014-08-02 10:22 - 2014-08-14 12:00 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-02 10:10 - 2014-08-02 10:10 - 00007264 _____ () C:\WINDOWS\system32\rsslogs.20140802100925
2014-08-02 05:47 - 2014-07-12 07:56 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-02 05:47 - 2014-07-12 07:56 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-01 22:15 - 2014-08-01 22:15 - 00186307 _____ () C:\WINDOWS\system32\rsslogs.20140801221448
2014-08-01 14:41 - 2014-08-01 14:41 - 00478450 _____ () C:\WINDOWS\system32\rsslogs.20140801144002
2014-08-01 12:06 - 2014-08-01 12:06 - 00032616 _____ () C:\WINDOWS\system32\rsslogs.20140801120554
2014-07-31 17:36 - 2013-02-01 11:07 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 15:48 - 2014-07-30 15:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-29 20:49 - 2014-07-29 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-07-29 20:24 - 2014-07-01 16:44 - 00000000 ____D () C:\Program Files\Samsung
2014-07-27 14:35 - 2013-08-22 13:47 - 00000000 ____D () C:\WINDOWS\twain_32
2014-07-27 10:06 - 2014-07-27 09:49 - 00001982 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-07-27 09:49 - 2010-08-13 20:52 - 00000000 ____D () C:\Program Files\HP
2014-07-26 15:19 - 2011-09-21 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-26 15:18 - 2011-09-21 11:39 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-26 14:55 - 2014-05-29 15:15 - 00001071 _____ () C:\Users\Samrat\Desktop\Dropbox.lnk
2014-07-26 14:55 - 2014-05-29 15:14 - 00000000 ____D () C:\Users\Samrat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-25 19:21 - 2014-08-13 15:45 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 18:04 - 2014-08-13 15:45 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 18:00 - 2014-08-13 15:45 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 17:51 - 2014-08-13 15:45 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 17:38 - 2014-08-13 15:45 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 17:36 - 2014-08-13 15:45 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 17:22 - 2014-08-13 15:45 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 17:13 - 2014-08-13 15:45 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 17:04 - 2014-08-13 15:45 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 16:59 - 2014-08-13 15:45 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 16:43 - 2014-08-13 15:45 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 16:39 - 2014-08-13 15:45 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 16:39 - 2014-08-13 15:45 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 16:37 - 2014-08-13 15:45 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 16:33 - 2014-08-13 15:45 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 15:39 - 2014-08-13 15:45 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 15:35 - 2014-08-13 15:45 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 15:30 - 2014-08-13 15:45 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

Some content of TEMP:
====================
C:\Users\Samrat\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb1f0ru.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-15 14:15

==================== End Of Log ============================



#4 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 15 August 2014 - 08:55 PM

