Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Rooha (administrator) on SPARKLING_STARS on 08-07-2015 16:17:47
Running from C:\Users\Rooha\Downloads\Programs
Loaded Profiles: Rooha (Available Profiles: Rooha)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(Microsoft Corporation) C:\Users\Rooha\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Godzilla Shopper\godzilla_shopper_helper_service.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(WordWeb Software) C:\Program Files (x86)\WordWeb\wweb32.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.Helper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Research In Motion) C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.AutoUpdate.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\livecomm.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(installdaddy) C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-nova.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2014-03-26] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [Elite Unzip AppIntegrator 32-bit] => C:\PROGRA~2\ELITEU~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [Elite Unzip AppIntegrator 64-bit] => C:\PROGRA~2\ELITEU~2\bar\1.bin\AppIntegrator64.exe
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-03-18] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4494848 2014-06-23] (Research In Motion Limited)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [WordWeb] => C:\Program Files (x86)\WordWeb\wweb32.exe [65216 2009-11-09] (WordWeb Software)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1088424 2012-10-13] (Nokia)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [928656 2011-04-14] (Samsung)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3373968 2011-04-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [19872 2011-04-14] ()
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [SkyDrive] => C:\Users\Rooha\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-05-15] (Microsoft Corporation)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [Facebook Update] => C:\Users\Rooha\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-05] (Facebook Inc.)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3825232 2014-03-16] (Tonec Inc.)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Run: [BlackBerryLink.exe] => C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe [1462520 2014-06-24] (Research In Motion)
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\MountPoints2: {039a2d56-ef5c-11e4-beda-1c3e8499d3e4} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\start.exe
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\MountPoints2: {492c5620-1057-11e5-bee0-1c3e8499d3e4} - "H:\setup.exe" 
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\MountPoints2: {50b5ce18-ff85-11e4-bedf-1c3e8499d3e4} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL H:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-03-19]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Rooha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\e.lnk [2015-06-05]
ShortcutTarget: e.lnk -> C:\Users\Rooha\AppData\Roaming\obibafktai.exe ()
Startup: C:\Users\Rooha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2013-11-17]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2012-11-16] (Tonec Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1431741891&z=04754fe8fa6e8c958bf6a61gcz7c3g5mdzegcb7b4t&from=ient05150&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1431741891&z=04754fe8fa6e8c958bf6a61gcz7c3g5mdzegcb7b4t&from=ient05150&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1431741891&z=04754fe8fa6e8c958bf6a61gcz7c3g5mdzegcb7b4t&from=ient05150&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-search.com/?babsrc=HP_ss&mntrId=FC7E1C3E8499D3E5&affID=123621&tsp=5029
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.jp.msn.com/HPALL13/26
HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1431741891&z=04754fe8fa6e8c958bf6a61gcz7c3g5mdzegcb7b4t&from=ient05150&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type=ds&ts=1419659618&from=wpc&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1431741891&z=04754fe8fa6e8c958bf6a61gcz7c3g5mdzegcb7b4t&from=ient05150&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1431741891&z=04754fe8fa6e8c958bf6a61gcz7c3g5mdzegcb7b4t&from=ient05150&uid=HGSTXHTS545050A7E380_TM8514ZN3RSTLP3RSTLPX&q={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/4686-154348-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1071033344-2270758295-2084488698-1002 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2013-11-29] (Internet Download Manager, Tonec Inc.)
