Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 Ran by Rajinikanth (administrator) on SARVESH-DSK (10-11-2015 17:55:21) Running from G:\ Loaded Profiles: Rajinikanth (Available Profiles: Rajinikanth & Deploy) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Ralink Technology, Corp.) C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe (Ralink Technology, Corp.) C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (BitTorrent Inc.) C:\Users\Rajinikanth\AppData\Roaming\uTorrent\uTorrent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (TP-LINK Technology, Corp.) C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe () C:\Windows\VID_0e8f&PID_0003\Watchps3.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (BitTorrent Inc.) C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe (BitTorrent Inc.) C:\Users\Rajinikanth\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe () C:\ProgramData\igfxext_64.dll (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [igfxEM_64] => C:\ProgramData\igfxEM_64.exe [4096 2015-11-10] () HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [505872 2012-07-25] (CyberLink) HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [374560 2012-07-25] (CyberLink Corp.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc) HKU\S-1-5-21-1873260180-584723267-4080468776-1000\...\Run: [Google Update] => C:\Users\Rajinikanth\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-1873260180-584723267-4080468776-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG) HKU\S-1-5-21-1873260180-584723267-4080468776-1000\...\Run: [uTorrent] => C:\Users\Rajinikanth\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-13] (BitTorrent Inc.) HKU\S-1-5-21-1873260180-584723267-4080468776-1000\...\Run: [AVG-Secure-Search-Update_0913a] => C:\Users\Rajinikanth\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid e9ece8404a8f47d1a8d3d15a0f75730d-ad1491be2ce6c122f6b66faa90e70c2decf7d34c --CMPID 0913a HKU\S-1-5-21-1873260180-584723267-4080468776-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-1873260180-584723267-4080468776-1000\...\MountPoints2: {e9594a04-17cf-11e5-9834-98588a039dc4} - F:\setup.exe Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-12-28] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Client Utility.lnk [2012-07-05] ShortcutTarget: TP-LINK Wireless Client Utility.lnk -> C:\Program Files (x86)\TP-LINK\COMMON\TWCU.exe (TP-LINK Technology, Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Watchps3.exe.lnk [2015-08-11] ShortcutTarget: Watchps3.exe.lnk -> C:\Windows\VID_0e8f&PID_0003\Watchps3.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{0B29B12F-5142-4420-935D-3E17F0E6FDDB}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{492BB5EE-2F43-4084-A03B-2BF7904C8544}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{69C927DF-D948-467A-8720-6ED730F92778}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-1873260180-584723267-4080468776-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-21-1873260180-584723267-4080468776-1000 -> {78CC8F23-5F76-4711-9F10-B19F78179064} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms} BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll => No File BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-08-09] (RealDownloader) BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll => No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-22] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-22] (Oracle Corporation) Toolbar: HKLM - s1 Search.us.com Toolbar - {8211CED8-A242-48B3-A191-234BEBB7F509} - C:\Users\Rajinikanth\AppData\Local\TNT2\2.0.0.1057\IEToolbar64.dll No File Toolbar: HKU\S-1-5-21-1873260180-584723267-4080468776-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-1873260180-584723267-4080468776-1000 -> s1 Search.us.com Toolbar - {8211CED8-A242-48B3-A191-234BEBB7F509} - C:\Users\Rajinikanth\AppData\Local\TNT2\2.0.0.1057\IEToolbar64.dll No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File FireFox: ======== FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-22] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.2.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-08-09] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.2.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-08-09] (RealNetworks, Inc.) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-08-09] (RealDownloader) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-15] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1873260180-584723267-4080468776-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Rajinikanth\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin HKU\S-1-5-21-1873260180-584723267-4080468776-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Rajinikanth\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{B1FC07E1-E05B-4567-8891-E63FBE545BA8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-11-09] [not signed] Chrome: ======= CHR Profile: C:\Users\Rajinikanth\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (No Name) - C:\Users\Rajinikanth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-09] CHR Extension: (No Name) - C:\Users\Rajinikanth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-09] CHR Extension: (No Name) - C:\Users\Rajinikanth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-09] CHR Extension: (No Name) - C:\Users\Rajinikanth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-11-09] CHR Extension: (No Name) - C:\Users\Rajinikanth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-09] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-08-09] StartMenuInternet: Google Chrome - C:\Users\Rajinikanth\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.) R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-07-25] (CyberLink Corp.) R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-07-25] (CyberLink) R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-07-25] (CyberLink) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation) R2 RalinkRegistryWriter; C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry.exe [374112 2011-03-14] (Ralink Technology, Corp.) R2 RalinkRegistryWriter64; C:\Program Files (x86)\TP-LINK\COMMON\RaRegistry64.exe [451936 2011-03-14] (Ralink Technology, Corp.) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-08-09] () S3 TpMediaServer; C:\Program Files (x86)\TP-LINK\COMMON\RaMediaServer.exe [619872 2011-03-14] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-28] (Broadcom Corporation.) R1 BIOS; C:\Windows\system32\drivers\BIOS64.sys [14136 2009-06-17] (BIOSTAR Group) R1 BIOS; C:\Windows\SysWOW64\drivers\BIOS64.sys [14136 2009-06-17] (BIOSTAR Group) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-20] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 MpKslb6c95284; C:\Windows\system32\MpEngineStore\MpKslb6c95284.sys [44928 2015-11-09] (Microsoft Corporation) R1 MpKslcf41a2e4; C:\Windows\system32\MpEngineStore\MpKslcf41a2e4.sys [44928 2015-11-09] (Microsoft Corporation) S3 MPMFL; C:\Windows\System32\DRIVERS\MPMFL.sys [23272 2012-12-17] (Windows (R) Server 2003 DDK provider) R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation) S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) S3 ZG760_64; C:\Windows\System32\DRIVERS\WlanGZ64.SYS [493696 2006-08-17] (ZyDAS Technology Corporation) S3 ZG760_64; C:\Windows\SysWOW64\DRIVERS\WlanGZ64.SYS [493696 2006-08-17] (ZyDAS Technology Corporation) R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-08-10] (CyberLink Corp.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-10 17:44 - 2015-11-10 17:44 - 00004096 _____ C:\ProgramData\igfxEM_64.exe 2015-11-10 17:43 - 2015-11-10 17:43 - 00004096 _____ C:\ProgramData\igfxext_64.dll 2015-11-09 19:03 - 2015-11-09 23:16 - 00000000 ____D C:\Windows\system32\MpEngineStore 2015-11-09 07:49 - 2015-11-10 17:40 - 00003380 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1873260180-584723267-4080468776-1000 2015-11-09 07:49 - 2015-11-10 17:40 - 00003258 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1873260180-584723267-4080468776-1000 2015-11-08 23:24 - 2015-11-08 23:24 - 00000036 _____ C:\Users\Rajinikanth\AppData\Local\housecall.guid.cache 2015-11-08 23:14 - 2015-11-08 23:14 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\QuickScan 2015-11-08 17:53 - 2015-11-08 17:54 - 00037596 _____ C:\Users\Rajinikanth\Desktop\Addition.txt 2015-11-08 17:51 - 2015-11-10 17:55 - 00000000 ____D C:\FRST 2015-11-08 17:51 - 2015-11-08 17:54 - 00024936 _____ C:\Users\Rajinikanth\Desktop\FRST.txt 2015-11-08 17:36 - 2015-11-08 17:44 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\tor 2015-11-08 16:42 - 2015-11-08 16:42 - 00007626 _____ C:\Users\Rajinikanth\AppData\Local\Resmon.ResmonCfg 2015-11-08 16:36 - 2015-11-08 16:36 - 00000137 _____ C:\Users\Rajinikanth\Desktop\debug.log 2015-11-08 14:37 - 2015-11-09 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-08 14:37 - 2015-11-09 11:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-08 14:37 - 2015-11-08 15:24 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\Mozilla 2015-11-08 14:37 - 2015-11-08 14:37 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\Mozilla 2015-11-08 02:23 - 2015-11-10 17:42 - 00000000 ____D C:\Users\Rajinikanth\AppData\LocalLow\uTorrent 2015-10-23 20:26 - 2015-11-09 10:12 - 03471692 _____ C:\Windows\system32\CFG2228303646 2015-10-23 20:14 - 2015-10-23 20:14 - 00329496 _____ C:\Windows\Minidump\102315-55536-01.dmp 2015-10-23 20:11 - 2015-10-23 20:12 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8} 2015-10-13 20:32 - 2015-10-13 20:32 - 00020679 _____ C:\Users\Rajinikanth\Downloads\32415815A0B4621400688F0BF2966D7FD3435D93.torrent 