Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pop up Nusiance [Closed]

Started by snash1039 , Jan 15 2015 09:18 AM

  • This topic is locked This topic is locked

#1
snash1039
Posted 15 January 2015 - 09:18 AM

snash1039

    Member

  • Member
  • PipPip
  • 32 posts

I am getting pops up and advertising pages when I am on a exsisting page it redirect it to another page when I am searching the net. This is becoming a nuisance. Is there a way I can get rid of. I have tried the usual method and settings to block it, yet I am still getting them.

 

Any recommendations?


  • 0

Advertisements

#2
Valinorum
Posted 16 January 2015 - 03:23 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Hi snash1039, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction, stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 
  • Step #1 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #2 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #3 Scan with Farbar Recovery Scan Tool
    • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
      Download link for 32 bit system
      Download link for 64 bit system
    • Right-click on the program and choose Run as administrator;
    • Put tick-mark on all boxes under Whitelist and Optional Scan;
    • Click on Scan;
    • After the scan two notepad files will be opened --
      • FRST.txt;
      • Addition.txt
    • Copy and Paste the contents of the logs in your next reply.
 
  • Required Log(s):
    • AdwCleaner Log
    • Junwkare Removal Tool Log
    • Farbar Log(s)--
      • FRST.txt
      • Addition.txt
Regards,
Valinorum
  • 0

#3
snash1039
Posted 17 January 2015 - 02:28 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
# AdwCleaner v4.108 - Report created 17/01/2015 at 19:41:07
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : jitesh - SOVEREIGN-PC
# Running from : C:\Users\jitesh\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : CltMngSvc
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : sbmntr
Service Deleted : WindowsMangerProtect
Service Deleted : IHProtect Service
Service Deleted : SWUpdater
[#] Service Deleted : Update Cyti Web
[#] Service Deleted : Util Cyti Web
Service Deleted : {921265c3-88e5-40e1-8d74-df5314572900}Gw64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[!] Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Sense
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\StormWatch
Folder Deleted : C:\Program Files (x86)\Search Extensions
Folder Deleted : C:\Program Files (x86)\Super Optimizer
Folder Deleted : C:\Program Files (x86)\CloudGuard
Folder Deleted : C:\Program Files (x86)\VideoMedia+Player_v2.3
Folder Deleted : C:\Program Files (x86)\ClickCaption_1.10.0.2
Folder Deleted : C:\Program Files (x86)\WSE_Vosteran
Folder Deleted : C:\Program Files (x86)\Browsers+Apps+1.1
Folder Deleted : C:\Program Files (x86)\Ge-Force
[!] Folder Deleted : C:\Program Files (x86)\Cyti Web
Folder Deleted : C:\Program Files (x86)\XTab
[!] Folder Deleted : C:\Program Files (x86)\Cyti Web
Folder Deleted : C:\Users\jitesh\AppData\Local\Temp\Cyti Web
Folder Deleted : C:\Program Files\ClickCaption_1.10.0.2
Folder Deleted : C:\Users\jitesh\AppData\Local\Gameo
Folder Deleted : C:\Users\jitesh\AppData\Local\globalUpdate
Folder Deleted : C:\Users\jitesh\AppData\Local\LPT
Folder Deleted : C:\Users\jitesh\AppData\Local\SearchProtect
Folder Deleted : C:\Users\jitesh\AppData\Local\Smartbar
Folder Deleted : C:\Users\jitesh\AppData\Local\StormWatch
Folder Deleted : C:\Users\jitesh\AppData\Local\Weather_Protector_LLC
Folder Deleted : C:\Users\jitesh\AppData\Local\CrashRpt
Folder Deleted : C:\Users\jitesh\AppData\Local\Vosteran
Folder Deleted : C:\Users\jitesh\AppData\LocalLow\Sense
Folder Deleted : C:\Users\jitesh\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\jitesh\AppData\LocalLow\Ge-Force
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Gameo
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Nosibay
Folder Deleted : C:\Users\jitesh\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Store
Folder Deleted : C:\Users\jitesh\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Pro PC Cleaner
Folder Deleted : C:\Users\jitesh\AppData\Roaming\MailUpdate
Folder Deleted : C:\Users\jitesh\AppData\Roaming\WSE_Vosteran
Folder Deleted : C:\Users\jitesh\AppData\Roaming\WTools
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vosteran
Folder Deleted : C:\Users\jitesh\Documents\Optimizer Pro
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\rwaza_000\AppData\Local\StormWatch
Folder Deleted : C:\Users\rwaza_000\AppData\Local\mbot_gb_218
Folder Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
Folder Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
Folder Deleted : C:\Users\rwaza_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Opera Software\Opera Stable\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
Folder Deleted : C:\Users\rwaza_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
File Deleted : C:\END
File Deleted : C:\WINDOWS\SysWOW64\RegistryHelperLM.ocx
File Deleted : C:\WINDOWS\System32\drivers\{921265c3-88e5-40e1-8d74-df5314572900}Gw64.sys
File Deleted : C:\Users\jitesh\AppData\Roaming\Bubble Dock.boostrap.log
File Deleted : C:\Users\jitesh\AppData\Roaming\WindApp.boostrap.log
File Deleted : C:\Users\jitesh\AppData\Roaming\Bubble Dock.installation.log
File Deleted : C:\Users\jitesh\AppData\Roaming\WindApp.installation.log
File Deleted : C:\Users\jitesh\AppData\Roaming\Selection Tools.installation.log
File Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
File Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
File Deleted : C:\Users\jitesh\Desktop\YTDownloader.lnk
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : RocketTab Update Task
Task Deleted : RocketTab
Task Deleted : SMupdate1
Task Deleted : WindApp Update
Task Deleted : YTDownloader
Task Deleted : CloudScout
Task Deleted : WSE_Vosteran
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup
Task Deleted : Selection Tools Update
Task Deleted : YTDownloaderUpd
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-1
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-2
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-5
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-5_user
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-6
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-7
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-1
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-10_user
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-11
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-2
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-3
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-4
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-5
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-5_user
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-1
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-11
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-2
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-3
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-4
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-5
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-5_user
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-1
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-2
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-5
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-5_user
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-6
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-7
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WindApp]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Cyti Web
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Cyti Web
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_gb_218]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A18EA34C-6D33-4298-8A54-7F16499904C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611901159}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611971195}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622492269}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622502255}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622902259}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622972295}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655495569}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655505555}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655905559}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655975595}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666496669}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666506655}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666906659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666976695}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644494469}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644504455}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644904459}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644974495}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4b030cae-5396-4e8d-b29f-0bc3213ab606}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901159}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611971195}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A18EA34C-6D33-4298-8A54-7F16499904C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611901159}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611971195}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A18EA34C-6D33-4298-8A54-7F16499904C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611491169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611501155}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611901159}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611971195}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622492269}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622502255}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622902259}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622972295}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655495569}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655505555}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655905559}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655975595}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666496669}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666506655}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666906659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666976695}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901159}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611971195}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\MyBestOffersToday
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\RocketTabInstalled
Key Deleted : HKCU\Software\Search Extensions
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Store
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\gameo
Key Deleted : HKCU\Software\WTools
Key Deleted : HKCU\Software\Cyti Web
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKCU\Software\AppDataLow\Software\Browsers+Apps+1.1
Key Deleted : HKCU\Software\AppDataLow\Software\Ge-Force
Key Deleted : HKCU\Software\AppDataLow\Software\VideoMedia+Player_v2.3
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\MyBestOffersToday
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\RocketTab
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\StormWatch
Key Deleted : HKLM\SOFTWARE\CloudGuard
Key Deleted : HKLM\SOFTWARE\ClickCaption_1.10.0.2
Key Deleted : HKLM\SOFTWARE\Browsers+Apps+1.1
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\Ge-Force
Key Deleted : HKLM\SOFTWARE\VideoMedia+Player_v2.3
Key Deleted : HKLM\SOFTWARE\Cyti Web
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\windapp
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\StormWatch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Selection Tools
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CloudGuard
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickCaption_1.10.0.2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsers+Apps+1.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoMedia+Player_v2.3
Key Deleted : [x64] HKLM\SOFTWARE\Iminent
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Cyti Web
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safesearch.net
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
-\\ Opera v0.0.0.0
 
[C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [38728 octets] - [17/01/2015 19:37:20]
AdwCleaner[S0].txt - [35345 octets] - [17/01/2015 19:41:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35406 octets] ##########