BHO: Torntv V9.0 -> {11111111-1111-1111-1111-110511131190} -> C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll No File
BHO: sauve nEt -> {3EC13336-07E6-23FB-1D9F-F1368407973B} -> C:\Program Files (x86)\sauve nEt\pxigY7.x64.dll No File
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2013-11-29] (Internet Download Manager, Tonec Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Torntv V9.0 -> {11111111-1111-1111-1111-110511131190} -> C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll No File
BHO-x32: sauve nEt -> {3EC13336-07E6-23FB-1D9F-F1368407973B} -> C:\Program Files (x86)\sauve nEt\pxigY7.dll No File
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-05-15] (Thinknice Co. Limited)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Rich Media Downloader -> {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} -> C:\Users\Rooha\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll No File
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55F16B10-3269-458D-BBE7-52C6E9B490DA}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-27] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-27] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-10-13] ( )
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-06-24] ()
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-05-19] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-05-19] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-06-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-06-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2010-07-30] (the VideoLAN Team)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-11-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1071033344-2270758295-2084488698-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Rooha\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\WordWeb\WCaptureMoz
FF Extension: WCaptureX - C:\Program Files (x86)\WordWeb\WCaptureMoz [2013-07-21]
FF HKU\S-1-5-21-1071033344-2270758295-2084488698-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Rooha\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Rooha\AppData\Roaming\IDM\idmmzcc5 [2014-03-16]

Chrome: 
=======
CHR Profile: C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-29]
CHR Extension: (YouTube) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-29]
CHR Extension: (Google Search) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-29]
CHR Extension: (IDM Integration Module) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2014-12-29]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2015-06-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-29]
CHR Extension: (Google Wallet) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-29]
CHR Extension: (Gmail) - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-29]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\Web Cake\WebCakeLayers.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Rooha\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-01-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\WordWeb\wcxChrome.crx [2013-07-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-03-18] (BlackBerry Limited) [File not signed]
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-28] (WildTangent)
S4 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-19] (globalUpdate) [File not signed] <==== ATTENTION
S4 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-19] (globalUpdate) [File not signed] <==== ATTENTION
S4 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-13] (Hewlett-Packard)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [157824 2015-05-15] (XTab system)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-06-23] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1325568 2014-06-23] (Research In Motion Limited) [File not signed]
R2 VSSS; C:\Users\Rooha\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [106348544 2015-06-23] (Microsoft Corporation) [File not signed] <==== ATTENTION
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2015-01-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [24576 2014-04-15] (BlackBerry)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg; No ImagePath
S4 BthHFEnum; No ImagePath
U4 bthhfhid; No ImagePath
S4 BthHFSrv; No ImagePath
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-01-01] (DT Soft Ltd)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R4 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 16:17 - 2015-07-08 16:17 - 00000000 ____D C:\FRST
2015-07-08 10:55 - 2015-07-08 10:55 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-07 19:12 - 2015-07-08 10:50 - 00000000 ____D C:\VIPRERESCUE
2015-07-07 17:59 - 2015-07-08 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2015-07-07 17:59 - 2015-07-08 08:49 - 00000000 ____D C:\Program Files (x86)\TweakBit
2015-07-07 17:59 - 2015-07-07 18:21 - 00000000 ____D C:\ProgramData\TweakBit
2015-07-07 17:36 - 2015-07-07 17:36 - 00000000 ____D C:\Users\Rooha\AppData\Roaming\AVAST Software
2015-07-07 16:30 - 2015-07-07 16:30 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-07 12:56 - 2015-07-07 12:56 - 00000000 ____D C:\Program Files (x86)\sauve nEt