2015-10-13 20:31 - 2015-10-13 20:31 - 00019703 _____ C:\Users\Rajinikanth\Downloads\D6525C8CB07CBC6CE001A97541DAD408D4F1FFF0.torrent 2015-10-13 20:30 - 2015-10-13 20:30 - 00019715 _____ C:\Users\Rajinikanth\Downloads\81BA198ED92739B4BCEE99C90FF5EFA0B71069D4.torrent 2015-10-13 20:28 - 2015-10-13 20:28 - 00017607 _____ C:\Users\Rajinikanth\Downloads\D5A14DD9675E85750E60051FC86F0AB402E9443F.torrent 2015-10-13 20:24 - 2015-10-13 20:24 - 00013303 _____ C:\Users\Rajinikanth\Downloads\www.TamilRockers.com - Unnale Unnale 2006 Tamil 720p DVDRip x264 1.2GB ESubs.torrent 2015-10-13 20:23 - 2015-10-13 20:23 - 00012075 _____ C:\Users\Rajinikanth\Downloads\www.TamilRockers.com - VSOP (2015)1080p v2 HD - AVC - MP4 - 5.1 - 4.4GB - Tamil.mp4.torrent 2015-10-13 20:21 - 2015-10-13 20:21 - 00016196 _____ C:\Users\Rajinikanth\Downloads\www.TamilRockers.com - Baahubali (2015)1080p DVDRip - Tamil AAC 5.1 (Original) - 3GB ESubs.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-10 17:55 - 2012-09-08 20:28 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\uTorrent 2015-11-10 17:52 - 2009-07-13 22:45 - 00026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-10 17:52 - 2009-07-13 22:45 - 00026000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-10 17:51 - 2012-02-01 01:41 - 01088688 _____ C:\Windows\WindowsUpdate.log 2015-11-10 17:47 - 2009-07-13 23:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-10 17:43 - 2015-06-22 00:51 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\Raptr 2015-11-10 17:40 - 2013-06-07 16:59 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job 2015-11-10 17:40 - 2013-06-03 04:33 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2015-11-10 17:40 - 2012-02-01 02:10 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-10 17:40 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-10 17:40 - 2009-07-13 22:51 - 00111776 _____ C:\Windows\setupact.log 2015-11-10 01:00 - 2012-02-10 22:09 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1873260180-584723267-4080468776-1000UA.job 2015-11-09 20:00 - 2012-02-10 22:09 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1873260180-584723267-4080468776-1000Core.job 2015-11-09 18:58 - 2015-06-20 00:12 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\CrashDumps 2015-11-09 11:08 - 2015-07-18 22:43 - 00000000 ____D C:\Program Files (x86)\Google 2015-11-09 11:08 - 2014-07-23 17:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrok 2015-11-09 11:08 - 2014-07-23 17:07 - 00000000 ____D C:\Program Files (x86)\Acrok 2015-11-09 11:08 - 2012-08-24 15:37 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\vlc 2015-11-09 11:08 - 2012-08-01 12:42 - 00000000 ____D C:\Users\Deploy 2015-11-09 11:08 - 2012-02-10 22:09 - 00000000 ____D C:\Users\Rajinikanth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-11-09 11:08 - 2012-02-10 22:09 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\Google 2015-11-09 11:08 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF 2015-11-09 11:08 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration 2015-11-09 11:08 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\AppCompat 2015-11-09 11:07 - 2014-01-21 01:24 - 00000000 ____D C:\ProgramData\RealNetworks 2015-11-09 07:44 - 2012-02-01 01:40 - 00000000 ____D C:\Users\Rajinikanth 2015-11-08 19:23 - 2009-07-13 23:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-11-08 14:32 - 2012-02-10 22:09 - 00000000 ____D C:\Users\Rajinikanth\AppData\Local\Deployment 2015-10-23 20:14 - 2012-02-16 00:10 - 00000000 ____D C:\Windows\Minidump 2015-10-23 20:10 - 2012-02-10 23:53 - 00000000 ____D C:\ProgramData\MFAData 2015-10-21 14:37 - 2015-06-23 08:54 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task ==================== Files in the root of some directories ======= 2009-07-13 17:19 - 2009-07-13 19:14 - 0581632 _____ () C:\Users\Rajinikanth\AppData\Roaming\BackUp2228303646.exe 2012-08-01 23:29 - 2012-09-29 14:45 - 0015872 _____ () C:\Users\Rajinikanth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-08 23:24 - 2015-11-08 23:24 - 0000036 _____ () C:\Users\Rajinikanth\AppData\Local\housecall.guid.cache 2015-11-08 16:42 - 2015-11-08 16:42 - 0007626 _____ () C:\Users\Rajinikanth\AppData\Local\Resmon.ResmonCfg 2015-11-10 17:44 - 2015-11-10 17:44 - 0004096 _____ () C:\ProgramData\igfxEM_64.exe 2015-11-10 17:43 - 2015-11-10 17:43 - 0004096 _____ () C:\ProgramData\igfxext_64.dll 2012-08-07 12:49 - 2012-08-07 12:49 - 4608000 _____ () C:\ProgramData\ReadOnlyInstaller.msi 2012-08-24 15:22 - 2012-08-24 15:22 - 0033958 _____ () C:\ProgramData\uninstaller.exe Files to move or delete: ==================== C:\ProgramData\igfxEM_64.exe C:\ProgramData\igfxext_64.dll C:\ProgramData\uninstaller.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-11-04 00:53 ==================== End of FRST.txt ============================