  • 0

#4
snash1039
Posted 17 January 2015 - 02:29 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
# AdwCleaner v4.108 - Report created 17/01/2015 at 19:41:07
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : jitesh - SOVEREIGN-PC
# Running from : C:\Users\jitesh\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : CltMngSvc
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : sbmntr
Service Deleted : WindowsMangerProtect
Service Deleted : IHProtect Service
Service Deleted : SWUpdater
[#] Service Deleted : Update Cyti Web
[#] Service Deleted : Util Cyti Web
Service Deleted : {921265c3-88e5-40e1-8d74-df5314572900}Gw64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[!] Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Sense
Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Program Files (x86)\StormWatch
Folder Deleted : C:\Program Files (x86)\Search Extensions
Folder Deleted : C:\Program Files (x86)\Super Optimizer
Folder Deleted : C:\Program Files (x86)\CloudGuard
Folder Deleted : C:\Program Files (x86)\VideoMedia+Player_v2.3
Folder Deleted : C:\Program Files (x86)\ClickCaption_1.10.0.2
Folder Deleted : C:\Program Files (x86)\WSE_Vosteran
Folder Deleted : C:\Program Files (x86)\Browsers+Apps+1.1
Folder Deleted : C:\Program Files (x86)\Ge-Force
[!] Folder Deleted : C:\Program Files (x86)\Cyti Web
Folder Deleted : C:\Program Files (x86)\XTab
[!] Folder Deleted : C:\Program Files (x86)\Cyti Web
Folder Deleted : C:\Users\jitesh\AppData\Local\Temp\Cyti Web
Folder Deleted : C:\Program Files\ClickCaption_1.10.0.2
Folder Deleted : C:\Users\jitesh\AppData\Local\Gameo
Folder Deleted : C:\Users\jitesh\AppData\Local\globalUpdate
Folder Deleted : C:\Users\jitesh\AppData\Local\LPT
Folder Deleted : C:\Users\jitesh\AppData\Local\SearchProtect
Folder Deleted : C:\Users\jitesh\AppData\Local\Smartbar
Folder Deleted : C:\Users\jitesh\AppData\Local\StormWatch
Folder Deleted : C:\Users\jitesh\AppData\Local\Weather_Protector_LLC
Folder Deleted : C:\Users\jitesh\AppData\Local\CrashRpt
Folder Deleted : C:\Users\jitesh\AppData\Local\Vosteran
Folder Deleted : C:\Users\jitesh\AppData\LocalLow\Sense
Folder Deleted : C:\Users\jitesh\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\jitesh\AppData\LocalLow\Ge-Force
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Gameo
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Nosibay
Folder Deleted : C:\Users\jitesh\AppData\Roaming\omiga-plus
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Store
Folder Deleted : C:\Users\jitesh\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Pro PC Cleaner
Folder Deleted : C:\Users\jitesh\AppData\Roaming\MailUpdate
Folder Deleted : C:\Users\jitesh\AppData\Roaming\WSE_Vosteran
Folder Deleted : C:\Users\jitesh\AppData\Roaming\WTools
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormWatch
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vosteran
Folder Deleted : C:\Users\jitesh\Documents\Optimizer Pro
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\rwaza_000\AppData\Local\StormWatch
Folder Deleted : C:\Users\rwaza_000\AppData\Local\mbot_gb_218
Folder Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
Folder Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
Folder Deleted : C:\Users\rwaza_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh
Folder Deleted : C:\Users\jitesh\AppData\Roaming\Opera Software\Opera Stable\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
Folder Deleted : C:\Users\rwaza_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\hoidflomjnnnbiemmkjdjkkialmhbago
File Deleted : C:\END
File Deleted : C:\WINDOWS\SysWOW64\RegistryHelperLM.ocx
File Deleted : C:\WINDOWS\System32\drivers\{921265c3-88e5-40e1-8d74-df5314572900}Gw64.sys
File Deleted : C:\Users\jitesh\AppData\Roaming\Bubble Dock.boostrap.log
File Deleted : C:\Users\jitesh\AppData\Roaming\WindApp.boostrap.log
File Deleted : C:\Users\jitesh\AppData\Roaming\Bubble Dock.installation.log
File Deleted : C:\Users\jitesh\AppData\Roaming\WindApp.installation.log
File Deleted : C:\Users\jitesh\AppData\Roaming\Selection Tools.installation.log
File Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
File Deleted : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk
File Deleted : C:\Users\jitesh\Desktop\YTDownloader.lnk
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage
File Deleted : C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage-journal
File Deleted : C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : RocketTab Update Task
Task Deleted : RocketTab
Task Deleted : SMupdate1
Task Deleted : WindApp Update
Task Deleted : YTDownloader
Task Deleted : CloudScout
Task Deleted : WSE_Vosteran
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup
Task Deleted : Selection Tools Update
Task Deleted : YTDownloaderUpd
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-1
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-2
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-5
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-5_user
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-6
Task Deleted : 041e94e9-c63a-4e2d-8d19-18b3cd29048a-7
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-1
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-10_user
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-11
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-2
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-3
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-4
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-5
Task Deleted : 30c9d699-fc2e-4545-a144-7dcce2b5832c-5_user
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-1
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-11
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-2
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-3
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-4
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-5
Task Deleted : b8b3e879-0421-4a88-88ab-870468bdf42b-5_user
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-1
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-2
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-5
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-5_user
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-6
Task Deleted : f488fad3-07b0-4e93-9374-6cbde7ad8707-7
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WindApp]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Cyti Web
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Cyti Web
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_gb_218]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A18EA34C-6D33-4298-8A54-7F16499904C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611901159}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611971195}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622492269}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622502255}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622902259}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622972295}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655495569}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655505555}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655905559}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655975595}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666496669}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666506655}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666906659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666976695}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644494469}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644504455}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644904459}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644974495}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4b030cae-5396-4e8d-b29f-0bc3213ab606}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901159}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611971195}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A18EA34C-6D33-4298-8A54-7F16499904C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611501155}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611901159}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611971195}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A18EA34C-6D33-4298-8A54-7F16499904C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611491169}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{aa2fac44-d24d-4fed-9e32-397d138365f1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611491169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611501155}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611901159}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611971195}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622492269}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622502255}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622902259}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622972295}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655495569}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655505555}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655905559}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655975595}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666496669}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666506655}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666906659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666976695}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611491169}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611901159}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611971195}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA1BE292-1D15-488B-934D-008742212380}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\MyBestOffersToday
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\RocketTabInstalled
Key Deleted : HKCU\Software\Search Extensions
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Store
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\gameo
Key Deleted : HKCU\Software\WTools
Key Deleted : HKCU\Software\Cyti Web
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKCU\Software\AppDataLow\Software\Browsers+Apps+1.1
Key Deleted : HKCU\Software\AppDataLow\Software\Ge-Force
Key Deleted : HKCU\Software\AppDataLow\Software\VideoMedia+Player_v2.3
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\MyBestOffersToday
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\RocketTab
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\StormWatch
Key Deleted : HKLM\SOFTWARE\CloudGuard
Key Deleted : HKLM\SOFTWARE\ClickCaption_1.10.0.2
Key Deleted : HKLM\SOFTWARE\Browsers+Apps+1.1
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\Ge-Force
Key Deleted : HKLM\SOFTWARE\VideoMedia+Player_v2.3
Key Deleted : HKLM\SOFTWARE\Cyti Web
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\windapp
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\StormWatch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Selection Tools
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CloudGuard
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClickCaption_1.10.0.2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsers+Apps+1.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoMedia+Player_v2.3
Key Deleted : [x64] HKLM\SOFTWARE\Iminent
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Cyti Web
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safesearch.net
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
-\\ Opera v0.0.0.0
 
[C:\Users\rwaza_000\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [38728 octets] - [17/01/2015 19:37:20]
AdwCleaner[S0].txt - [35345 octets] - [17/01/2015 19:41:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [35406 octets] ##########