2015-07-04 20:30 - 2015-07-04 20:30 - 00019369 _____ C:\Users\Rooha\Downloads\Naruto Shippuden 418 [EnG SuB] 480p L@mBerT ---[www.bts.to]--- .torrent
2015-06-29 22:32 - 2015-07-08 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 22:20 - 2015-07-08 12:40 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-29 22:20 - 2015-06-29 22:25 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-29 22:20 - 2015-06-29 22:20 - 00003900 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-29 22:20 - 2015-06-29 22:20 - 00003664 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-29 22:19 - 2015-06-29 22:20 - 00000000 ____D C:\Users\Rooha\AppData\Local\Deployment
2015-06-26 16:55 - 2015-06-26 16:55 - 00000000 ____D C:\Users\Rooha\AppData\Local\GWX
2015-06-26 15:07 - 2015-03-11 07:19 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-26 15:07 - 2015-03-11 06:39 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-26 15:00 - 2015-05-22 18:38 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-26 15:00 - 2015-05-21 18:38 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-26 15:00 - 2015-05-21 18:38 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-26 15:00 - 2015-05-21 18:38 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-26 15:00 - 2015-05-21 18:38 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-26 15:00 - 2015-05-21 18:38 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-26 15:00 - 2015-05-21 18:38 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-26 15:00 - 2015-04-17 03:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-25 18:59 - 2015-06-25 18:59 - 00280888 _____ C:\WINDOWS\Minidump\062515-26359-01.dmp
2015-06-25 18:59 - 2015-06-25 18:59 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-25 12:23 - 2015-04-10 06:10 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-25 12:23 - 2015-04-10 05:47 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-25 12:18 - 2015-04-01 09:48 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-25 12:18 - 2015-04-01 09:16 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-25 12:18 - 2015-04-01 08:47 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-25 12:18 - 2015-04-01 08:15 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-25 12:18 - 2015-04-01 07:44 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-25 12:17 - 2015-04-09 04:11 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-25 12:17 - 2015-04-02 03:52 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-25 12:17 - 2015-04-02 03:50 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-25 12:17 - 2015-04-01 09:51 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-25 12:17 - 2015-04-01 09:47 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-25 12:17 - 2015-04-01 09:38 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-25 12:17 - 2015-04-01 09:15 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-25 12:17 - 2015-04-01 08:47 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-25 12:17 - 2015-04-01 08:23 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-25 12:17 - 2015-04-01 08:23 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-25 12:17 - 2015-04-01 08:15 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-25 12:17 - 2015-04-01 08:01 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-25 12:17 - 2015-04-01 07:42 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-25 12:17 - 2015-03-20 07:26 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-06-25 12:17 - 2015-03-13 07:32 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-06-25 12:17 - 2015-03-06 08:17 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-06-25 12:17 - 2015-03-02 07:13 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-25 12:17 - 2015-03-02 06:51 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-25 12:17 - 2015-01-30 06:23 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-25 12:11 - 2015-02-18 04:49 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-06-25 12:10 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-25 12:10 - 2015-05-25 18:37 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-25 12:10 - 2015-04-03 06:05 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-25 12:10 - 2015-04-03 05:44 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-06-25 12:10 - 2015-03-06 08:38 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-06-25 12:10 - 2015-03-06 08:13 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-06-25 12:05 - 2015-04-10 06:04 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-25 12:05 - 2015-04-10 05:41 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-25 12:05 - 2015-04-09 03:37 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-25 12:05 - 2015-03-20 09:19 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-25 12:05 - 2015-03-20 08:38 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-25 12:05 - 2015-03-20 08:07 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-25 12:05 - 2015-03-20 07:37 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-25 12:05 - 2015-03-17 22:56 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-06-25 12:05 - 