Additional scan result of Farbar Recovery Scan Tool (x86) Version:15-08-2014
Ran by Samrat at 2014-08-16 08:16:48
Running from C:\Users\Samrat\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung)
Apache Tomcat 7.0 Tomcat7 (remove only) (HKLM\...\Apache Tomcat 7.0 Tomcat7) (Version:  - )
ASUS nVidia Driver (Version: 1.00.0000 - ASUSTek) Hidden
Bing Bar (HKLM\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
BufferChm (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Bulzer USB2.0 UVC PC Camera (HKLM\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.3019 - CyberLink Corp.)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{0B79C91F-978F-4C2E-9FE4-D4B567808858}) (Version:  - Microsoft)
DiskMax 4.71 (HKLM\...\DiskMax) (Version: 4.71 - KoshyJohn.com)
DJ_AIO_06_F2400_SW_Min (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
F2400 (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden
Google Drive (HKLM\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Talk Plugin (HKLM\...\{8E29C1CE-346A-3F59-AE22-8C5B7F230498}) (Version: 5.3.1.18536 - Google)
Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
GoToMeeting 5.7.0.1172 (HKCU\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline)
honestechTVR2.5 (HKLM\...\{ABADD11D-1B48-4F23-BEBA-6B22CE8F5E58}) (Version: 2.5 - honestech)
honestechTVR2.5 (Version: 2.5 - honestech) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{BCDD692B-172D-440A-9A1B-501C71D72CC8}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kaspersky Internet Security (HKLM\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MATLAB R2009b (HKLM\...\MatlabR2009b) (Version: 7.9 - The MathWorks, Inc.)
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1033}) (Version: 7.03.1303 - Nero AG)
Nero BurnLite 10 (HKLM\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Control Center 10 (Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero Update (Version: 11.0.13600.45.0 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA 3D Vision Controller Driver (Version: 267.67 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.6.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 8.3.23 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)
Octoshape Streaming Services (HKCU\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PSIM 9.0.3 (HKLM\...\{98D13EC5-0C60-48eb-A7FA-1B0008EC4C2D}) (Version: 9.0.3 - Powersim)
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealDownloader (Version: 17.0.10 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Resolver version 2.2 (HKLM\...\{2B061A62-3AA7-4383-8696-993635E168C7}_is1) (Version: 2.2 - Beam Telecom)
Samsung Link 2.0.0.1407291559 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1407291559 - Copyright 2013 SAMSUNG)
Scan (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.05.42 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Status (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Stereoscopic Player (HKLM\...\{0B67DFA8-E3F5-4E1A-893E-526F9F4EFBAE}) (Version: 2.1.4 - 3dtv.at)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Toolbox (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total Video Converter 3.71 100812 (HKLM\...\Total Video Converter 3.71_is1) (Version:  - EffectMatrix Inc.)
TreeSize Free V3.0.1 (HKLM\...\TreeSize Free_is1) (Version: 3.0.1 - JAM Software)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{7DF13AFE-A484-4178-A82D-EF0689A24775}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8C07AD38-38EB-4332-BCB3-F55A77C927DF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{07017577-FBD6-45E2-A796-659E8F428057}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{07017577-FBD6-45E2-A796-659E8F428057}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{51865C36-97D4-4210-A33E-50BCC8CDDF72}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{C20FB0E0-31F6-4958-B94D-AEF3CC31FD87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 32-Bit Edition (HKLM\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{FC6618D2-F75D-4FDD-B396-E4B0C0D757B6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FC6618D2-F75D-4FDD-B396-E4B0C0D757B6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version:  - Microsoft)
UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden
ViewSonic Monitor Drivers (HKLM\...\{B4FEA924-630D-11D4-B78E-005004566E4D}) (Version:  - )
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VisiPics V1.31 (HKLM\...\VisiPics_is1) (Version:  - Ozone)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)
Windows 8.1 Product Key Finder Ultimate v13.10.1 (HKLM\...\Windows 8.1 Product Key Finder Ultimate v13.10.1_is1) (Version: v13.09.8 - )
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E2}) (Version: 18.5.11111 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Samrat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1172\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{7D4733C0-C43B-4A81-AF43-F9B20D1F8348}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-apoctoshap (the data entry has 13 more characters).
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1172\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Samrat\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3559879560-2752497012-24936758-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 07:34 - 2012-11-28 09:57 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001Core.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3559879560-2752497012-24936758-1001UA.job => C:\Users\Samrat\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Samrat\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Samrat\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TVR Scheduler.lnk => C:\Windows\pss\TVR Scheduler.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: LGODDFU => "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 



#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 16 August 2014 - 06:00 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

In Windows 7 and 8.
Press the [Windows Icon + R] and enter "notepad" in the box to open Notepad
 
start

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 [2014-08-06]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-07-23]
S2 HPSLPSVC; C:\Users\Samrat\AppData\Local\Temp\7zS6CAC\hpslpsvc32.dll [X]
S3 MWAC; \??\C:\WINDOWS\system32\drivers\ [0 ] () [File not signed]

end

Save the files as fixlist.txt in to the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

--RogueKiller--
  • Download & SAVE to your Desktop For 32bit system or For 64bit system
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

Please let me know if the problem persists.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 16 August 2014 - 07:30 AM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:16-08-2014 02
Ran by Samrat at 2014-08-16 18:58:40 Run:1
Running from C:\Users\Samrat\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 [2014-08-06]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2014-07-23]
S2 HPSLPSVC; C:\Users\Samrat\AppData\Local\Temp\7zS6CAC\hpslpsvc32.dll [X]
S3 MWAC; \??\C:\WINDOWS\system32\drivers\ [0 ] () [File not signed]

end
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\IDM Shell Extension" => Key deleted successfully.
"HKCR\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}" => Key deleted successfully.
"HKCR\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}" => Key deleted successfully.
"HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Users\Samrat\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll not found.
HKCU\Software\Mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com => value deleted successfully.
C:\Users\Samrat\AppData\Roaming\IDM\idmmzcc5 => Moved successfully.
HKCU\Software\Mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com => value deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn" => Key deleted successfully.
C:\Program Files\Internet Download Manager\IDMGCExt.crx => Moved successfully.
HPSLPSVC => Service deleted successfully.
MWAC => Service deleted successfully.