  • 0

#5
snash1039
Posted 17 January 2015 - 03:12 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by jitesh on 17/01/2015 at 20:54:41.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{FC0C0170-4EB0-430D-A7F3-939EE7EA1A25}
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Failed to delete: [File] "C:\Users\jitesh\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\jitesh\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
Successfully deleted: [File] "C:\WINDOWS\wininit.ini"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\jitesh\appdata\local\pro_pc_cleaner"
Successfully deleted: [Folder] "C:\Users\jitesh\documents\propccleaner"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/01/2015 at 21:07:28.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#6
snash1039
Posted 17 January 2015 - 03:47 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2015 01
Ran by jitesh (administrator) on SOVEREIGN-PC on 17-01-2015 21:14:37
Running from C:\Users\jitesh\Downloads
Loaded Profiles: UpdatusUser & jitesh & rwaza_000 (Available profiles: UpdatusUser & jitesh & rwaza_000)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\RestoreOptIn.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Thisisu) C:\Users\jitesh\Downloads\JRT (1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\jitesh\Downloads\FRST64 (2).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [ASYNCMAC] => rundll32.exe streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\WINDOWS\INF\netrasa.inf,Ndi-Mp-AsyncMac
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\gameo\gameo.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\qcaryug.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\swgxet.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\qcaryug.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\qcaryug.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\swgxet.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\swgxet.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\gameo\gameo.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\swgxet.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\gameo\gameo.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\gameo\gameo.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\qcaryug.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\setstretch.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\setstretch.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3104868502-217282101-3375311577-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-22] (Microsoft Corporation)
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\Run: [Selection Tools] => "C:\Users\jitesh\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-3104868502-217282101-3375311577-1007\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3104868502-217282101-3375311577-1007\...\MountPoints2: {a6856fcc-9cb2-11e4-824e-806e6f6e6963} - "E:\Setup.exe" 
Startup: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3104868502-217282101-3375311577-1002] => http=127.0.0.1:49705;https=127.0.0.1:49705
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3104868502-217282101-3375311577-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-3104868502-217282101-3375311577-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-3104868502-217282101-3375311577-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3104868502-217282101-3375311577-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3104868502-217282101-3375311577-1007 -> DefaultScope {BA1BE292-1D15-488B-934D-008742212380} URL =http://start.iminent...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3104868502-217282101-3375311577-1007 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKU\S-1-5-21-3104868502-217282101-3375311577-1007 -> {BA1BE292-1D15-488B-934D-008742212380} URL = http://start.iminent...q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - No Name - {FC0C0170-4EB0-430D-A7F3-939EE7EA1A25} -  No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0827D676-0B28-4DFB-B6A4-5B4766EA5AF7}: [NameServer] 31.168.224.100,5.135.12.56
Tcpip\..\Interfaces\{6132BB49-1E39-43E7-B307-9ADE693B70B3}: [NameServer] 31.168.224.100,5.135.12.56
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultNewTabURL: Default -> https://www.trovi.co...983D32&SAT=CNTS
CHR DefaultSuggestURL: Default -> http://suggest.secci...x={searchTerms}
CHR Profile: C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-10]
CHR Extension: (Google Docs) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-10]
CHR Extension: (Google Drive) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-10]
CHR Extension: (YouTube) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-10]
CHR Extension: (Google Search) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-10]
CHR Extension: (SafeSearch) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofpbgmibkabhhihnomcmmijlkhaeilm [2014-12-10]
CHR Extension: (Google Sheets) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-10]
CHR Extension: (Google Wallet) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-10]
CHR Extension: (oemmndcbldboiebfnladdacbdfmadadm) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2014-12-10]
CHR Extension: (Gmail) - C:\Users\jitesh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-10]
CHR HKLM-x32\...\Chrome\Extension: [dofpbgmibkabhhihnomcmmijlkhaeilm] - C:\Program Files\SafeSearch\1_4\chrome\safesearch.crx [2015-01-06]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-22] (Microsoft Corporation)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-06-29] (IvoSoft) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 374E27295F0A9DCAA8FC96370F9BEEA5
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys F0CB6DB513CAC393D04A0FCE0A59E1BF
C:\Windows\system32\DRIVERS\AiCharger.sys 16F6F6B7903B913AB41AB848C8BB5658
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\system32\DRIVERS\asyncmac.sys 3DB7721F06BC2FEDB25029EA23AB27DA
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\system32\DRIVERS\athw8x.sys 2C7676F892E88FD190F08D98048C7C6C
C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 41CEAFFCF3550785E59E3EC9BEE8D97A
C:\Windows\System32\drivers\AsusTP.sys 74D09AC81A7BD9E5361B3F623F78608A
C:\Windows\System32\DRIVERS\avgboota.sys 4EB2E8EE8BA47B58E08B67139C31CB41
C:\Windows\System32\DRIVERS\avgdiska.sys 54FE1CAFA3B3029B282E6A05EA672031
C:\Windows\system32\DRIVERS\avgfwd6a.sys CA10D51653068DB6A0ADEEDDC4946C47
C:\Windows\System32\DRIVERS\avgidsdrivera.sys A3124AC9C0AF30ABD000A7CB5779C101
C:\Windows\System32\DRIVERS\avgidsha.sys 68070AEEE757ACC6EC5BC291B1E8EA1A
C:\Windows\System32\DRIVERS\avgldx64.sys 7C9E8FD2BFCE60BDF9B5944C0BE47C87
C:\Windows\System32\DRIVERS\avgloga.sys 734DCC05A7F327FDCE43A18BA011FD4E
C:\Windows\System32\DRIVERS\avgmfx64.sys B4D589C734D796B5B76E0A0E5DA50397
C:\Windows\System32\DRIVERS\avgrkx64.sys 3CE824D46BA1871713ABF147E6BAD556
C:\Windows\system32\DRIVERS\avgwfpa.sys DFB6F6E34ACDB4F55AF6B2DCBFB3225E
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\bthhfenum.sys 67343511D80BF3D6D9EEDB5BA8D0B06B
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\System32\drivers\bthmodem.sys EF4B9E7C9AD88C00C18A12B0D22D1894
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys 179A41249055D5F039F1B6703F3B6D2B
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 114AAF528D3D87D306F3682E618E8091
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93
C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\Windows\System32\drivers\dxgkrnl.sys E1BB0B6F00F470B451AB45EA13EBA0B3
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A
C:\Windows\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\Windows\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\AsHIDSwitch64.sys A9F2301B8D28BB4D887F5AEBB55ACB3A
C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 9DDCA7F18983C5410DEFF79F819DF93C
C:\Windows\System32\drivers\ew_jubusenum.sys E1EE74AC69C88C8379898D97E34A8852
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys D887446F3F6051C60C26F4FD1FC8D43F
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorA.sys 6C91E425ACE29594BD574DE38AC9B76D
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\DRIVERS\igdkmd64.sys 16D939A13CFB82DEE0B9DB12E45C7B4E
C:\Windows\system32\drivers\intelaud.sys DB65573521AB51941F4FA799D0968136
C:\Windows\system32\drivers\RTKVHD64.sys 6C7970A8E0546A4D9466E0045C7DB199
C:\Windows\system32\DRIVERS\IntcDAud.sys F5495B38BFB9149925F54F65AB40EFBF
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys A770340FC02B999EF0DE6C2A6BC8437C
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys 9C096BF5E10CA8BFA56F32522A89FAF1
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E
C:\Windows\System32\drivers\iwdbus.sys 2C04ACF9070282AC9AA837C52CA3C128
C:\Windows\System32\drivers\kbdclass.sys A1D4D34A56DF1D5122CDB265038A2E72
C:\Windows\System32\drivers\kbdhid.sys 4A34D7084B862A92F3ABC4969166B3D3
C:\Windows\System32\drivers\kbfiltr.sys A8080BEBCDB7A16495CE1205921DCAC5
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys 4E829B18D5BAEC29893792A3C671A847
C:\Windows\System32\Drivers\ksecpkg.sys CA3F19E4B0765135B0F3C99384C535B9
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\System32\drivers\HECIx64.sys 772A1DEEDFDBC244183B5C805D1B7D85
C:\Windows\system32\DRIVERS\mfencrk.sys 408DC249009CDB3C9B299716C861C64B
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys 2A2F8D5284E59815169A88F1FC9CEE28
C:\Windows\System32\drivers\mouhid.sys 91223A2AE2955B3E0DA3DB79C3A897A6
C:\Windows\System32\drivers\mountmgr.sys D1D82F007A079A4D623DBD1F36EF30A1
C:\Windows\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC
C:\Windows\system32\drivers\mrxdav.sys DB32958F0E704EFBF7F15161A569E39F
C:\Windows\System32\DRIVERS\mrxsmb.sys 31233271EDE50D1BBB220F78AFA60486
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E
C:\Windows\System32\DRIVERS\mrxsmb20.sys 6276AC2AA203CF47811F6EFBBD214FBF
C:\Windows\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27
C:\Windows\System32\drivers\ndis.sys 21FE65E2E67C4E31EE95CBD1F91C4B24
C:\Windows\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\Windows\system32\DRIVERS\ndistapi.sys 82821F4EEC776B4CF11695A38F3ABA46
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys DDD7F92A83F74D1476B71FBA9530A8DC
C:\Windows\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\Windows\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541
C:\Windows\System32\Drivers\Ntfs.sys 7F68063A5A0461E02BC860CE0E6BFDDC
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\system32\DRIVERS\nvlddmkm.sys E71E299FF15390E585BACF2C18F55078
C:\Windows\System32\DRIVERS\nvpciflt.sys FCC3A3F875C8CF258F71BE2F2CAA2355
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\Windows\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys 24A8DFC07E4BAF29AEA26E383D4CC886
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\system32\DRIVERS\raspptp.sys E075CC071022BD4E9BE7C024717C0E0A
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5
C:\Windows\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\Windows\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\Windows\system32\DRIVERS\AgileVpn.sys E8FFD8BE3C50E7A71C5FBB87BDD1128E
C:\Windows\system32\DRIVERS\rasl2tp.sys BBB6272B7F46C4640A8CDB8A70C3450F
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\system32\DRIVERS\rassstp.sys 41F631007A158FEBB67F0E2AD1601BBA
C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys 615DFD97DEA56CE1C3A52185A3038FF8
C:\Windows\system32\DRIVERS\RtsBaStor.sys C648C1FC380D17CB1D6CEEBA168CB15F
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1
C:\Windows\System32\drivers\sdbus.sys 7B7C482CF48E6EE33664340D1A78E6FE
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 96B01F117057FB4DAE0FF919ACB55770
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\drivers\spaceport.sys D24B1945ED1F9C96DA786DBBF1E983CE
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys 6416E79A58A8FCC33A447A4DDDD3BF04
C:\Windows\System32\DRIVERS\srv2.sys 00D8AC8E3053290BDE6EA2FB6810D2FC
C:\Windows\System32\DRIVERS\srvnet.sys D047CD668E6277FD80F0C613946F034C
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\system32\DRIVERS\serscan.sys 8F3C0CCF27CFFE89424F30E9FB3381AB
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\Windows\System32\drivers\tcpip.sys 468273F7089A3A33D149955F0F203FA4
C:\Windows\system32\DRIVERS\tcpip.sys 468273F7089A3A33D149955F0F203FA4
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\Windows\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\Windows\System32\drivers\usbehci.sys 48BA326A3DBA5B5BEB5F2777F4618696
C:\Windows\System32\drivers\usbhub.sys FEF0BC107812B36849741C3211BA6B60
C:\Windows\System32\drivers\UsbHub3.sys FAA564A13576F9284546BF016D27B551
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\System32\drivers\USBSTOR.SYS 66732C13628BDB1AB0D6FD46027327C2
C:\Windows\System32\drivers\usbuhci.sys 064260B3A5868AC894A4943543BC7AB7
C:\Windows\System32\Drivers\usbvideo.sys 5C8F604F6DC74177CDD8372D7B1ADFF0
C:\Windows\System32\drivers\USBXHCI.SYS 1A20F03700D2B2ED775E38D751EF2F63
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys C06E8481E068F170A258441639AC5792
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 64CA2B4A49A8EAF495E435623ECCE7DB
C:\Windows\System32\drivers\vpci.sys EF31713EE4C7CCFE4049F7E7F15645A2
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\system32\DRIVERS\vwififlt.sys 35BF5C5F5E3C9902C98978C7640574DA
C:\Windows\system32\DRIVERS\vwifimp.sys 65ED7B9CFEA893DF7748D5FF692690DE
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\DRIVERS\wanarp.sys 6505C9E72910F91D4C317EECF22D1DE6
C:\Windows\system32\DRIVERS\wanarp.sys 6505C9E72910F91D4C317EECF22D1DE6
C:\Windows\system32\drivers\WdBoot.sys 0359607177E5E9F6041136CC0A5CB0B6
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys DE8D12B4C3F55FA2C5E9774314F6C58A