2015-03-09 07:32 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-06-25 12:04 - 2015-04-16 11:47 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-25 12:04 - 2015-04-14 04:07 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-25 12:04 - 2015-04-14 04:04 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-25 12:04 - 2015-04-02 04:12 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-25 12:04 - 2015-04-02 04:00 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-25 12:04 - 2015-03-13 09:33 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-06-25 12:04 - 2015-03-13 09:33 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-06-25 12:04 - 2015-03-13 06:41 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-06-25 12:04 - 2015-03-13 06:09 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-06-25 12:04 - 2015-03-04 07:02 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-06-25 12:04 - 2015-03-04 06:42 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-22 11:05 - 2015-06-26 11:04 - 00003178 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForRooha
2015-06-22 11:05 - 2015-06-26 11:04 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRooha.job
2015-06-11 16:22 - 2015-05-27 20:05 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-11 16:22 - 2015-05-27 19:38 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-11 16:21 - 2015-05-23 00:22 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-11 16:20 - 2015-05-22 23:20 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-11 16:19 - 2015-05-23 07:58 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-11 16:19 - 2015-05-23 07:50 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-11 16:17 - 2015-05-23 08:45 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-11 16:17 - 2015-05-23 08:44 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-11 16:17 - 2015-05-23 08:40 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-11 16:17 - 2015-05-23 08:35 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-11 16:17 - 2015-05-23 08:34 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-11 16:17 - 2015-05-23 08:18 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-11 16:17 - 2015-05-23 08:17 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-11 16:17 - 2015-05-23 08:17 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-11 16:17 - 2015-05-23 08:08 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-11 16:17 - 2015-05-23 08:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-11 16:17 - 2015-05-23 08:07 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-11 16:17 - 2015-05-23 07:58 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-11 16:17 - 2015-05-23 07:46 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-11 16:17 - 2015-05-23 07:44 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-11 16:17 - 2015-05-23 00:30 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-11 16:17 - 2015-05-23 00:30 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-11 16:17 - 2015-05-23 00:30 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-11 16:17 - 2015-05-23 00:18 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-11 16:17 - 2015-05-23 00:17 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-11 16:17 - 2015-05-23 00:17 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-11 16:17 - 2015-05-22 23:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-11 16:17 - 2015-05-22 23:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-11 16:17 - 2015-05-22 23:51 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-11 16:17 - 2015-05-22 23:39 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-11 16:17 - 2015-05-22 23:38 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-11 16:17 - 2015-05-22 23:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-11 16:17 - 2015-05-22 23:35 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-11 16:17 - 2015-05-22 23:27 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-11 16:17 - 2015-05-22 23:19 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-11 16:17 - 2015-05-22 23:08 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-11 16:17 - 2015-05-22 22:56 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-11 16:16 - 2015-05-23 08:17 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-11 16:16 - 2015-05-23 08:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-11 16:16 - 2015-05-22 23:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 18:42 - 2015-06-10 18:42 - 00000000 ____D C:\Users\Rooha\Documents\BLACKBERRY-5607
2015-06-10 18:37 - 2015-05-21 22:17 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 18:37 - 2015-04-25 08:04 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 18:37 - 2015-04-25 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-08 16:17 - 2014-05-19 22:17 - 00001384 _____ C:\WINDOWS\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-6.job
2015-07-08 16:17 - 2014-05-19 22:17 - 00001322 _____ C:\WINDOWS\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-7.job
2015-07-08 16:12 - 2012-09-26 09:53 - 00000950 _____ C:\WINDOWS\SysWOW64\bscs.ini
2015-07-08 16:11 - 2013-07-21 21:38 - 00000000 ____D C:\Users\Rooha\OneDrive