==== End of Fixlog ====



#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 16 August 2014 - 11:41 AM

Can you now post the log from the RogueKiller tool.

How is the computer running now?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#8 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 16 August 2014 - 09:43 PM

will attach the log of RougeKiller tool ...and the problem still persists


Edited by koolsam, 17 August 2014 - 12:10 AM.


#9 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 17 August 2014 - 12:08 AM

RogueKiller V9.2.8.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 32 bits version
Started in : Normal mode
User : Samrat [Admin rights]
Mode : Remove Aborted -- Date : 08/17/2014  11:35:55

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 11 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gdrv -> NOT SELECTED
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gdrv -> NOT SELECTED
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 123.176.37.38 123.176.37.37  -> NOT SELECTED
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 123.176.37.38 123.176.37.37  -> NOT SELECTED
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EBD637A9-9C05-4ADD-A4F0-FC6D4B516199} | DhcpNameServer : 123.176.37.38 123.176.37.37  -> NOT SELECTED
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{EBD637A9-9C05-4ADD-A4F0-FC6D4B516199} | DhcpNameServer : 123.176.37.38 123.176.37.37  -> NOT SELECTED
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : -> NOT SELECTED
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : -> NOT SELECTED
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : -> NOT SELECTED
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3559879560-2752497012-24936758-1001\Software\Microsoft\Internet Explorer\Main | Search Page : -> NOT SELECTED
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : -> NOT SELECTED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1       localhost

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST3160215AS ATA Device +++++
--- User ---
[MBR] d88496d97ec111da6be6125a9bac031b
[BSP] f46963a893c004ba2563f21d3d2947b6 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 40435 MB
1 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 82815073 | Size: 112180 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_08162014_193457.log - RKreport_SCN_08162014_204802.log - RKreport_SCN_08172014_091439.log - RKreport_SCN_08172014_102523.log
RKreport_SCN_08172014_103839.log - RKreport_SCN_08172014_104222.log - RKreport_SCN_08172014_104225.log - RKreport_SCN_08172014_113446.log



#10 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 17 August 2014 - 06:33 AM


A good number of these files are being created everyday.

C:\WINDOWS\system32\rsslogs.20140806173647

Are they being delete when no longer required?
===

Nothing suspicious was found on your log.

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Keep me posted.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#11 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 18 August 2014 - 06:56 AM

The scan reads No threats found and scan status finished.I cannot find list threats and export and the system free space is now full and no free space available


Edited by koolsam, 18 August 2014 - 11:05 AM.


#12 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 18 August 2014 - 12:29 PM


A good number of these files are being created everyday.

C:\WINDOWS\system32\rsslogs.20140806173647


Did you removed the files rsslog.*

If they are in the Recycle bin can you empty the bin.

To delete files without them going to the Reclycle bin, place the curson on the file, when highlighted press the SHIFT key and while holding it press the DEL key.

You will be prompted to accept the deletion. The file cannot be restored.

p.s.
You can highlight more than one file at a time.

Do not install anything else for the moment.

Do you now have some free space on the Drive?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#13 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 18 August 2014 - 09:09 PM

deleting rsslogs freed 12.8MB of space only...The problem still continues...

 

Recently i have uninstalled some software's but some folders exist in my program files with dll files in it how can i remove them completely...



#14 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 19 August 2014 - 05:51 AM

Recently i have uninstalled some software's but some folders exist in my program files with dll files in it how can i remove them completely.


You can delete the folders the same way you have delete the other files.

If the files/folders are in being used by an application you may not be able to delete them in normal mode.

Try is Safe Mode
How to boot to Safe Mode, Windows 8
http://www.bleepingc...y-in-windows-8/

===

If not already done do a disk cleanup.
http://helpdeskgeek....p-in-windows-8/

===

You can Google this string windows 8 hard drive keeps filling up
See what you can do.
===

Or start a new topic in this Windows 8 Forum
http://www.bleepingc.../209/windows-8/

Some one may have a solution for you.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#15 koolsam

koolsam

    SWI Junkie

  • Full Member
  • PipPipPipPip
  • 251 posts

Posted 19 August 2014 - 11:56 PM

Thanks,How can i remove the files created during the scans



#16 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 20 August 2014 - 07:20 AM

Run the AdwCleaner and uninstall the application.

As for the Others just delete the .exe files and any files created by the tools.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#17 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,182 posts

Posted 03 September 2014 - 05:39 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!