C:\Windows\System32\Drivers\WdNisDrv.sys 4AD874CDC812EC156265E451B6B09DAB
C:\Windows\System32\DRIVERS\wfplwfs.sys BAB713B409258DB7B5D9F9693F802B0E
C:\Windows\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WSDPrint.sys F586F3F1BF962FE9AE4316E0D896B22F
C:\Windows\system32\DRIVERS\WSDScan.sys 58035FD3369879E02D65989C44D27450
C:\Windows\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-17 21:14 - 2015-01-17 21:14 - 02125824 _____ (Farbar) C:\Users\jitesh\Downloads\FRST64 (2).exe
2015-01-17 21:07 - 2015-01-17 21:07 - 00596624 _____ () C:\Users\jitesh\Downloads\setup (1).exe
2015-01-17 21:07 - 2015-01-17 21:07 - 00001268 _____ () C:\Users\jitesh\Desktop\JRT.txt
2015-01-17 20:54 - 2015-01-17 20:54 - 01707939 _____ (Thisisu) C:\Users\jitesh\Downloads\JRT (1).exe
2015-01-17 20:43 - 2015-01-17 20:43 - 01707939 _____ (Thisisu) C:\Users\jitesh\Downloads\JRT.exe
2015-01-17 20:43 - 2015-01-17 20:43 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-17 20:39 - 2015-01-17 21:15 - 00059833 _____ () C:\Users\jitesh\Downloads\FRST.txt
2015-01-17 20:38 - 2015-01-17 21:14 - 00000000 ____D () C:\FRST
2015-01-17 20:37 - 2015-01-17 20:37 - 02125824 _____ (Farbar) C:\Users\jitesh\Downloads\FRST64.exe
2015-01-17 20:37 - 2015-01-17 20:37 - 02125824 _____ (Farbar) C:\Users\jitesh\Downloads\FRST64 (1).exe
2015-01-17 19:37 - 2015-01-17 19:41 - 00000000 ____D () C:\AdwCleaner
2015-01-17 19:36 - 2015-01-17 19:36 - 02186752 _____ () C:\Users\jitesh\Downloads\AdwCleaner.exe
2015-01-17 19:18 - 2015-01-17 19:18 - 00000000 ____D () C:\Program Files (x86)\Setup Support for SearchProtect
2015-01-17 19:10 - 2015-01-17 19:18 - 00001690 _____ () C:\WINDOWS\SysWOW64\${LOGFILE}
2015-01-17 18:24 - 2015-01-17 18:24 - 00000000 ____D () C:\Users\rwaza_000\Documents\ProPCCleaner
2015-01-17 18:23 - 2015-01-17 18:23 - 00058765 _____ () C:\Users\jitesh\Desktop\PlayerStubWrapper1.exe
2015-01-17 18:23 - 2015-01-17 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream
2015-01-17 18:20 - 2015-01-17 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-17 18:19 - 2015-01-17 18:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-01-17 18:18 - 2015-01-17 20:18 - 00001722 _____ () C:\WINDOWS\Tasks\TSUFIGHG.job
2015-01-17 18:18 - 2015-01-17 19:09 - 00000000 ____D () C:\Program Files (x86)\384229bd-c1b6-45ae-9f9a-0599b3875488
2015-01-17 18:18 - 2015-01-17 18:18 - 02040288 _____ (Sense+) C:\Users\rwaza_000\AppData\Roaming\TSUFIGHG.exe
2015-01-17 18:18 - 2015-01-17 18:18 - 00004738 _____ () C:\WINDOWS\System32\Tasks\TSUFIGHG
2015-01-17 18:18 - 2015-01-17 18:18 - 00000000 ____D () C:\Program Files (x86)\020efd95-f7fc-4d74-841b-c6dd8545e9f2
2015-01-17 18:11 - 2015-01-17 19:41 - 00000000 ____D () C:\Program Files (x86)\Cyti Web
2015-01-17 18:11 - 2015-01-17 18:11 - 00596616 _____ () C:\Users\rwaza_000\Downloads\setup (5).exe
2015-01-17 18:09 - 2015-01-17 18:09 - 00596616 _____ () C:\Users\rwaza_000\Downloads\setup (4).exe
2015-01-17 18:09 - 2015-01-17 18:09 - 00596616 _____ () C:\Users\rwaza_000\Downloads\setup (3).exe
2015-01-17 17:57 - 2015-01-17 17:57 - 00083876 _____ () C:\Users\rwaza_000\Downloads\DK-List-Building.odt
2015-01-17 17:26 - 2015-01-17 17:26 - 00000000 ____D () C:\Users\rwaza_000\AppData\Local\HP
2015-01-17 16:54 - 2015-01-17 16:54 - 00003630 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 4630 series
2015-01-17 16:54 - 2015-01-17 16:54 - 00002005 _____ () C:\Users\Public\Desktop\HP Photo Creations.lnk
2015-01-17 16:54 - 2015-01-17 16:54 - 00000000 ____D () C:\ProgramData\Visan
2015-01-17 16:54 - 2015-01-17 16:54 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2015-01-17 16:54 - 2015-01-17 16:54 - 00000000 ____D () C:\Program Files (x86)\HP Photo Creations
2015-01-17 16:54 - 2015-01-17 16:54 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-01-17 16:53 - 2015-01-17 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-17 16:53 - 2015-01-17 16:54 - 00000000 ____D () C:\Program Files (x86)\HP
2015-01-17 16:53 - 2015-01-17 16:53 - 00002258 _____ () C:\Users\Public\Desktop\HP Officejet 4630 series.lnk
2015-01-17 16:53 - 2015-01-17 16:53 - 00001195 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4630 series.lnk
2015-01-17 16:53 - 2015-01-17 16:53 - 00000978 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2015-01-17 16:53 - 2015-01-17 16:53 - 00000000 ____D () C:\Users\jitesh\AppData\Roaming\HpUpdate
2015-01-17 16:53 - 2015-01-17 16:53 - 00000000 ____D () C:\ProgramData\HP
2015-01-17 16:53 - 2015-01-17 16:53 - 00000000 ____D () C:\Program Files\HP
2015-01-17 16:53 - 2014-07-21 16:31 - 00763912 ____N (Hewlett-Packard Development Company, LP) C:\WINDOWS\system32\HPDiscoPMC611.dll
2015-01-17 16:52 - 2015-01-17 16:52 - 00000057 _____ () C:\ProgramData\Ament.ini
2015-01-17 16:51 - 2015-01-17 16:54 - 00000000 ____D () C:\Users\jitesh\AppData\Local\HP
2015-01-17 10:24 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-17 10:24 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-01-17 10:24 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-17 10:24 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-01-17 10:24 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-01-17 10:12 - 2014-12-03 23:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-01-17 10:12 - 2014-12-03 23:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-01-17 10:12 - 2014-12-02 23:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-01-17 10:12 - 2014-12-02 23:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-01-17 10:12 - 2014-12-02 23:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-01-17 10:12 - 2014-12-02 23:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-01-17 10:12 - 2014-12-02 23:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-01-17 10:12 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-17 10:12 - 2014-06-09 22:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-17 10:11 - 2014-04-30 06:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-01-17 10:11 - 2014-04-30 06:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-01-17 10:10 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-17 10:10 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-17 10:10 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-17 10:10 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-17 10:08 - 2014-07-24 03:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-17 10:08 - 2014-07-24 03:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-16 09:28 - 2015-01-17 16:50 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{539D2846-74DC-4294-8E84-FB0895C3D011}
2015-01-16 09:28 - 2015-01-16 09:28 - 00000000 __SHD () C:\Users\rwaza_000\AppData\Local\EmieUserList
2015-01-16 09:28 - 2015-01-16 09:28 - 00000000 __SHD () C:\Users\rwaza_000\AppData\Local\EmieSiteList
2015-01-16 09:28 - 2015-01-16 09:28 - 00000000 __SHD () C:\Users\rwaza_000\AppData\Local\EmieBrowserModeList
2015-01-15 17:29 - 2015-01-17 20:18 - 00000000 ____D () C:\Users\rwaza_000\OneDrive
2015-01-15 17:27 - 2015-01-15 17:27 - 00001444 _____ () C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 17:26 - 2015-01-15 17:26 - 00000258 __RSH () C:\Users\rwaza_000\ntuser.pol
2015-01-15 17:26 - 2015-01-15 17:26 - 00000020 ___SH () C:\Users\rwaza_000\ntuser.ini
2015-01-15 14:52 - 2015-01-17 19:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{449AE29A-1CE9-4B59-8754-A69133DF593C}
2015-01-15 14:52 - 2015-01-15 14:52 - 00000000 __SHD () C:\Users\jitesh\AppData\Local\EmieUserList
2015-01-15 14:52 - 2015-01-15 14:52 - 00000000 __SHD () C:\Users\jitesh\AppData\Local\EmieSiteList
2015-01-15 14:52 - 2015-01-15 14:52 - 00000000 __SHD () C:\Users\jitesh\AppData\Local\EmieBrowserModeList
2015-01-15 14:30 - 2015-01-15 14:30 - 00000000 ____D () C:\Users\jitesh\AppData\Local\Intel_Corporation
2015-01-15 13:41 - 2015-01-17 20:33 - 00000000 ____D () C:\Users\jitesh\OneDrive
2015-01-15 13:39 - 2015-01-17 19:41 - 00001003 _____ () C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 13:39 - 2015-01-15 13:39 - 00000258 __RSH () C:\Users\jitesh\ntuser.pol
2015-01-15 13:39 - 2015-01-15 13:39 - 00000020 ___SH () C:\Users\jitesh\ntuser.ini
2015-01-15 13:13 - 2015-01-15 13:13 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-01-15 12:59 - 2015-01-15 12:59 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-01-15 12:54 - 2015-01-15 12:54 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-15 12:54 - 2015-01-15 12:54 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2015-01-15 12:54 - 2015-01-15 12:54 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-01-15 12:50 - 2015-01-15 12:50 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-01-15 12:47 - 2015-01-15 17:29 - 00000000 ____D () C:\Users\rwaza_000
2015-01-15 12:47 - 2015-01-15 13:41 - 00000000 ____D () C:\Users\jitesh
2015-01-15 12:47 - 2015-01-15 13:13 - 00045723 _____ () C:\WINDOWS\diagwrn.xml
2015-01-15 12:47 - 2015-01-15 13:13 - 00045723 _____ () C:\WINDOWS\diagerr.xml
2015-01-15 12:47 - 2015-01-15 12:50 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 12:47 - 2015-01-15 12:50 - 00000000 ___RD () C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 12:47 - 2015-01-15 12:49 - 00000000 ___RD () C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-15 12:47 - 2015-01-15 12:49 - 00000000 ___RD () C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 12:47 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 12:47 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 12:47 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 12:47 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 12:47 - 2014-11-22 05:25 - 00000000 ___RD () C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-15 12:47 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 12:47 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 12:47 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 12:47 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 12:47 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-15 12:47 - 2014-11-22 01:02 - 00000369 _____ () C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-15 12:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 12:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 12:47 - 2013-08-22 15:36 - 00000000 ____D () C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-15 12:37 - 2015-01-17 20:44 - 01554262 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-15 12:37 - 2015-01-15 12:52 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-01-15 12:37 - 2015-01-15 12:37 - 00081908 _____ () C:\WINDOWS\system32\Drivers\RTWAVES30.dat
2015-01-15 12:37 - 2015-01-15 12:37 - 00001375 _____ () C:\Users\Public\Desktop\Waves MAXXAudio.lnk
2015-01-15 12:37 - 2015-01-15 12:37 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-01-15 12:37 - 2015-01-15 12:37 - 00000000 ____D () C:\Program Files\Realtek
2015-01-15 12:37 - 2013-10-01 13:02 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-01-15 12:37 - 2013-10-01 13:02 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-01-15 12:36 - 2015-01-15 12:52 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-15 12:36 - 2015-01-15 12:52 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-15 12:36 - 2015-01-15 12:36 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-15 12:32 - 2015-01-16 09:24 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-15 12:32 - 2015-01-15 12:32 - 00000000 __SHD () C:\Recovery
2015-01-15 12:27 - 2015-01-15 12:27 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 12:27 - 2015-01-15 12:27 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 12:27 - 2015-01-15 12:27 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 12:27 - 2015-01-15 12:27 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 12:27 - 2015-01-15 12:27 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 12:27 - 2015-01-15 12:27 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-15 12:27 - 2015-01-15 12:27 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 12:27 - 2015-01-15 12:27 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 12:27 - 2015-01-15 12:27 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 12:27 - 2015-01-15 12:27 - 00000000 ____D () C:\Windows.old
2015-01-15 12:26 - 2015-01-15 12:26 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-15 12:26 - 2015-01-15 12:26 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-15 12:26 - 2015-01-15 12:26 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-15 12:26 - 2015-01-15 12:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-01-15 12:26 - 2015-01-15 12:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-01-15 12:26 - 2015-01-15 12:26 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-15 12:26 - 2015-01-15 12:26 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-01-15 12:25 - 2015-01-17 09:41 - 00806616 _____ () C:\WINDOWS\system32\perfh010.dat
2015-01-15 12:25 - 2015-01-17 09:41 - 00160306 _____ () C:\WINDOWS\system32\perfc010.dat
2015-01-15 12:25 - 2015-01-15 12:25 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-15 12:25 - 2015-01-15 12:25 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-15 12:25 - 2015-01-15 12:25 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-15 12:25 - 2015-01-15 12:25 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-15 12:25 - 2015-01-15 12:25 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-15 12:25 - 2015-01-15 12:25 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-15 12:25 - 2015-01-15 12:25 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-15 12:25 - 2015-01-15 12:25 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-15 12:25 - 2015-01-15 12:24 - 00340806 _____ () C:\WINDOWS\system32\perfi010.dat
2015-01-15 12:25 - 2015-01-15 12:24 - 00039784 _____ () C:\WINDOWS\system32\perfd010.dat
2015-01-15 12:24 - 2015-01-15 12:24 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-01-15 12:24 - 2015-01-15 12:24 - 00000000 ____D () C:\WINDOWS\SysWOW64\it