2015-07-08 16:10 - 2015-01-01 18:10 - 01657118 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-08 16:08 - 2015-01-01 18:41 - 00003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2015-07-08 16:08 - 2015-01-01 18:41 - 00000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2015-07-08 16:08 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-08 12:45 - 2013-07-21 12:44 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1071033344-2270758295-2084488698-1002
2015-07-08 12:44 - 2013-07-21 14:56 - 00000000 ____D C:\Users\Rooha\AppData\Roaming\vlc
2015-07-08 12:40 - 2015-05-30 22:26 - 00000570 _____ C:\WINDOWS\Tasks\godzilla_shopper_helper_service.job
2015-07-08 12:40 - 2015-04-18 18:26 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-08 12:40 - 2015-04-11 10:26 - 00001328 _____ C:\WINDOWS\Tasks\kin_kon_notification_service.job
2015-07-08 12:40 - 2015-04-11 10:26 - 00000690 _____ C:\WINDOWS\Tasks\kin_kon_updating_service.job
2015-07-08 12:40 - 2014-05-19 22:18 - 00001472 _____ C:\WINDOWS\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-5.job
2015-07-08 12:40 - 2014-05-19 22:17 - 00002278 _____ C:\WINDOWS\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-4.job
2015-07-08 12:40 - 2014-05-19 22:17 - 00001374 _____ C:\WINDOWS\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-1.job
2015-07-08 12:40 - 2014-05-19 22:17 - 00001348 _____ C:\WINDOWS\Tasks\a7982934-0630-49b5-bdb1-d23d83f53ffd-2.job
2015-07-08 12:40 - 2014-05-19 22:16 - 00000972 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-08 12:40 - 2014-04-28 23:22 - 00001456 _____ C:\WINDOWS\Tasks\00e1002c-7029-4aa8-96af-5a4f99b861b7-5.job
2015-07-08 12:40 - 2014-04-28 23:22 - 00001376 _____ C:\WINDOWS\Tasks\00e1002c-7029-4aa8-96af-5a4f99b861b7-1.job
2015-07-08 12:40 - 2014-04-28 23:22 - 00001348 _____ C:\WINDOWS\Tasks\00e1002c-7029-4aa8-96af-5a4f99b861b7-2.job
2015-07-08 12:40 - 2014-04-28 23:21 - 00002806 _____ C:\WINDOWS\Tasks\00e1002c-7029-4aa8-96af-5a4f99b861b7-3.job
2015-07-08 12:40 - 2014-04-28 23:21 - 00002274 _____ C:\WINDOWS\Tasks\00e1002c-7029-4aa8-96af-5a4f99b861b7-4.job
2015-07-08 12:04 - 2013-07-21 13:01 - 00000000 ____D C:\Users\Rooha\AppData\Roaming\DMCache
2015-07-08 11:59 - 2015-05-16 07:35 - 00000000 ____D C:\Program Files (x86)\XTab
2015-07-08 11:59 - 2015-01-01 18:23 - 00000000 ____D C:\Users\Rooha
2015-07-08 11:58 - 2013-08-22 20:16 - 00323695 _____ C:\WINDOWS\setupact.log
2015-07-08 11:58 - 2013-08-22 20:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-08 11:58 - 2013-08-22 20:14 - 00495128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-08 10:56 - 2013-08-22 18:55 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-07-08 10:55 - 2014-12-22 23:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-07-08 10:55 - 2014-09-24 15:28 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-07-08 10:55 - 2013-08-22 21:06 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-08 10:55 - 2013-08-22 21:06 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-07-08 10:51 - 2015-04-04 20:37 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-08 10:51 - 2014-02-22 13:00 - 00000000 ____D C:\Users\Rooha\AppData\Roaming\uTorrent
2015-07-08 10:51 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\rescache
2015-07-08 10:51 - 2013-08-22 19:06 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-07-08 10:50 - 2015-05-30 22:26 - 00000000 ____D C:\Program Files (x86)\Godzilla Shopper
2015-07-08 10:50 - 2015-04-11 10:26 - 00000000 ____D C:\Program Files (x86)\kin kon
2015-07-08 10:50 - 2015-03-21 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-08 10:50 - 2015-03-21 17:54 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-08 10:50 - 2015-03-19 17:54 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-08 10:50 - 2014-12-27 11:19 - 00000000 ____D C:\Program Files (x86)\DeltaFix
2015-07-08 10:50 - 2014-12-27 11:15 - 00000000 ____D C:\Program Files (x86)\Google Quick Scroll
2015-07-08 10:50 - 2014-12-27 11:13 - 00000000 ____D C:\ProgramData\nknlmlajddmfpkhpijbcpdgmlgimhoik
2015-07-08 10:50 - 2014-12-23 16:11 - 00000000 ____D C:\ProgramData\ajfplcaclbebhbehdgdjnalgdmglafln
2015-07-08 10:50 - 2014-12-04 23:34 - 00000000 ____D C:\Users\Rooha\AppData\Local\bluesoleil
2015-07-08 10:50 - 2014-05-19 22:16 - 00000000 ____D C:\Program Files (x86)\Torntv V9.0
2015-07-08 10:50 - 2014-04-22 21:38 - 00000000 ____D C:\ProgramData\sauve nEt
2015-07-08 10:50 - 2014-04-22 21:37 - 00000000 ____D C:\ProgramData\fa7b41d15429ec4b
2015-07-08 10:50 - 2013-10-08 17:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-08 10:50 - 2013-07-21 13:14 - 00000000 ____D C:\Program Files (x86)\WinRAR
2015-07-08 10:37 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\registration
2015-07-08 10:34 - 2014-12-27 11:24 - 00000000 ____D C:\ProgramData\IePluginServices
2015-07-08 08:44 - 2013-10-10 18:31 - 00510976 ___SH C:\Users\Rooha\Desktop\Thumbs.db
2015-07-07 12:57 - 2014-09-24 12:38 - 00021700 _____ C:\WINDOWS\PFRO.log