2015-01-15 12:24 - 2015-01-15 12:24 - 00000000 ____D () C:\WINDOWS\system32\it
2015-01-15 12:15 - 2015-01-15 12:15 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 12:15 - 2015-01-15 12:15 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 12:15 - 2015-01-15 12:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 12:15 - 2015-01-15 12:15 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-01-15 12:15 - 2015-01-15 12:15 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-01-15 12:14 - 2015-01-15 12:14 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-01-15 12:14 - 2015-01-15 12:14 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-15 12:14 - 2015-01-15 12:14 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-15 12:12 - 2015-01-15 12:56 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-01-15 12:12 - 2015-01-15 12:12 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-01-15 12:12 - 2015-01-15 12:12 - 00000000 ____D () C:\Program Files\MSBuild
2015-01-15 12:12 - 2015-01-15 12:12 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-01-15 12:11 - 2013-08-03 04:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-01-15 12:11 - 2013-08-03 04:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-15 12:11 - 2013-08-03 04:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-01-15 12:11 - 2013-08-03 04:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-13 20:56 - 2015-01-15 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2015-01-13 20:56 - 2015-01-13 20:56 - 00971528 _____ (Foolish IT LLC ) C:\Users\jitesh\Downloads\CryptoPreventSetup (1).exe
2015-01-13 20:56 - 2015-01-13 20:56 - 00053248 _____ () C:\WINDOWS\SysWOW64\zlib.dll
2015-01-13 20:56 - 2015-01-13 20:56 - 00001214 _____ () C:\Users\Public\Desktop\CryptoPrevent.lnk
2015-01-13 20:56 - 2015-01-13 20:56 - 00000000 ____D () C:\ProgramData\Foolish IT
2015-01-13 20:56 - 2015-01-13 20:56 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2015-01-13 20:54 - 2015-01-13 20:54 - 00971528 _____ (Foolish IT LLC ) C:\Users\jitesh\Downloads\CryptoPreventSetup.exe
2015-01-13 20:05 - 2015-01-13 20:06 - 08437760 _____ (IvoSoft) C:\Users\jitesh\Downloads\ClassicShellSetup_3_6_8.exe
2015-01-13 19:56 - 2015-01-15 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-01-13 19:56 - 2015-01-13 20:06 - 00000000 ____D () C:\Program Files\Classic Shell
2015-01-13 19:55 - 2015-01-13 19:55 - 08437760 _____ (IvoSoft) C:\Users\rwaza_000\Downloads\ClassicShellSetup_3_6_8.exe
2015-01-13 19:50 - 2015-01-13 19:50 - 00596736 _____ () C:\Users\rwaza_000\Downloads\Update_Google_Chrome.exe
2015-01-13 18:37 - 2015-01-13 18:37 - 00596664 _____ () C:\Users\jitesh\Downloads\setup.exe
2015-01-12 17:53 - 2015-01-10 19:42 - 01212913 _____ () C:\Users\rwaza_000\Bus Driver
2015-01-10 21:42 - 2015-01-10 21:42 - 00000000 ____D () C:\Users\jitesh\AppData\Local\Microsoft_Corporation
2015-01-10 21:16 - 2015-01-10 21:16 - 00000000 ____D () C:\Users\jitesh\Documents\ASUS
2015-01-10 19:56 - 2015-01-10 19:56 - 00370552 _____ () C:\Users\rwaza_000\Downloads\Setup.exe
2015-01-10 19:56 - 2015-01-10 19:56 - 00370552 _____ () C:\Users\rwaza_000\Downloads\Setup (2).exe
2015-01-10 19:56 - 2015-01-10 19:56 - 00370552 _____ () C:\Users\rwaza_000\Downloads\Setup (1).exe
2015-01-09 21:54 - 2015-01-09 21:55 - 13605385 _____ () C:\Users\rwaza_000\Downloads\Windows8-RT-KB2871389-x64.msu
2015-01-06 21:12 - 2015-01-06 21:12 - 00000000 ____D () C:\Users\rwaza_000\AppData\Roaming\FLEXnet
2015-01-06 21:03 - 2015-01-06 21:03 - 00000000 ____D () C:\Users\rwaza_000\AppData\Roaming\Vodafone
2015-01-06 20:54 - 2015-01-06 20:54 - 00003982 _____ () C:\WINDOWS\System32\Tasks\SafeSearchUpdate
2015-01-06 20:54 - 2015-01-06 20:54 - 00003210 _____ () C:\WINDOWS\System32\Tasks\SafeSearchVerify
2015-01-06 20:11 - 2015-01-06 20:11 - 00000000 ____D () C:\Users\jitesh\AppData\Roaming\FLEXnet
2015-01-06 20:05 - 2015-01-06 20:05 - 00000000 ____D () C:\Users\jitesh\AppData\Roaming\Vodafone
2015-01-06 20:04 - 2015-01-06 20:04 - 00000000 ____D () C:\ProgramData\Vodafone
2015-01-06 20:04 - 2011-06-10 16:06 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2015-01-06 20:04 - 2011-06-10 16:05 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdfcoinstaller01007.dll
2015-01-06 20:03 - 2015-01-06 20:03 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-01-06 20:02 - 2015-01-06 20:02 - 00000000 ____D () C:\Users\jitesh\AppData\Local\{711D53FE-E242-45B1-954D-BB77B0F0D234}
2014-12-24 10:18 - 2015-01-07 17:47 - 00114272 _____ () C:\Users\rwaza_000\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-23 23:14 - 2014-12-23 23:14 - 00000000 ____D () C:\Users\rwaza_000\AppData\Local\Apps\2.0
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-17 21:15 - 2014-10-20 13:21 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-17 21:02 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-17 20:32 - 2014-10-28 18:56 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3104868502-217282101-3375311577-1007
2015-01-17 20:32 - 2014-10-14 14:49 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3104868502-217282101-3375311577-1002
2015-01-17 20:28 - 2014-12-10 15:23 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-17 20:18 - 2014-12-10 15:23 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-17 20:18 - 2014-11-16 18:41 - 00001374 _____ () C:\WINDOWS\Tasks\HRZHEL.job
2015-01-17 20:18 - 2014-11-16 18:40 - 00001370 _____ () C:\WINDOWS\Tasks\IDLI.job
2015-01-17 20:18 - 2014-10-28 16:44 - 00000062 _____ () C:\Users\rwaza_000\AppData\Roaming\sp_data.sys
2015-01-17 20:15 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-01-17 19:54 - 2014-10-14 14:39 - 00000000 ____D () C:\Users\jitesh\AppData\Local\Packages
2015-01-17 19:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-17 19:46 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-17 19:44 - 2014-10-14 14:40 - 00000062 _____ () C:\Users\jitesh\AppData\Roaming\sp_data.sys
2015-01-17 19:43 - 2013-08-22 14:46 - 00366970 _____ () C:\WINDOWS\setupact.log
2015-01-17 19:43 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-17 19:42 - 2014-11-21 16:51 - 00016044 _____ () C:\WINDOWS\PFRO.log
2015-01-17 19:42 - 2013-08-22 13:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-17 19:41 - 2014-12-10 15:25 - 00001308 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-17 19:41 - 2014-12-10 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-17 19:41 - 2012-07-26 05:26 - 00000301 _____ () C:\WINDOWS\win.ini
2015-01-17 18:49 - 2014-12-14 16:03 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-01-17 18:49 - 2014-11-22 05:25 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-01-17 18:49 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-17 18:49 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-17 18:49 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-01-17 18:49 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-01-17 18:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-17 18:49 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-17 18:49 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-17 18:28 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-01-17 18:18 - 2013-11-22 13:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-17 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-17 17:17 - 2014-10-28 16:44 - 00000000 ____D () C:\Users\rwaza_000\AppData\Local\Packages
2015-01-17 09:41 - 2014-11-22 01:01 - 01813012 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-16 09:33 - 2014-12-10 18:23 - 00000000 ____D () C:\Users\rwaza_000\AppData\Local\Google
2015-01-15 13:44 - 2014-10-30 22:54 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-01-15 13:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-15 13:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-15 13:13 - 2014-11-07 15:09 - 00008957 _____ () C:\WINDOWS\comsetup.log
2015-01-15 13:11 - 2013-08-22 15:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-01-15 13:11 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-15 12:59 - 2013-11-22 13:23 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-01-15 12:59 - 2013-11-22 13:23 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-01-15 12:58 - 2013-08-22 14:44 - 00480504 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-15 12:56 - 2014-11-29 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-15 12:56 - 2014-11-22 00:45 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-01-15 12:56 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\en-GB
2015-01-15 12:56 - 2014-10-20 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-15 12:56 - 2014-10-20 11:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-15 12:56 - 2013-11-22 13:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-15 12:56 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-01-15 12:56 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-15 12:56 - 2013-04-25 23:17 - 00000000 ____D () C:\WINDOWS\nl
2015-01-15 12:56 - 2013-04-25 23:17 - 00000000 ____D () C:\WINDOWS\it
2015-01-15 12:56 - 2013-04-25 23:17 - 00000000 ____D () C:\WINDOWS\fr
2015-01-15 12:56 - 2013-04-25 23:17 - 00000000 ____D () C:\WINDOWS\de
2015-01-15 12:56 - 2013-04-25 23:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-01-15 12:54 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-01-15 12:54 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-01-15 12:54 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-01-15 12:54 - 2013-11-22 13:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-01-15 12:54 - 2013-08-22 15:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\GroupPolicy
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-01-15 12:54 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-01-15 12:54 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-01-15 12:54 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-01-15 12:54 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2015-01-15 12:53 - 2014-10-28 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-01-15 12:53 - 2013-11-22 13:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2015-01-15 12:53 - 2013-08-22 15:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-01-15 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-01-15 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\IME
2015-01-15 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Help
2015-01-15 12:53 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-01-15 12:53 - 2013-04-25 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-15 12:53 - 2012-08-02 13:28 - 00000000 ____D () C:\ProgramData\PRICache
2015-01-15 12:52 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-01-15 12:52 - 2013-08-22 15:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-01-15 12:52 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-15 12:50 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-01-15 12:50 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-01-15 12:34 - 2013-08-22 13:36 - 00000000 __RHD () C:\Users\Default
2015-01-15 12:28 - 2013-08-22 15:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-15 12:25 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-15 12:24 - 2014-11-22 00:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-15 12:24 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-01-15 12:24 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-01-15 12:24 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-01-15 12:24 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-01-15 12:24 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-01-15 12:24 - 2014-11-22 00:22 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-01-15 12:24 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-01-15 12:24 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2015-01-15 12:24 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2015-01-15 12:24 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2015-01-15 12:24 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-01-15 12:12 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-15 11:56 - 2013-11-22 13:22 - 01091280 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-01-15 11:21 - 2014-11-22 07:14 - 00000000 ___HD () C:\$Windows.~BT
2015-01-15 09:38 - 2012-07-26 08:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-13 20:38 - 2014-10-20 09:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-13 20:29 - 2014-10-20 09:05 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 18:09 - 2014-11-30 10:36 - 00000000 ____D () C:\Users\jitesh\AppData\Roaming\Skype
2015-01-12 17:24 - 2014-10-19 12:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-11 15:49 - 2014-10-28 17:36 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-10 21:13 - 2013-04-25 23:16 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-01-10 21:03 - 2014-10-19 12:42 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-10 21:02 - 2014-10-19 12:43 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-06 20:54 - 2014-10-27 18:23 - 00000000 ____D () C:\Program Files\SafeSearch
2015-01-06 00:08 - 2014-11-22 05:29 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-06 00:08 - 2014-11-22 05:29 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
2014-10-14 14:40 - 2015-01-17 19:44 - 0000062 _____ () C:\Users\jitesh\AppData\Roaming\sp_data.sys
2015-01-17 16:52 - 2015-01-17 16:52 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-04-25 23:15 - 2012-09-07 11:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-25 23:15 - 2009-07-22 10:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-25 23:15 - 2012-09-07 11:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-10-28 17:20 - 2014-10-28 17:23 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-10-28 17:19 - 2014-10-28 17:20 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
 