2015-07-06 09:55 - 2013-08-26 18:59 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-07-05 20:27 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-29 22:38 - 2015-01-04 18:00 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-29 22:37 - 2013-07-21 13:04 - 00000000 ____D C:\Users\Rooha\AppData\Local\Google
2015-06-29 22:32 - 2013-07-21 13:04 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-29 22:25 - 2014-05-19 22:16 - 00000976 _____ C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-06-29 22:16 - 2014-11-20 12:01 - 00000000 ____D C:\Users\Rooha\Documents\My Games
2015-06-29 22:16 - 2014-11-20 11:45 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-29 21:50 - 2013-10-05 21:45 - 00000960 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1071033344-2270758295-2084488698-1002UA.job
2015-06-29 21:50 - 2013-10-05 21:45 - 00000938 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1071033344-2270758295-2084488698-1002Core.job
2015-06-29 21:41 - 2015-01-01 21:07 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7DA67A9C-25BC-4DAF-AEBC-3F94EAD821DD}
2015-06-27 15:54 - 2013-07-21 12:48 - 00000000 ____D C:\Users\Rooha\AppData\Local\Adobe
2015-06-27 15:49 - 2015-05-17 13:26 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-27 15:45 - 2015-01-04 18:00 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-26 15:55 - 2012-07-26 13:29 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-26 15:53 - 2015-04-04 20:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-25 18:59 - 2013-09-15 11:34 - 462096501 _____ C:\WINDOWS\MEMORY.DMP
2015-06-21 12:51 - 2014-09-24 12:50 - 00960544 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-21 09:10 - 2015-03-29 12:57 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-06-21 09:10 - 2015-03-29 12:57 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-06-21 09:10 - 2015-03-29 12:48 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-06-21 09:10 - 2015-03-29 12:47 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-06-21 09:10 - 2013-08-22 16:52 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-06-21 09:10 - 2013-08-22 16:52 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-06-21 09:10 - 2013-08-22 16:47 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-06-21 09:10 - 2013-08-22 16:47 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-06-21 09:10 - 2013-08-22 16:47 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-06-21 09:10 - 2013-08-22 09:26 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-06-21 09:10 - 2013-08-22 09:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-06-21 09:10 - 2013-08-22 09:21 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-06-21 09:10 - 2013-08-22 09:21 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-06-21 09:10 - 2013-08-22 09:21 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-06-20 21:45 - 2014-01-03 14:33 - 00000000 ____D C:\Users\Rooha\Documents\Electronic Arts
2015-06-20 21:41 - 2015-05-30 20:52 - 00001203 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2015-06-20 21:41 - 2015-05-30 20:43 - 00000000 ____D C:\Program Files (x86)\The Sims 4
2015-06-20 21:41 - 2015-05-30 20:31 - 00001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4.lnk
2015-06-20 08:32 - 2015-01-03 17:42 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 08:32 - 2015-01-03 17:42 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-16 00:32 - 2015-01-01 21:07 - 00000000 __SHD C:\Users\Rooha\AppData\Local\EmieUserList
2015-06-16 00:32 - 2015-01-01 21:07 - 00000000 __SHD C:\Users\Rooha\AppData\Local\EmieSiteList
2015-06-16 00:32 - 2015-01-01 21:07 - 00000000 __SHD C:\Users\Rooha\AppData\Local\EmieBrowserModeList
2015-06-11 21:59 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-11 21:58 - 2013-07-21 14:31 - 00000000 ____D C:\ProgramData\Microsoft Help

==================== Files in the root of some directories =======

2013-10-05 21:44 - 2013-10-05 21:44 - 0501248 _____ (Facebook Inc.) C:\Program Files (x86)\FacebookVideoCallSetup_v1.2.205.0.exe
2013-12-09 12:20 - 2013-12-18 12:41 - 0000174 _____ () C:\Users\Rooha\AppData\Roaming\default.rss
2015-06-05 01:44 - 2015-06-05 01:44 - 68300800 __RSH () C:\Users\Rooha\AppData\Roaming\obibafktai.exe
2013-07-21 14:44 - 2013-11-05 23:06 - 0009216 _____ () C:\Users\Rooha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-22 00:18 - 2013-07-22 00:18 - 0000525 _____ () C:\ProgramData\CyberlinkOutput.txt
2013-07-22 01:14 - 2013-07-22 01:14 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\Rooha\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\Rooha\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\Rooha\AppData\Local\Temp\cdo1004585366.dll
C:\Users\Rooha\AppData\Local\Temp\cdo1443936661.dll
C:\Users\Rooha\AppData\Local\Temp\cdo2071162365.dll
C:\Users\Rooha\AppData\Local\Temp\cdo2281370893.dll
C:\Users\Rooha\AppData\Local\Temp\cdo3231177448.dll
C:\Users\Rooha\AppData\Local\Temp\cdo3758318046.dll
C:\Users\Rooha\AppData\Local\Temp\cdo4247270696.dll
C:\Users\Rooha\AppData\Local\Temp\DesktopInstaller.exe
C:\Users\Rooha\AppData\Local\Temp\Extract.exe
C:\Users\Rooha\AppData\Local\Temp\SP58496.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-07 22:54

==================== End of log ============================