 
Some content of TEMP:
====================
C:\Users\jitesh\AppData\Local\Temp\AVBD.exe
C:\Users\jitesh\AppData\Local\Temp\nsyB061.exe
C:\Users\jitesh\AppData\Local\Temp\playerfile.exe
C:\Users\jitesh\AppData\Local\Temp\Quarantine.exe
C:\Users\jitesh\AppData\Local\Temp\Sp-downloader.exe
C:\Users\jitesh\AppData\Local\Temp\SPINT-G.exe
C:\Users\jitesh\AppData\Local\Temp\sqlite3.dll
C:\Users\jitesh\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\jitesh\AppData\Local\Temp\System.Data.SQLite5c7e6868-5bb9-413f-b532-8bd4e3f01cc1.dll
C:\Users\jitesh\AppData\Local\Temp\tu17p84.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {a6856fdd-9cb2-11e4-824e-806e6f6e6963}
timeout                 2
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-GB
inherit                 {globalsettings}
default                 {current}
resumeobject            {d3a616c3-53b4-11e4-a01f-bceec9488784}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Firmware Application (101fffff)
-------------------------------
identifier              {a6856fdd-9cb2-11e4-824e-806e6f6e6963}
description             CD/DVD Drive 
 
Windows Boot Loader
-------------------
identifier              {0ca9da54-53c2-11e3-a931-eff3b8090f33}
device                  ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
path                    \windows\system32\boot\winload.efi
description             WinPE
osdevice                ramdisk=[\Device\HarddiskVolume2]\sources\boot.wim,{ramdiskoptions}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {0ca9da55-53c2-11e3-a931-eff3b8090f33}
device                  ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{0ca9da56-53c2-11e3-a931-eff3b8090f33}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-us
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{0ca9da56-53c2-11e3-a931-eff3b8090f33}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 8.1
locale                  en-GB
inherit                 {bootloadersettings}
recoverysequence        {d3a616c5-53b4-11e4-a01f-bceec9488784}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {d3a616c3-53b4-11e4-a01f-bceec9488784}
nx                      OptIn
bootmenupolicy          Standard
 
Windows Boot Loader
-------------------
identifier              {d3a616c5-53b4-11e4-a01f-bceec9488784}
device                  ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{d3a616c6-53b4-11e4-a01f-bceec9488784}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-GB
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{d3a616c6-53b4-11e4-a01f-bceec9488784}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {d3a616c0-53b4-11e4-a01f-bceec9488784}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-GB
inherit                 {resumeloadersettings}
recoverysequence        {0ca9da55-53c2-11e3-a931-eff3b8090f33}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
 
Resume from Hibernate
---------------------
identifier              {d3a616c3-53b4-11e4-a01f-bceec9488784}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  en-GB
inherit                 {resumeloadersettings}
recoverysequence        {d3a616c5-53b4-11e4-a01f-bceec9488784}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-GB
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 No
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {0ca9da56-53c2-11e3-a931-eff3b8090f33}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume2
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
Setup Ramdisk Options
---------------------
identifier              {ramdiskoptions}
description             Ramdisk options
ramdisksdidevice        partition=\Device\HarddiskVolume2
ramdisksdipath          \boot\boot.sdi
 
Device options
--------------
identifier              {d3a616c2-53b4-11e4-a01f-bceec9488784}
description             Windows Setup
ramdisksdidevice        partition=C:
ramdisksdipath          \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
 
Device options
--------------
identifier              {d3a616c6-53b4-11e4-a01f-bceec9488784}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume5
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
LastRegBack: 2015-01-15 12:34
 
==================== End Of Log ============================

  • 0

#7
snash1039
Posted 17 January 2015 - 03:50 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Users shortcut scan result (x64) Version: 17-01-2015 01
Ran by jitesh at 2015-01-17 21:23:30

Running from C:\Users\jitesh\Downloads

Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
 
 
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk -> C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe (I.R.I.S. Image Recognition Integarted Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype for desktop.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Access 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Excel 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Groove 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\GrooveIcon.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office InfoPath 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office OneNote 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office PowerPoint 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Publisher 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Digital Certificate for VBA Projects.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Clip Organizer.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office 2007 Language Settings.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Diagnostics.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Tools\Microsoft Office Picture Manager.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream\Liveistream Website.lnk -> C:\Program Files (x86)\Liveistream\Liveistream website.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream\Liveistream.lnk -> C:\Program Files (x86)\Liveistream\smplayer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream\Uninstall Liveistream.lnk -> C:\Program Files (x86)\Liveistream\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel® Graphics and Media Control Panel.lnk -> C:\Windows\system32\GfxUI.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk -> C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe (Hewlett-Packard)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Photo Creations\Uninstall HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\CryptoPrevent\CryptoPrevent.lnk -> C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPrevent.exe (Foolish IT LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\CryptoPrevent\Uninstall CryptoPrevent.lnk -> C:\Program Files (x86)\Foolish IT\CryptoPrevent\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\Power2Go\Desktop Burning Gadget.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\Power2Go\ISO Viewer.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\IsoViewer.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite\Power2Go\Power2Go.lnk -> C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Explorer Settings.lnk -> C:\Program Files\Classic Shell\ClassicExplorerSettings.exe (IvoSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic IE9 Settings.lnk -> C:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Help.lnk -> C:\Program Files\Classic Shell\ClassicShell.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Readme.lnk -> C:\Program Files\Classic Shell\ClassicShellReadme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Shell Update.lnk -> C:\Program Files\Classic Shell\ClassicShellUpdate.exe (IvoSoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD\ASUSDVD.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Install.lnk -> C:\eSupport\eDriver\AsInsWiz.exe (ASUSTek Computer INC.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS InstantOn.lnk -> C:\Windows\Installer\{749F674B-2674-47E8-879C-5626A06B2A91}\_5B8402CB2A97F1B792BC77.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Virtual Camera.lnk -> C:\Windows\Installer\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}\_DD6BB7CCB61B3F6F56681D.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\eManual.Lnk -> C:\eSupport\Manual\eManual.exe (ASUSTek Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LifeFrame.lnk -> C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe (ASUSTek Computer Inc. All rights reserved.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Power4Gear Hybrid.lnk -> C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_E1C683070CBA8103C92CF8.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\Scene Switch.lnk -> C:\Windows\Installer\{5172E572-C175-4F80-A6D5-5CB45826AD61}\_4891FA724EFA7D6ED302D1.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\USB Charger Plus.lnk -> C:\Windows\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_E8FD568838FE0C8B34DA59.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WinFlash.Lnk -> C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe (ASUSTek Computer Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\WebStorage Sync Agent\WebStorage Sync Agent.lnk -> C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe (ASUS Cloud Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\MyBitCast\MyBitcast.lnk -> C:\Program Files (x86)\ASUS\MyBitCast\MyBitCast.exe (Asus)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\MyBitCast\Uninstall.lnk -> C:\Program Files (x86)\ASUS\MyBitCast\uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\MAXXAudio\Waves MAXXAudio.lnk -> C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl64.exe (Waves Audio Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AsusVibe\ASUS  Vibe Fun Center.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS Splendid Utility\Splendid Utility.Lnk -> C:\Program Files (x86)\ASUS\Splendid\ACVT.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{f405496e-4cd5-4891-a8bc-3e58bd47b25c}\PlayTasks\0\Penguins!.lnk -> C:\Program Files (x86)\WildGames\Penguins!\Penguins-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{d1bb8655-6ca7-4088-b80a-a1f6484b9d01}\PlayTasks\0\Azteca.lnk -> C:\Program Files (x86)\WildGames\Azteca\Azteca-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{ca9f0082-7f3d-4f78-b4e6-592c73461b8c}\PlayTasks\0\Tales of Lagoona.lnk -> C:\Program Files (x86)\WildGames\Tales of Lagoona\Tales of Lagoona-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{b87f2bde-5d44-4e86-bd37-a71616b35ea6}\PlayTasks\0\Bejeweled 3.lnk -> C:\Program Files (x86)\WildGames\Bejeweled 3\bejeweled3-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{49edfae8-e0cc-45fb-96e6-d60571dd122d}\PlayTasks\0\Peggle.lnk -> C:\Program Files (x86)\WildGames\Peggle\Peggle-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{3a9dfc3f-0345-4048-8cbf-ac7a444a0ae6}\PlayTasks\0\Cut the Rope.lnk -> C:\Program Files (x86)\WildGames\Cut the Rope\CutTheRopeApp-WT.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\provider.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\provider.exe (No File)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\jitesh\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\jitesh\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\Links\Desktop.lnk -> C:\Users\jitesh\Desktop ()
Shortcut: C:\Users\jitesh\Links\Downloads.lnk -> C:\Users\jitesh\Downloads ()
Shortcut: C:\Users\jitesh\Links\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\Desktop\New Customer Database - Shortcut.lnk -> C:\Program Files\New Customer Database ()
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\jitesh\Documents ()
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\jitesh\Pictures ()
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (No File)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ASUS Install.lnk -> C:\eSupport\eDriver\AsInsWiz.exe (ASUSTek Computer INC.)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eManual.Lnk -> C:\eSupport\Manual\eManual.exe (ASUSTek Computer Inc.)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\jitesh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\AVG 2015.lnk -> C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\CryptoPrevent.lnk -> C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPrevent.exe (Foolish IT LLC)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\HP Photo Creations.lnk -> C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe (Visan / RocketLife)
Shortcut: C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\hpqDTSS.exe (Hewlett-Packard Development Company, LP)
Shortcut: C:\Users\Public\Desktop\Skype.lnk -> C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe ()
Shortcut: C:\Users\Public\Desktop\Waves MAXXAudio.lnk -> C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl64.exe (Waves Audio Ltd.)
Shortcut: C:\Users\rwaza_000\Links\Desktop.lnk -> C:\Users\jitesh\Desktop ()
Shortcut: C:\Users\rwaza_000\Links\Downloads.lnk -> C:\Users\jitesh\Downloads ()
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Word\Epping%20Forest%20Part%20234304119931443398036\Epping%20Forest%20Part%20234.docx.lnk -> C:\Users\jitesh\Beal Homework Folder\Year 7\Geography\Epping Forest Part 234.docx (No File)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Word\appa%20work%20thing304119622348902788\appa%20work%20thing.docx.lnk -> C:\Users\jitesh\Beal Homework Folder\appa work thing.docx (No File)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\jitesh\Documents ()
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\jitesh\Pictures ()
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth File Transfer.LNK -> C:\Windows\System32\fsquirt.exe (No File)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ASUS Install.lnk -> C:\eSupport\eDriver\AsInsWiz.exe (ASUSTek Computer INC.)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eManual.Lnk -> C:\eSupport\Manual\eManual.exe (ASUSTek Computer Inc.)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\Links\SkyDrive.lnk -> C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\jitesh\Documents ()
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\jitesh\Pictures ()
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 4630 series\HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HP Officejet 4630 series.exe (Hewlett-Packard Development Company, LP) -> -Start UDCDevicePage
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell\Classic Start Menu Settings.lnk -> C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft) -> -settings
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\jitesh\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\HP Officejet 4630 series.lnk -> C:\Program Files\HP\HP Officejet 4630 series\Bin\HP Officejet 4630 series.exe (Hewlett-Packard Development Company, LP) -> -Start UDCDevicePage
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\rwaza_000\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
 
 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT\www.foolishit.com.url -> hxxp://www.foolishit.com
InternetURL: C:\Users\jitesh\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\jitesh\Favorites\Microsoft Outlook Web Access.url ->https://imail.lbbd.g...?url=/&reason=0
InternetURL: C:\Users\jitesh\Favorites\pac Opening An Amazon Account with Kat Simpson.url -> hxxp://www.mysilentteam.com/members/PAC-Opening-An-Amazon-Account-with-Kat-Simpson.cfm
InternetURL: C:\Users\jitesh\Favorites\ASUS E-Service\ASUS Homepage.url -> hxxp://www.asus.com/
InternetURL: C:\Users\jitesh\Favorites\ASUS E-Service\ASUS Member.url -> hxxp://member.asus.com/
InternetURL: C:\Users\jitesh\Favorites\ASUS E-Service\ASUS Software Download.url -> hxxp://support.asus.com/download
InternetURL: C:\Users\jitesh\Favorites\ASUS E-Service\ASUS Technical Support.url -> hxxp://support.asus.com/
InternetURL: C:\Users\jitesh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url -> hxxp://gameoapp.com/?utm_source=gameo&utm_medium=Dlink&utm_campaign=ic14_GB
InternetURL: C:\Users\rwaza_000\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\rwaza_000\Favorites\ASUS E-Service\ASUS Homepage.url -> hxxp://www.asus.com/
InternetURL: C:\Users\rwaza_000\Favorites\ASUS E-Service\ASUS Member.url -> hxxp://member.asus.com/
InternetURL: C:\Users\rwaza_000\Favorites\ASUS E-Service\ASUS Software Download.url -> hxxp://support.asus.com/download
InternetURL: C:\Users\rwaza_000\Favorites\ASUS E-Service\ASUS Technical Support.url -> hxxp://support.asus.com/
 
==================== End of log =============================

  • 0

#8
snash1039
Posted 17 January 2015 - 04:22 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2015 01
Ran by jitesh at 2015-01-17 21:20:34
Running from C:\Users\jitesh\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2015 (Disabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4260 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 4630 series Basic Device Software (HKLM\...\{38037A50-E9F1-41E4-9AA3-2E0A5A2FC4C5}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM-x32\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3104868502-217282101-3375311577-1007\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Muvic Smartbar (HKLM-x32\...\{8AB09F13-F8E9-4876-9F51-4DD2B024F51B}) (Version: 11.123.58.20341 - PinWid Ltd.) <==== ATTENTION
Muvic Smartbar Engine (HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\{2aa4210e-729c-4f6d-b8ee-f7782f3858d3}) (Version: 11.123.58.20341 - PinWid Ltd.) <==== ATTENTION
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NVIDIA Graphics Driver 311.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.93 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{EE629820-EACD-4AAE-966D-DF1560A0ED2D}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.16 - ASUS)
Setup Support for SearchProtect (HKLM-x32\...\Setup Support for SearchProtect) (Version: 1.0 - Sono Control Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3104868502-217282101-3375311577-1007_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\rwaza_000\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3104868502-217282101-3375311577-1007_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\rwaza_000\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3104868502-217282101-3375311577-1007_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\rwaza_000\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3104868502-217282101-3375311577-1007_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\rwaza_000\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3104868502-217282101-3375311577-1007_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\rwaza_000\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
17-01-2015 18:28:05 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09CEB9D6-1102-405E-871B-45F42B76CAB3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-10] (Google Inc.)
Task: {0A015E04-EB9F-4D25-BB48-D987E7CF1837} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {11D4A716-4295-4315-9A72-A7602F4BE00C} - System32\Tasks\IDLI => C:\Users\rwaza_000\AppData\Roaming\IDLI.exe <==== ATTENTION
Task: {1A96661D-083D-4205-8194-8AF7596DB0D8} - System32\Tasks\TSUFIGHG => C:\Users\rwaza_000\AppData\Roaming\TSUFIGHG.exe [2015-01-17] (Sense+) <==== ATTENTION
Task: {1F39635F-189A-4318-85A8-83C749C3B60A} - System32\Tasks\HRZHEL => C:\Users\rwaza_000\AppData\Roaming\HRZHEL.exe <==== ATTENTION
Task: {5CA569A0-39FC-4B0E-9EB2-4949855F47CE} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {621C4B0B-8B57-4D77-AEE2-BC12F07767E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-10] (Google Inc.)
Task: {69C32F54-76D4-4431-8C00-6A0A67B9780F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {73EE0512-387D-4D25-8E77-1F594BE6283C} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {818943BD-038A-4B58-8C89-4BE9D3583CC7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-13] (Microsoft Corporation)
Task: {92181E90-650A-4336-A1CF-FEEF2C03C2BB} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {B3F36236-A990-4FF8-8FFC-DE336A450F36} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {B9241665-FC3B-409A-816E-549E0EDA5EE3} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {CD1CD491-70C4-477C-A80F-3BD854E04B02} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {CDCD9AD6-3028-45CD-82F9-1B3B631DD03B} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {E3094E69-C085-47CC-AD7E-CAF95FF353E8} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {EE1186CD-8D20-4EAA-B46F-43EF198F6E9D} - System32\Tasks\SafeSearchUpdate => C:\Program Files\SafeSearch\1_4\se.exe
Task: {F844E878-A715-478A-B956-9D69851F45B5} - System32\Tasks\SafeSearchVerify => C:\Program Files\SafeSearch\1_4\se.exe
Task: {FCC2FAD8-22C0-4FEE-A432-1974BED8CF64} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-06-28] (AsusTek)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HRZHEL.job => C:\Users\rwaza_000\AppData\Roaming\HRZHEL.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\IDLI.job => C:\Users\rwaza_000\AppData\Roaming\IDLI.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\TSUFIGHG.job => C:\Users\rwaza_000\AppData\Roaming\TSUFIGHG.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-19 06:10 - 2012-12-19 06:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-01 13:02 - 2013-10-01 13:02 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2013-11-22 13:18 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2012-03-15 10:48 - 2012-03-15 10:48 - 00221184 _____ () C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
2015-01-16 09:30 - 2015-01-09 00:35 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-16 09:30 - 2015-01-09 00:35 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\libegl.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-16 09:30 - 2015-01-09 00:35 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-16 09:30 - 2015-01-09 00:35 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-16 09:30 - 2015-01-09 00:35 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\jitesh\OneDrive:ms-properties
AlternateDataStreams: C:\Users\rwaza_000\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "SPDriver"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\StartupApproved\StartupFolder: => "OneNote 2007 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\StartupApproved\StartupFolder: => "StormWatch.lnk"
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\StartupApproved\StartupFolder: => "StormWatchApp.lnk"
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\StartupApproved\Run: => "SPDriver"
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\StartupApproved\Run: => "MPOptimizer"
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-3104868502-217282101-3375311577-1002\...\StartupApproved\Run: => "Skype"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3104868502-217282101-3375311577-500 - Administrator - Disabled)
Guest (S-1-5-21-3104868502-217282101-3375311577-501 - Limited - Disabled)
jitesh (S-1-5-21-3104868502-217282101-3375311577-1002 - Administrator - Enabled) => C:\Users\jitesh
rwaza_000 (S-1-5-21-3104868502-217282101-3375311577-1007 - Limited - Enabled) => C:\Users\rwaza_000
UpdatusUser (S-1-5-21-3104868502-217282101-3375311577-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (01/17/2015 09:22:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:45 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:43 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:41 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:40 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:39 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:38 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
Error: (01/17/2015 09:22:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with the following service-specific error: 
%%3758213659
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 41%
Total physical RAM: 8077.55 MB
Available physical RAM: 4722.49 MB
Total Pagefile: 9997.55 MB
Available Pagefile: 6383.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:372.16 GB) (Free:325.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:535.22 GB) NTFS
Drive e: (HP OJ4630) (CDROM) (Total:0.54 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4F88A590)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#9
Valinorum
Posted 17 January 2015 - 09:58 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
How is your PC?
  • 0

#10
snash1039
Posted 18 January 2015 - 10:07 AM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

am afraid still getting the same problem.

Also noticed the pc shouldn't be fast as it should be considering it is a i7.


  • 0

Advertisements

#11
snash1039
Posted 19 January 2015 - 02:00 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Does anyone know what the above means?


  • 0

#12
Valinorum
Posted 19 January 2015 - 11:07 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Before I instruct a fix, is the issue persistent for all browsers? Can you provide me a screenshot?
  • 0

#13
snash1039
Posted 20 January 2015 - 05:31 PM

snash1039

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts

Valinorum, yes it is still persistent. Do you want me to provide a screenshot on your personal inbox?


  • 0

#14
Valinorum
Posted 20 January 2015 - 09:52 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
They do not contain sensitive information. You can attach the screenshot here. :)
  • 0

#15
Valinorum
Posted 25 January 2015 - 12:28 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP