Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I have malware on PC after downloading free software [Solved]


  • This topic is locked This topic is locked

#1
Nas

Nas

    Member

  • Member
  • PipPip
  • 55 posts

Hi everyone, I had recently been downloading software to create bootable windows disk and I believe from one of the websites or versions I must have picked this malware up. I have a notifcation on the bottom right of my browser called "notification helper" and it gives a number for "tech/pc supporT". Then you have the usual symptoms such as clicking a link and it taking you to somewhere completely irrelevant, pop ups etc. These ads and pop ups seem to be courtesy of super plus radio v2.1

 

how can I help you guys help me?


Edited by Nas, 13 February 2015 - 10:44 AM.

  • 0

Advertisements


#2
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)



FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.
There will be two versions to download: 32-bit and 64-bit. Please download the one that is designed for your system. If you don't know which one should it be, download both of them and try each other out. Only one will run - this is the right one. Please leave it and delete the other.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.


  • 0

#3
Nas

Nas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Thanks for the fast reply

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2015
Ran by Manraj at 2015-02-13 16:55:03
Running from C:\Users\Manraj\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
AAS - Lounge Lizard EP-4 (HKLM-x32\...\Lounge Lizard EP-4) (Version:  - Applied Acoustics Systems)
AMD Catalyst Install Manager (HKLM\...\{00957033-C081-5235-665A-A014A6E2FF7B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition (HKLM-x32\...\Far Cry 4 - Gold Edition_is1) (Version: Far Cry 4 - Gold Edition - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
LUXONIX Purity (HKLM-x32\...\LUXONIX_Purity) (Version: 1.2.4 - LUXONIX)
MetalGearSolid2 Substance (HKLM-x32\...\{2184D9EA-4E5B-43FD-914E-4563CF028C94}) (Version: 1.00.000 - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
NBA 2K15 (HKLM-x32\...\TkJBMksxNQ==_is1) (Version: 1 - )
NVIDIA 3D Vision Controller Driver 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.48 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Positive Finds (HKLM-x32\...\Positive Finds) (Version: 2.0.5521.17184 - Positive Finds)
SampleMoog (HKLM-x32\...\{218AA20E-F016-4385-9F74-04FF8E596FB2}) (Version: 1.0.0 - IK Multimedia)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperPlusRadio v2.1 (HKLM-x32\...\SuperPlusRadio v2.1) (Version: 1.36.01.22 - RadioCanyonv2) <==== ATTENTION
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
VCE Exam Simulator Demo (HKLM-x32\...\VCE Exam Simulator Demo_is1) (Version:  - Avanset)
VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
27-01-2015 18:17:44 Windows Update
05-02-2015 20:02:42 Windows Update
07-02-2015 11:18:38 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
07-02-2015 11:18:43 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
09-02-2015 17:28:33 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
11-02-2015 18:57:53 Windows Modules Installer
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {19E5F2CF-FD67-4DBD-A7EC-1DCE5044F381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {1A39C443-9EA2-4FEC-82B0-27EE3E9E8059} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-12] (globalUpdate) <==== ATTENTION
Task: {227AA916-FEA2-44E8-9C5C-CD30445E0896} - System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5_user => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5.exe [2015-02-12] (RadioCanyonv2) <==== ATTENTION
Task: {2779DF54-0824-4D37-9533-FC5E87B78DD0} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2015-02-12] (globalUpdate) <==== ATTENTION
Task: {32A91CC4-2D42-40FF-B09A-BCEF7B3A6613} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {471ED076-41C1-4BA9-A62E-8FE05BFF6AA0} - System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-7 => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-7.exe [2015-02-12] (RadioCanyonv2) <==== ATTENTION
Task: {691C3EA5-2BA0-4F64-9AA8-13E3B6453234} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7CF4AABE-A672-4BBF-B3B7-7C2E1F43E18B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {818BFAB7-3818-458D-81FC-FFB067BD2487} - System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6 => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6.exe [2015-02-12] (RadioCanyonv2) <==== ATTENTION
Task: {9CB9FF6E-8C7B-41B7-88AD-30789D1CA6AD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-11-28] ()
Task: {A25BF94D-F693-44EE-9935-A97103EB9BE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AAAFE167-022E-42AE-874A-56AA902E9997} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {C11FDC3E-050E-4266-B0C1-2B50527CC693} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D7607FCD-66BA-410E-A293-F6B2FEE60644} - System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5 => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5.exe [2015-02-12] (RadioCanyonv2) <==== ATTENTION
Task: {DFC25972-F30D-4AFD-B550-69ED5ED2FA11} - System32\Tasks\{DB370E97-219D-4E6F-86F6-1017C7BCCB2D} => pcalua.exe -a "C:\Users\Manraj\Desktop\Luxonix Purity VSTi v1.1.2\Setup.exe" -d "C:\Users\Manraj\Desktop\Luxonix Purity VSTi v1.1.2"
Task: {E47F2401-1EDC-4C92-9389-ABFF398AF7B5} - System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-7 => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-7.exe [2015-02-12] (RadioCanyonv2) <==== ATTENTION
Task: {E55D0539-7A0F-4F01-91CB-E6040F95AF9E} - System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6 => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6.exe [2015-02-12] (RadioCanyonv2) <==== ATTENTION
Task: {ECCB4534-33FF-4910-96F8-B85BAB413B61} - System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-10_user => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-10.exe [2015-02-12] (RadioCanyonv2) <==== ATTENTION
Task: {F62DFBBC-E848-42CE-A399-9D18F03D3BF0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6.job => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-7.job => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-10_user.job => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5.job => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5_user.job => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6.job => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-7.job => C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-07-10 19:31 - 2013-07-10 19:31 - 08865448 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-12 09:33 - 2015-02-13 03:33 - 00384760 _____ () C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe
2015-02-12 09:33 - 2015-02-13 03:33 - 00577272 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe
2015-02-12 22:33 - 2015-02-12 22:33 - 00508152 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\plugin.exe
2015-02-12 22:33 - 2015-02-12 22:33 - 00701176 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\plugin.exe
2015-02-13 01:33 - 2015-02-13 01:33 - 00518904 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\plugin.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00750080 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-13 16:35 - 2015-02-13 16:35 - 00043008 _____ () c:\users\manraj\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyj36sr.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00047616 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-12 22:23 - 2015-02-10 21:00 - 00865280 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-12 22:23 - 2015-02-10 21:00 - 00200704 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-02-13 16:36 - 2015-02-13 16:36 - 00246008 _____ () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\7a97c59c-6410-4b24-b54c-f68c3500bd8a.dll
2015-02-12 22:12 - 2015-02-12 22:12 - 00168920 _____ () C:\Program Files (x86)\SuperPlusRadio v2.1\0c6d081a-0751-4aa8-816a-376926ff35d9.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Manraj\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manraj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2917843931-2079053167-3573301051-500 - Administrator - Disabled)
Guest (S-1-5-21-2917843931-2079053167-3573301051-501 - Limited - Disabled)
Manraj (S-1-5-21-2917843931-2079053167-3573301051-1001 - Administrator - Enabled) => C:\Users\Manraj
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/12/2015 11:07:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ImgBurn.exe version 2.5.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 173c
 
Start Time: 01d04715bed22dfe
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\ImgBurn\ImgBurn.exe
 
Report Id: e66447d3-b30b-11e4-82f0-d850e6e3c250
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/12/2015 10:45:56 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (02/12/2015 10:12:09 PM) (Source: MsiInstaller) (EventID: 11309) (User: MANRAJPC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.
 
Error: (02/12/2015 05:26:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume System Reserved was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (02/09/2015 06:59:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000005
Fault offset: 0x0000000000093592
Faulting process id: 0x1084
Faulting application start time: 0xfifa15.exe0
Faulting application path: fifa15.exe1
Faulting module path: fifa15.exe2
Report Id: fifa15.exe3
Faulting package full name: fifa15.exe4
Faulting package-relative application ID: fifa15.exe5
 
Error: (02/09/2015 06:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000005
Fault offset: 0x0000000000093592
Faulting process id: 0x1550
Faulting application start time: 0xfifa15.exe0
Faulting application path: fifa15.exe1
Faulting module path: fifa15.exe2
Report Id: fifa15.exe3
Faulting package full name: fifa15.exe4
Faulting package-relative application ID: fifa15.exe5
 
Error: (02/09/2015 05:30:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000005
Fault offset: 0x000000000002ad4c
Faulting process id: 0x76c
Faulting application start time: 0xfifa15.exe0
Faulting application path: fifa15.exe1
Faulting module path: fifa15.exe2
Report Id: fifa15.exe3
Faulting package full name: fifa15.exe4
Faulting package-relative application ID: fifa15.exe5
 
Error: (02/09/2015 05:29:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000005
Fault offset: 0x000000000002ad4c
Faulting process id: 0xad4
Faulting application start time: 0xfifa15.exe0
Faulting application path: fifa15.exe1
Faulting module path: fifa15.exe2
Report Id: fifa15.exe3
Faulting package full name: fifa15.exe4
Faulting package-relative application ID: fifa15.exe5
 
Error: (02/09/2015 05:28:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000005
Fault offset: 0x000000000002ad4c
Faulting process id: 0x68c
Faulting application start time: 0xfifa15.exe0
Faulting application path: fifa15.exe1
Faulting module path: fifa15.exe2
Report Id: fifa15.exe3
Faulting package full name: fifa15.exe4
Faulting package-relative application ID: fifa15.exe5
 
Error: (02/09/2015 05:28:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: fifa15.exe, version: 1.4.0.0, time stamp: 0x545d6637
Faulting module name: ntdll.dll, version: 6.3.9600.17278, time stamp: 0x53eebd22
Exception code: 0xc0000005
Fault offset: 0x000000000002ad4c
Faulting process id: 0x754
Faulting application start time: 0xfifa15.exe0
Faulting application path: fifa15.exe1
Faulting module path: fifa15.exe2
Report Id: fifa15.exe3
Faulting package full name: fifa15.exe4
Faulting package-relative application ID: fifa15.exe5
 
 
System errors:
=============
Error: (02/13/2015 04:34:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UAC File Virtualization service failed to start due to the following error: 
%%1275
 
Error: (02/13/2015 04:34:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:51:17 on ‎12/‎02/‎2015 was unexpected.
 
Error: (02/13/2015 04:34:46 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844790675242550432
 
Error: (02/12/2015 11:11:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UAC File Virtualization service failed to start due to the following error: 
%%1275
 
Error: (02/11/2015 08:26:07 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (02/11/2015 06:58:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UAC File Virtualization service failed to start due to the following error: 
%%1275
 
Error: (02/10/2015 09:17:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 01:31:42 on ‎10/‎02/‎2015 was unexpected.
 
Error: (02/10/2015 09:17:37 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844790675242550432
 
Error: (02/09/2015 08:56:19 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (02/09/2015 04:49:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:06:05 on ‎07/‎02/‎2015 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (02/12/2015 11:07:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ImgBurn.exe2.5.8.0173c01d04715bed22dfe4294967295C:\Program Files (x86)\ImgBurn\ImgBurn.exee66447d3-b30b-11e4-82f0-d850e6e3c250
 
Error: (02/12/2015 10:45:56 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
 
Error: (02/12/2015 10:12:09 PM) (Source: MsiInstaller) (EventID: 11309) (User: MANRAJPC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (02/12/2015 05:26:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System ReservedThe parameter is incorrect. (0x80070057)
 
Error: (02/09/2015 06:59:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa15.exe1.4.0.0545d6637ntdll.dll6.3.9600.1727853eebd22c00000050000000000093592108401d0449a92b07b25A:\FIFA 15\fifa15.exeC:\Windows\SYSTEM32\ntdll.dlld098a26b-b08d-11e4-82ed-d850e6e3c250
 
Error: (02/09/2015 06:59:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa15.exe1.4.0.0545d6637ntdll.dll6.3.9600.1727853eebd22c00000050000000000093592155001d0449a86c7a183A:\FIFA 15\fifa15.exeC:\Windows\SYSTEM32\ntdll.dllc4afcd34-b08d-11e4-82ed-d850e6e3c250
 
Error: (02/09/2015 05:30:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa15.exe1.4.0.0545d6637ntdll.dll6.3.9600.1727853eebd22c0000005000000000002ad4c76c01d0448e0d6959bbA:\FIFA 15\fifa15.exeC:\Windows\SYSTEM32\ntdll.dll4b5180f2-b081-11e4-82ed-d850e6e3c250
 
Error: (02/09/2015 05:29:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa15.exe1.4.0.0545d6637ntdll.dll6.3.9600.1727853eebd22c0000005000000000002ad4cad401d0448e056b44b0A:\FIFA 15\fifa15.exeC:\Windows\SYSTEM32\ntdll.dll43536bf3-b081-11e4-82ed-d850e6e3c250
 
Error: (02/09/2015 05:28:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa15.exe1.4.0.0545d6637ntdll.dll6.3.9600.1727853eebd22c0000005000000000002ad4c68c01d0448dcc9a508cA:\FIFA 15\fifa15.exeC:\Windows\SYSTEM32\ntdll.dll0a827ccf-b081-11e4-82ed-d850e6e3c250
 
Error: (02/09/2015 05:28:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: fifa15.exe1.4.0.0545d6637ntdll.dll6.3.9600.1727853eebd22c0000005000000000002ad4c75401d0448dc37d345eA:\FIFA 15\fifa15.exeC:\Windows\SYSTEM32\ntdll.dll01c4ea6a-b081-11e4-82ed-d850e6e3c250
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-12 17:26:38.121
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-10 22:56:33.647
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-09 17:46:33.264
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-06 19:50:21.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-04 20:39:57.057
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.881
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.803
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 24%
Total physical RAM: 8136.76 MB
Available physical RAM: 6118.39 MB
Total Pagefile: 9416.76 MB
Available Pagefile: 7103.97 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
 
==================== Drives ================================
 
Drive a: (HDD) (Fixed) (Total:931.51 GB) (Free:562.87 GB) NTFS
Drive c: (SSD) (Fixed) (Total:111.45 GB) (Free:47.06 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A55CB605)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10B05F6F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
 
 
FRST:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2015
Ran by Manraj (administrator) on MANRAJPC on 13-02-2015 16:54:42
Running from C:\Users\Manraj\Desktop
Loaded Profiles: Manraj (Available profiles: Manraj)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(RadioCanyonv2) C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-10.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(RadioCanyonv2) C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6.exe
(RadioCanyonv2) C:\Program Files (x86)\SuperPlusRadio v2.1\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\8\Plugin.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\5\Plugin.exe
() C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugins\3\Plugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
Startup: C:\Users\Manraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://uk.search.ya...r=spigot-yhp-ie
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001 -> DefaultScope {041568EB-C5EE-4221-ADD7-6033E6E28494} URL = https://uk.search.ya...p={searchTerms}
SearchScopes: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001 -> {041568EB-C5EE-4221-ADD7-6033E6E28494} URL = https://uk.search.ya...p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Positive Finds -> {30c85a3d-1d96-4589-b63f-91fb7ef45a41} -> C:\Program Files (x86)\Positive Finds\Extensions\30c85a3d-1d96-4589-b63f-91fb7ef45a41.dll ()
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/", "hxxp://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch", "https://www.google.co.uk/"
CHR Profile: C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-05-26]
CHR Extension: (Google Docs) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-26]
CHR Extension: (Google Drive) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-09]
CHR Extension: (Turn Off the Lights) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-26]
CHR Extension: (Adblock Plus) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-26]
CHR Extension: (Google Search) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-26]
CHR Extension: (Inline Youtube) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehebapamcfpaadhjagimnbohggikmlpc [2014-05-26]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-05-26]
CHR Extension: (Hola Better Internet) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-30]
CHR Extension: (Lone Tree) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2014-06-23]
CHR Extension: (Streamus) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2014-07-30]
CHR Extension: (Evernote Web) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-05-26]
CHR Extension: (ShiftEdit) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2014-05-26]
CHR Extension: (Smooth Gestures) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-05-26]
CHR Extension: (Google Maps) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-05-26]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26]
CHR Extension: (Evernote Web Clipper) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-05-26]
CHR Extension: (Gmail) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-02-12] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2015-02-12] (globalUpdate) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R2 Service Mgr PositiveFinds; C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\plugincontainer.exe [577272 2015-02-13] ()
R2 Update Mgr PositiveFinds; C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602\updater.exe [384760 2015-02-13] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-26] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-13 16:54 - 2015-02-13 16:54 - 02134016 _____ (Farbar) C:\Users\Manraj\Desktop\FRST64.exe
2015-02-13 16:54 - 2015-02-13 16:54 - 00019362 _____ () C:\Users\Manraj\Desktop\FRST.txt
2015-02-13 16:54 - 2015-02-13 16:54 - 00000000 ____D () C:\FRST
2015-02-12 22:52 - 2015-02-12 22:53 - 00000000 ____D () C:\Users\Manraj\Desktop\Windows 8
2015-02-12 22:47 - 2015-02-12 22:47 - 00001908 _____ () C:\Windows\diagwrn.xml
2015-02-12 22:47 - 2015-02-12 22:47 - 00001908 _____ () C:\Windows\diagerr.xml
2015-02-12 22:47 - 2015-02-12 22:47 - 00000000 ___HD () C:\$WINDOWS.~BT
2015-02-12 22:12 - 2015-02-13 16:35 - 00005534 _____ () C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6.job
2015-02-12 22:12 - 2015-02-13 16:35 - 00005198 _____ () C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-7.job
2015-02-12 22:12 - 2015-02-13 16:35 - 00003490 _____ () C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-7.job
2015-02-12 22:12 - 2015-02-13 16:35 - 00003154 _____ () C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6.job
2015-02-12 22:12 - 2015-02-13 16:35 - 00002462 _____ () C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5_user.job
2015-02-12 22:12 - 2015-02-13 16:35 - 00002462 _____ () C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5.job
2015-02-12 22:12 - 2015-02-13 16:35 - 00002128 _____ () C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-10_user.job
2015-02-12 22:12 - 2015-02-13 16:35 - 00000966 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-02-12 22:12 - 2015-02-12 22:17 - 00000970 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-02-12 22:12 - 2015-02-12 22:12 - 00008538 _____ () C:\Windows\System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6
2015-02-12 22:12 - 2015-02-12 22:12 - 00008202 _____ () C:\Windows\System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-7
2015-02-12 22:12 - 2015-02-12 22:12 - 00006494 _____ () C:\Windows\System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-7
2015-02-12 22:12 - 2015-02-12 22:12 - 00006158 _____ () C:\Windows\System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6
2015-02-12 22:12 - 2015-02-12 22:12 - 00005466 _____ () C:\Windows\System32\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5
2015-02-12 22:12 - 2015-02-12 22:12 - 00003942 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-02-12 22:12 - 2015-02-12 22:12 - 00003706 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-02-12 22:12 - 2015-02-12 22:12 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\ImgBurn
2015-02-12 22:12 - 2015-02-12 22:12 - 00000000 ____D () C:\Users\Manraj\AppData\Local\globalUpdate
2015-02-12 22:12 - 2015-02-12 22:12 - 00000000 ____D () C:\Program Files (x86)\SuperPlusRadio v2.1
2015-02-12 22:12 - 2015-02-12 22:12 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-02-12 22:12 - 2015-02-12 22:12 - 00000000 ____D () C:\Program Files (x86)\69012486-ccc8-4510-98aa-6d0389889b90
2015-02-12 22:11 - 2015-02-13 16:35 - 00000000 ____D () C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
2015-02-12 22:11 - 2015-02-12 22:11 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\OpenCandy
2015-02-12 22:11 - 2015-02-12 22:11 - 00000000 ____D () C:\Program Files (x86)\Positive Finds
2015-02-12 22:11 - 2015-02-12 22:11 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2015-02-11 18:57 - 2015-02-11 18:57 - 00000151 _____ () C:\Users\Manraj\AppData\Roaming\KB8888239.log
2015-02-11 18:56 - 2015-02-11 18:56 - 00033792 _____ () C:\Users\Manraj\AppData\Roaming\cmsetac.dll
2015-02-11 18:56 - 2015-02-11 18:56 - 00007168 _____ () C:\Users\Manraj\AppData\Roaming\ntdtcstp.dll
2015-02-11 18:56 - 2014-09-10 09:58 - 00514560 _____ () C:\Windows\SysWOW64\Launcher.exe
2015-02-11 18:56 - 2014-09-03 02:18 - 00894071 _____ () C:\Windows\SysWOW64\Tools.exe
2015-02-11 18:29 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 18:29 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 00:24 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 00:24 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 00:23 - 2015-02-03 23:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 00:23 - 2015-02-03 23:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 00:23 - 2015-02-03 23:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 00:23 - 2015-02-02 23:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 00:23 - 2015-02-02 23:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 00:23 - 2015-02-02 23:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 00:23 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 00:23 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 00:23 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 00:23 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 00:23 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 00:23 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 00:23 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 00:23 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 00:23 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 00:23 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 00:23 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 00:23 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 00:23 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 00:23 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 00:23 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 00:23 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 00:23 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 00:23 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 00:23 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 00:23 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 00:23 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 00:23 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 00:23 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 00:23 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 00:23 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 00:23 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 00:23 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 00:23 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 00:23 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 00:23 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 00:23 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 00:23 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 00:23 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 00:23 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 00:23 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 00:23 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 00:23 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 00:23 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 00:23 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 00:23 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 00:23 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 00:23 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 00:23 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 00:23 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 00:23 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 00:23 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 00:23 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 00:23 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 00:23 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 00:23 - 2014-12-08 23:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 00:23 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 00:23 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 00:23 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 00:23 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 00:23 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 00:23 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 00:23 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 00:23 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 00:23 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 00:23 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 00:23 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 00:23 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 00:23 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-09 17:28 - 2015-02-09 18:59 - 00000540 _____ () C:\Users\Public\Desktop\FIFA 15.lnk
2015-02-07 11:18 - 2015-02-07 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2015-02-06 19:07 - 2015-02-06 19:07 - 00000000 ____D () C:\Users\Manraj\Desktop\MC Eiht - Compton 2 Vienna Vol. 1
2015-01-30 01:04 - 2010-06-18 19:46 - 00000000 ____D () C:\Users\Manraj\Desktop\Compton's Most Wanted - (1990) It's A Compton Thang [320]
2015-01-30 00:59 - 2013-08-04 00:47 - 00000000 ____D () C:\Users\Manraj\Desktop\Juicy J  Lex Luger - Rubba Band Business 2 (DatPiff.com)
2015-01-30 00:43 - 2013-08-23 14:39 - 00000000 ____D () C:\Users\Manraj\Desktop\Comptons Most Wanted - Music to Drive By (1992)
2015-01-30 00:13 - 2015-01-30 00:13 - 00000000 ____D () C:\Users\Manraj\Desktop\G Man - The Truth Single
2015-01-24 15:12 - 2015-01-24 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4 - Gold Edition
2015-01-22 19:36 - 2015-01-22 19:36 - 00000573 _____ () C:\Users\Public\Desktop\Fraps.lnk
2015-01-22 19:36 - 2015-01-22 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-22 19:36 - 2015-01-22 19:36 - 00000000 ____D () C:\Fraps
2015-01-20 22:55 - 2015-01-20 22:55 - 00000381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K15.lnk
2015-01-20 19:17 - 2015-01-20 19:17 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\ATI
2015-01-20 19:17 - 2015-01-20 19:17 - 00000000 ____D () C:\Users\Manraj\AppData\Local\ATI
2015-01-20 19:17 - 2015-01-20 19:17 - 00000000 ____D () C:\ProgramData\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00060601 _____ () C:\Windows\SysWOW64\CCCInstall_201501201916279863.log
2015-01-20 19:16 - 2015-01-20 19:16 - 00060328 _____ () C:\Windows\SysWOW64\CCCInstall_201501201916119009.log
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-20 19:15 - 2015-01-20 19:15 - 00000000 ____D () C:\Program Files\AMD
2015-01-20 19:13 - 2015-02-12 22:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-20 19:13 - 2015-01-20 19:16 - 00000000 ____D () C:\AMD
2015-01-20 19:13 - 2015-01-20 19:13 - 00061173 _____ () C:\Windows\SysWOW64\CCCInstall_201501201913420094.log
2015-01-20 19:13 - 2015-01-20 19:13 - 00000000 ____D () C:\ProgramData\AMD
2015-01-20 19:13 - 2015-01-20 19:13 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-20 19:13 - 2015-01-20 19:13 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-20 19:13 - 2013-09-24 14:54 - 00222720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWB6.sys
2015-01-20 19:13 - 2013-09-24 14:54 - 00141312 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\amdacpksl.sys
2015-01-20 19:13 - 2013-09-24 14:51 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2015-01-20 19:13 - 2013-09-12 02:26 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.20.dll
2015-01-20 19:13 - 2013-09-12 01:26 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2015-01-20 19:13 - 2013-09-12 01:26 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2015-01-20 19:13 - 2013-09-12 01:26 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2015-01-20 19:13 - 2013-09-12 01:26 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2015-01-20 19:13 - 2011-09-12 22:06 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2015-01-20 19:13 - 2011-09-12 22:06 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2015-01-20 19:12 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-20 19:12 - 2012-09-22 23:17 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmafd.sys
2015-01-20 19:11 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-20 19:11 - 2015-01-20 19:11 - 00000000 ____D () C:\Program Files\ATI
2015-01-19 21:54 - 2015-01-16 02:05 - 00000000 ____D () C:\Users\Manraj\Desktop\Joey Bada$$ - B4.Da.$$
2015-01-19 09:16 - 2015-01-19 09:16 - 00000000 ____D () C:\Users\Manraj\Desktop\2015 - 1 Sec (EP)
2015-01-17 00:02 - 2015-01-17 00:02 - 00001002 _____ () C:\Users\Manraj\Desktop\HeavyLoad.lnk
2015-01-17 00:02 - 2015-01-17 00:02 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\JAM Software
2015-01-17 00:02 - 2015-01-17 00:02 - 00000000 ____D () C:\Program Files\JAM Software
2015-01-16 23:59 - 2015-01-16 23:59 - 00000949 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-01-16 23:59 - 2015-01-16 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-01-16 23:59 - 2015-01-16 23:59 - 00000000 ____D () C:\Program Files\CPUID
2015-01-15 23:47 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-01-15 23:47 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-01-15 23:47 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-01-15 23:47 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-01-15 23:47 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-01-15 23:47 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-01-15 23:47 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-01-15 23:47 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-01-15 23:47 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-01-15 23:47 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-01-15 23:47 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-01-15 23:47 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-01-15 23:46 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-01-15 23:46 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-01-15 23:46 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-01-15 23:46 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-01-15 23:46 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-13 16:52 - 2014-05-26 09:21 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-13 16:41 - 2014-05-25 07:32 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-13 16:40 - 2014-12-27 18:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-13 16:40 - 2014-05-28 08:49 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\uTorrent
2015-02-13 16:40 - 2014-05-26 02:41 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\DAEMON Tools Lite
2015-02-13 16:40 - 2014-05-25 07:33 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2917843931-2079053167-3573301051-1001
2015-02-13 16:38 - 2014-11-30 23:54 - 01086625 ____N () C:\Windows\WindowsUpdate.log
2015-02-13 16:38 - 2014-05-26 02:42 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{79ECBCEF-EE26-487F-8DE4-490C964862E6}
2015-02-13 16:35 - 2014-11-28 22:31 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-13 16:35 - 2014-05-28 04:13 - 00000000 ___DO () C:\Users\Manraj\SkyDrive
2015-02-13 16:35 - 2014-05-28 03:52 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\Dropbox
2015-02-13 16:35 - 2014-05-26 09:21 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-13 16:34 - 2014-05-26 03:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-13 16:34 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-13 00:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-12 23:09 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-12 18:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2015-02-12 16:30 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-11 19:00 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-11 19:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-11 19:00 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-11 18:21 - 2013-08-22 14:44 - 00484416 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 00:28 - 2014-05-28 04:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 00:26 - 2014-12-10 08:57 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 00:26 - 2014-07-10 21:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 00:26 - 2014-05-28 04:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 11:18 - 2014-05-26 10:39 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-06 18:47 - 2014-05-26 09:21 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 18:47 - 2014-05-26 09:21 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 02:31 - 2015-01-08 21:30 - 00000000 ____D () C:\Users\Manraj\Desktop\Powerpnt
2015-02-03 19:31 - 2013-08-22 15:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2013-08-22 15:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-31 15:08 - 2014-09-28 14:06 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\vlc
2015-01-30 01:27 - 2014-05-25 07:26 - 00000000 ____D () C:\Users\Manraj
2015-01-24 15:12 - 2014-10-15 23:12 - 00000000 ____D () C:\ProgramData\Orbit
2015-01-24 02:52 - 2014-05-26 12:22 - 00000000 ____D () C:\Windows\SysWOW64\directx
 
==================== Files in the root of some directories =======
 
2015-02-11 18:56 - 2015-02-11 18:56 - 0033792 _____ () C:\Users\Manraj\AppData\Roaming\cmsetac.dll
2015-02-11 18:57 - 2015-02-11 18:57 - 0000151 _____ () C:\Users\Manraj\AppData\Roaming\KB8888239.log
2015-02-11 18:56 - 2015-02-11 18:56 - 0007168 _____ () C:\Users\Manraj\AppData\Roaming\ntdtcstp.dll
 
Some content of TEMP:
====================
C:\Users\Manraj\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyj36sr.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-04 20:39
 
==================== End Of Log ============================

  • 0

#4
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
well, that's a nice amount of junk...



JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
Please include the contents of that file in your reply.
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.


adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • The program will begin to update the database (if internet connection is operational). Please wait a little bit.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.
Please include the contents of that file in your reply.
  • 0

#5
Nas

Nas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Really? what kinda junk?
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Pro x64
Ran by Manraj on 13/02/2015 at 17:58:10.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5.job
Successfully deleted: [File] C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-6.job
Successfully deleted: [File] C:\Windows\Tasks\e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-7.job
Successfully deleted: [File] "C:\Users\Manraj\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Manraj\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Manraj\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Manraj\appdata\local\globalupdate"
Successfully deleted: [Folder] "C:\Program Files (x86)\globalupdate"
Failed to delete: [Folder] "C:\Program Files (x86)\superplusradio v2.1"
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Manraj\appdata\local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Successfully deleted: [Folder] C:\Users\Manraj\appdata\local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/02/2015 at 17:59:09.61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
# AdwCleaner v4.110 - Logfile created 13/02/2015 at 18:44:54
# Updated 05/02/2015 by Xplode
# Database : 2015-02-13.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Manraj - MANRAJPC
# Running from : A:\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : Service Mgr PositiveFinds
Service Deleted : Update Mgr PositiveFinds
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
Folder Deleted : C:\Program Files (x86)\SuperPlusRadio v2.1
Folder Deleted : C:\Program Files (x86)\Positive Finds
Folder Deleted : C:\Program Files (x86)\Common Files\d2d4a9d3-f3f1-4c52-8d3f-dddc91fe0602
Folder Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip
File Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-6
Task Deleted : e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-1-7
Task Deleted : e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-10_user
Task Deleted : e70a7c0c-00c2-4d3e-9c19-f7fd5a0d6a3d-5_user
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30C85A3D-1D96-4589-B63F-91FB7EF45A41}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{63C63464-1423-4FDB-BA5D-6F75F491C63E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30C85A3D-1D96-4589-B63F-91FB7EF45A41}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{50F60937-910A-4C05-8E36-FE4E299191CF}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\SearchProtectINT
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\PositiveFinds
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Positive Finds
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v40.0.2214.111
 
 
*************************
 
AdwCleaner[R0].txt - [8883 bytes] - [13/02/2015 18:00:08]
AdwCleaner[S0].txt - [8785 bytes] - [13/02/2015 18:44:54]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8844  bytes] ##########
 

  • 0

#6
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
OK, we caught a lot of crap.



FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
  • 0

#7
Nas

Nas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Manraj at 2015-02-15 19:48:50
Running from C:\Users\Manraj\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
AAS - Lounge Lizard EP-4 (HKLM-x32\...\Lounge Lizard EP-4) (Version:  - Applied Acoustics Systems)
AMD Catalyst Install Manager (HKLM\...\{00957033-C081-5235-665A-A014A6E2FF7B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.4.0.0 - Electronic Arts)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition (HKLM-x32\...\Far Cry 4 - Gold Edition_is1) (Version: Far Cry 4 - Gold Edition - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
LUXONIX Purity (HKLM-x32\...\LUXONIX_Purity) (Version: 1.2.4 - LUXONIX)
MetalGearSolid2 Substance (HKLM-x32\...\{2184D9EA-4E5B-43FD-914E-4563CF028C94}) (Version: 1.00.000 - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
NBA 2K15 (HKLM-x32\...\TkJBMksxNQ==_is1) (Version: 1 - )
NVIDIA 3D Vision Controller Driver 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.48 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
SampleMoog (HKLM-x32\...\{218AA20E-F016-4385-9F74-04FF8E596FB2}) (Version: 1.0.0 - IK Multimedia)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperPlusRadio v2.1 (HKLM-x32\...\SuperPlusRadio v2.1) (Version: 1.36.01.22 - RadioCanyonv2) <==== ATTENTION
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
VCE Exam Simulator Demo (HKLM-x32\...\VCE Exam Simulator Demo_is1) (Version:  - Avanset)
VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
27-01-2015 18:17:44 Windows Update
05-02-2015 20:02:42 Windows Update
07-02-2015 11:18:38 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
07-02-2015 11:18:43 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
09-02-2015 17:28:33 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
11-02-2015 18:57:53 Windows Modules Installer
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0939BF43-16C9-4D95-8305-854ED0369E4F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: {19E5F2CF-FD67-4DBD-A7EC-1DCE5044F381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {32A91CC4-2D42-40FF-B09A-BCEF7B3A6613} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {691C3EA5-2BA0-4F64-9AA8-13E3B6453234} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {7CF4AABE-A672-4BBF-B3B7-7C2E1F43E18B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {A25BF94D-F693-44EE-9935-A97103EB9BE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AAAFE167-022E-42AE-874A-56AA902E9997} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {C11FDC3E-050E-4266-B0C1-2B50527CC693} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DFC25972-F30D-4AFD-B550-69ED5ED2FA11} - System32\Tasks\{DB370E97-219D-4E6F-86F6-1017C7BCCB2D} => pcalua.exe -a "C:\Users\Manraj\Desktop\Luxonix Purity VSTi v1.1.2\Setup.exe" -d "C:\Users\Manraj\Desktop\Luxonix Purity VSTi v1.1.2"
Task: {F10D91CA-0B47-4C07-8374-EFB878A0913A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-11-28] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-07-10 19:31 - 2013-07-10 19:31 - 08865448 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00750080 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-15 19:47 - 2015-02-15 19:47 - 00043008 _____ () c:\users\manraj\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnufi61.dll
2015-02-10 21:00 - 2015-02-10 21:00 - 00047616 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-12 22:23 - 2015-02-10 21:00 - 00865280 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-12 22:23 - 2015-02-10 21:00 - 00200704 _____ () C:\Users\Manraj\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-06 18:53 - 2015-02-04 09:02 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Manraj\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manraj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2917843931-2079053167-3573301051-500 - Administrator - Disabled)
Guest (S-1-5-21-2917843931-2079053167-3573301051-501 - Limited - Disabled)
Manraj (S-1-5-21-2917843931-2079053167-3573301051-1001 - Administrator - Enabled) => C:\Users\Manraj
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
Error: (02/15/2015 07:47:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UAC File Virtualization service failed to start due to the following error: 
%%1275
 
Error: (02/15/2015 07:47:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:13:12 on ‎14/‎02/‎2015 was unexpected.
 
Error: (02/15/2015 07:46:58 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844790675242550432
 
Error: (02/14/2015 00:32:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UAC File Virtualization service failed to start due to the following error: 
%%1275
 
Error: (02/14/2015 00:32:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 02:42:15 on ‎14/‎02/‎2015 was unexpected.
 
Error: (02/14/2015 00:32:04 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844790675242550432
 
Error: (02/13/2015 10:51:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (02/13/2015 08:02:16 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (02/13/2015 06:45:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UAC File Virtualization service failed to start due to the following error: 
%%1275
 
Error: (02/13/2015 06:45:25 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-13 19:30:54.716
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-12 17:26:38.121
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-10 22:56:33.647
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-09 17:46:33.264
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-06 19:50:21.439
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-04 20:39:57.057
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.881
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.803
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-02-02 18:36:17.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 23%
Total physical RAM: 8136.76 MB
Available physical RAM: 6228.5 MB
Total Pagefile: 9416.76 MB
Available Pagefile: 7204.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive a: (HDD) (Fixed) (Total:931.51 GB) (Free:560.91 GB) NTFS
Drive c: (SSD) (Fixed) (Total:111.45 GB) (Free:47.14 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A55CB605)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 10B05F6F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
 
 
 
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Manraj (administrator) on MANRAJPC on 15-02-2015 19:48:30
Running from C:\Users\Manraj\Desktop
Loaded Profiles: Manraj (Available profiles: Manraj)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Users\Manraj\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
Startup: C:\Users\Manraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2917843931-2079053167-3573301051-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.uk.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2917843931-2079053167-3573301051-1001 -> {041568EB-C5EE-4221-ADD7-6033E6E28494} URL = https://uk.search.ya...p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/", "hxxp://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch", "https://www.google.co.uk/"
CHR Profile: C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-05-26]
CHR Extension: (Google Docs) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-26]
CHR Extension: (Google Drive) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-26]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-09]
CHR Extension: (Turn Off the Lights) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-26]
CHR Extension: (YouTube) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-26]
CHR Extension: (Adblock Plus) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-26]
CHR Extension: (Google Search) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-26]
CHR Extension: (Inline Youtube) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehebapamcfpaadhjagimnbohggikmlpc [2014-05-26]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-05-26]
CHR Extension: (Streamus) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd [2014-07-30]
CHR Extension: (ShiftEdit) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2014-05-26]
CHR Extension: (Smooth Gestures) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-05-26]
CHR Extension: (Google Maps) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-05-26]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-05-26]
CHR Extension: (Google Wallet) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-26]
CHR Extension: (Evernote Web Clipper) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-05-26]
CHR Extension: (Gmail) - C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-26] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-15 19:48 - 2015-02-15 19:48 - 00016751 _____ () C:\Users\Manraj\Desktop\FRST.txt
2015-02-15 19:48 - 2015-02-15 19:48 - 00000000 ____D () C:\Users\Manraj\Desktop\FRST-OlderVersion
2015-02-13 18:45 - 2015-02-15 19:47 - 00001044 _____ () C:\Windows\setupact.log
2015-02-13 18:45 - 2015-02-13 18:45 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-13 18:00 - 2015-02-13 18:44 - 00000000 ____D () C:\AdwCleaner
2015-02-13 16:54 - 2015-02-15 19:48 - 02085888 _____ (Farbar) C:\Users\Manraj\Desktop\FRST64.exe
2015-02-13 16:54 - 2015-02-15 19:48 - 00000000 ____D () C:\FRST
2015-02-12 22:52 - 2015-02-12 22:53 - 00000000 ____D () C:\Users\Manraj\Desktop\Windows 8
2015-02-12 22:47 - 2015-02-12 22:47 - 00001908 _____ () C:\Windows\diagwrn.xml
2015-02-12 22:47 - 2015-02-12 22:47 - 00001908 _____ () C:\Windows\diagerr.xml
2015-02-12 22:47 - 2015-02-12 22:47 - 00000000 ___HD () C:\$WINDOWS.~BT
2015-02-12 22:12 - 2015-02-12 22:12 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\ImgBurn
2015-02-12 22:12 - 2015-02-12 22:12 - 00000000 ____D () C:\Program Files (x86)\69012486-ccc8-4510-98aa-6d0389889b90
2015-02-12 22:11 - 2015-02-12 22:11 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2015-02-11 18:57 - 2015-02-11 18:57 - 00000151 _____ () C:\Users\Manraj\AppData\Roaming\KB8888239.log
2015-02-11 18:56 - 2014-09-10 09:58 - 00514560 _____ () C:\Windows\SysWOW64\Launcher.exe
2015-02-11 18:56 - 2014-09-03 02:18 - 00894071 _____ () C:\Windows\SysWOW64\Tools.exe
2015-02-11 18:29 - 2015-01-23 04:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-11 18:29 - 2015-01-23 03:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 00:24 - 2015-01-10 07:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 00:24 - 2015-01-10 06:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 00:23 - 2015-02-03 23:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 00:23 - 2015-02-03 23:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 00:23 - 2015-02-03 23:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 00:23 - 2015-02-02 23:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 00:23 - 2015-02-02 23:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 00:23 - 2015-02-02 23:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 00:23 - 2015-01-19 18:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 00:23 - 2015-01-15 22:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 00:23 - 2015-01-15 22:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 00:23 - 2015-01-14 04:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 00:23 - 2015-01-14 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 00:23 - 2015-01-13 22:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 00:23 - 2015-01-13 22:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 00:23 - 2015-01-12 03:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 00:23 - 2015-01-12 02:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 00:23 - 2015-01-12 02:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 00:23 - 2015-01-12 02:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 00:23 - 2015-01-12 02:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 00:23 - 2015-01-12 02:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 00:23 - 2015-01-12 02:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 00:23 - 2015-01-12 02:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 00:23 - 2015-01-12 02:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 00:23 - 2015-01-12 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 00:23 - 2015-01-12 02:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 00:23 - 2015-01-12 01:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 00:23 - 2015-01-12 01:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 00:23 - 2015-01-12 01:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 00:23 - 2015-01-12 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 00:23 - 2015-01-12 01:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 00:23 - 2015-01-12 01:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 00:23 - 2015-01-12 01:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 00:23 - 2015-01-12 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 00:23 - 2015-01-12 01:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 00:23 - 2015-01-12 01:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 00:23 - 2015-01-12 01:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 00:23 - 2015-01-12 01:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 00:23 - 2015-01-12 01:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 00:23 - 2015-01-12 01:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 00:23 - 2015-01-12 01:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 00:23 - 2015-01-12 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 00:23 - 2015-01-12 01:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 00:23 - 2015-01-12 01:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 00:23 - 2015-01-12 01:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 00:23 - 2015-01-12 01:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 00:23 - 2015-01-12 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 00:23 - 2015-01-12 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 00:23 - 2015-01-12 00:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 00:23 - 2015-01-10 09:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 00:23 - 2015-01-10 09:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 00:23 - 2015-01-10 08:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 00:23 - 2015-01-10 08:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 00:23 - 2014-12-19 08:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 00:23 - 2014-12-19 08:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 00:23 - 2014-12-09 03:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 00:23 - 2014-12-09 01:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 00:23 - 2014-12-08 23:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 00:23 - 2014-10-29 02:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 00:23 - 2014-10-29 02:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 00:23 - 2014-10-29 02:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 00:23 - 2014-10-29 02:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 00:23 - 2014-10-29 02:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 00:23 - 2014-10-29 02:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 00:23 - 2014-10-29 01:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 00:23 - 2014-10-29 01:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 00:23 - 2014-10-29 01:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 00:23 - 2014-10-29 01:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 00:23 - 2014-10-29 01:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 00:23 - 2014-10-29 01:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 00:23 - 2014-10-29 01:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-07 11:18 - 2015-02-07 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2015-02-06 19:07 - 2015-02-06 19:07 - 00000000 ____D () C:\Users\Manraj\Desktop\MC Eiht - Compton 2 Vienna Vol. 1
2015-01-24 15:12 - 2015-01-24 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4 - Gold Edition
2015-01-22 19:36 - 2015-01-22 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-22 19:36 - 2015-01-22 19:36 - 00000000 ____D () C:\Fraps
2015-01-20 22:55 - 2015-01-20 22:55 - 00000381 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBA 2K15.lnk
2015-01-20 19:17 - 2015-01-20 19:17 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\ATI
2015-01-20 19:17 - 2015-01-20 19:17 - 00000000 ____D () C:\Users\Manraj\AppData\Local\ATI
2015-01-20 19:17 - 2015-01-20 19:17 - 00000000 ____D () C:\ProgramData\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00060601 _____ () C:\Windows\SysWOW64\CCCInstall_201501201916279863.log
2015-01-20 19:16 - 2015-01-20 19:16 - 00060328 _____ () C:\Windows\SysWOW64\CCCInstall_201501201916119009.log
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2015-01-20 19:16 - 2015-01-20 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-20 19:15 - 2015-01-20 19:15 - 00000000 ____D () C:\Program Files\AMD
2015-01-20 19:13 - 2015-02-12 22:12 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-20 19:13 - 2015-01-20 19:16 - 00000000 ____D () C:\AMD
2015-01-20 19:13 - 2015-01-20 19:13 - 00061173 _____ () C:\Windows\SysWOW64\CCCInstall_201501201913420094.log
2015-01-20 19:13 - 2015-01-20 19:13 - 00000000 ____D () C:\ProgramData\AMD
2015-01-20 19:13 - 2015-01-20 19:13 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-20 19:13 - 2015-01-20 19:13 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-20 19:13 - 2013-09-24 14:54 - 00222720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWB6.sys
2015-01-20 19:13 - 2013-09-24 14:54 - 00141312 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\amdacpksl.sys
2015-01-20 19:13 - 2013-09-24 14:51 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2015-01-20 19:13 - 2013-09-12 02:26 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2015-01-20 19:13 - 2013-09-12 02:26 - 00129536 _____ (AMD) C:\Windows\system32\coinst_13.20.dll
2015-01-20 19:13 - 2013-09-12 01:26 - 00204952 _____ () C:\Windows\SysWOW64\ativvsvl.dat
2015-01-20 19:13 - 2013-09-12 01:26 - 00204952 _____ () C:\Windows\system32\ativvsvl.dat
2015-01-20 19:13 - 2013-09-12 01:26 - 00157144 _____ () C:\Windows\SysWOW64\ativvsva.dat
2015-01-20 19:13 - 2013-09-12 01:26 - 00157144 _____ () C:\Windows\system32\ativvsva.dat
2015-01-20 19:13 - 2011-09-12 22:06 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2015-01-20 19:13 - 2011-09-12 22:06 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2015-01-20 19:12 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-20 19:12 - 2012-09-22 23:17 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmafd.sys
2015-01-20 19:11 - 2015-01-20 19:16 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-20 19:11 - 2015-01-20 19:11 - 00000000 ____D () C:\Program Files\ATI
2015-01-17 00:02 - 2015-01-17 00:02 - 00001002 _____ () C:\Users\Manraj\Desktop\HeavyLoad.lnk
2015-01-17 00:02 - 2015-01-17 00:02 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\JAM Software
2015-01-17 00:02 - 2015-01-17 00:02 - 00000000 ____D () C:\Program Files\JAM Software
2015-01-16 23:59 - 2015-01-16 23:59 - 00000949 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2015-01-16 23:59 - 2015-01-16 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-01-16 23:59 - 2015-01-16 23:59 - 00000000 ____D () C:\Program Files\CPUID
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-15 19:47 - 2014-11-28 22:31 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-15 19:47 - 2014-05-28 04:13 - 00000000 ___DO () C:\Users\Manraj\SkyDrive
2015-02-15 19:47 - 2014-05-28 03:52 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\Dropbox
2015-02-15 19:47 - 2014-05-26 09:21 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 19:47 - 2014-05-26 03:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-15 19:47 - 2013-08-22 14:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 13:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-14 12:52 - 2014-05-26 09:21 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-14 12:45 - 2014-11-30 23:54 - 01357581 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 12:38 - 2014-05-25 07:32 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 12:35 - 2014-05-26 02:42 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{79ECBCEF-EE26-487F-8DE4-490C964862E6}
2015-02-13 19:30 - 2014-05-25 07:33 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2917843931-2079053167-3573301051-1001
2015-02-13 16:40 - 2014-12-27 18:21 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-13 16:40 - 2014-05-28 08:49 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\uTorrent
2015-02-13 16:40 - 2014-05-26 02:41 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\DAEMON Tools Lite
2015-02-12 23:09 - 2013-08-22 13:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-12 18:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\rescache
2015-02-12 16:30 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-11 19:00 - 2013-08-22 15:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-11 19:00 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-11 19:00 - 2013-08-22 15:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-11 18:21 - 2013-08-22 14:44 - 00484416 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 00:28 - 2014-05-28 04:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 00:26 - 2014-12-10 08:57 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 00:26 - 2014-07-10 21:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 00:26 - 2014-05-28 04:01 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 11:18 - 2014-05-26 10:39 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-06 18:47 - 2014-05-26 09:21 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 18:47 - 2014-05-26 09:21 - 00003660 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 02:31 - 2015-01-08 21:30 - 00000000 ____D () C:\Users\Manraj\Desktop\Powerpnt
2015-02-03 19:31 - 2013-08-22 15:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 19:31 - 2013-08-22 15:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-31 15:08 - 2014-09-28 14:06 - 00000000 ____D () C:\Users\Manraj\AppData\Roaming\vlc
2015-01-30 01:27 - 2014-05-25 07:26 - 00000000 ____D () C:\Users\Manraj
2015-01-24 15:12 - 2014-10-15 23:12 - 00000000 ____D () C:\ProgramData\Orbit
2015-01-24 02:52 - 2014-05-26 12:22 - 00000000 ____D () C:\Windows\SysWOW64\directx
 
==================== Files in the root of some directories =======
 
2015-02-11 18:57 - 2015-02-11 18:57 - 0000151 _____ () C:\Users\Manraj\AppData\Roaming\KB8888239.log
 
Some content of TEMP:
====================
C:\Users\Manraj\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnufi61.dll
C:\Users\Manraj\AppData\Local\Temp\Quarantine.exe
C:\Users\Manraj\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-13 19:30
 
==================== End Of Log ============================

  • 0

#8
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Please go to the Control Panel and try to uninstall SuperPlusRadio v2.1

Were you able to do it?
  • 0

#9
Nas

Nas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Please go to the Control Panel and try to uninstall SuperPlusRadio v2.1

Were you able to do it?

I did mange to uninstall it yes. However as soon as I clicked on this browser to tell you so, a new tab popped up (advert) as soon as i clicked the page .


  • 0

#10
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
Hi,



51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
    autoclean;
    emptyclsid;
    process;
    drivers-services-list;
    systemspecs;
    startupall;
    skipfix-iedefaults;
    firefoxlook;
    chromelook;
    filesrcm;
    installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!
  • 0

Advertisements


#11
Nas

Nas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
 
Zoek.exe v5.0.0.0 Updated 17-February-2015
Tool run by Manraj on 17/02/2015 at 17:39:38.11.
Microsoft Windows 8.1 Pro 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Manraj\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
17/02/2015 17:40:12 Zoek.exe System Restore Point Created Succesfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Ubisoft deleted successfully
C:\Users\Manraj\AppData\Local\PackageStaging deleted successfully
C:\Users\Manraj\AppData\Local\Ubisoft Game Launcher deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-2917843931-2079053167-3573301051-1001\Software\Microsoft\Internet Explorer\SearchScopes\{041568EB-C5EE-4221-ADD7-6033E6E28494} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Installed Programs ======================
 
æTorrent  
AAS - Lounge Lizard EP-4  
AMD Accelerated Video Transcoding  
AMD Catalyst Control Center  
AMD Catalyst Install Manager  
AMD Fuel  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ASIO4ALL  
Bonjour  
Catalyst Control Center - Branding  
Catalyst Control Center Graphics Previews Common  
Catalyst Control Center InstallProxy  
Catalyst Control Center Localization All  
ccc-utility64  
CCC Help Chinese Standard  
CCC Help Chinese Traditional  
CCC Help Czech  
CCC Help Danish  
CCC Help Dutch  
CCC Help English  
CCC Help Finnish  
CCC Help French  
CCC Help German  
CCC Help Greek  
CCC Help Hungarian  
CCC Help Italian  
CCC Help Japanese  
CCC Help Korean  
CCC Help Norwegian  
CCC Help Polish  
CCC Help Portuguese  
CCC Help Russian  
CCC Help Spanish  
CCC Help Swedish  
CCC Help Thai  
CCC Help Turkish  
CCleaner  
Command & Conquer Generals  
Command and ConquerTM Generals Zero Hour  
CPUID HWMonitor 1.26  
DAEMON Tools Lite  
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition  
Dropbox  
EA SPORTST FIFA 15  
Fallout: New Vegas  
Far Cry 4 - Gold Edition version Far Cry 4 - Gold Edition  
FL Studio 11  
FlowStone FL 3.0  
Fraps  
Google Chrome  
Google Update Helper  
HeavyLoad V3.3 (64 bit)  
IL Shared Libraries  
ImgBurn  
iTunes  
LUXONIX Purity  
MetalGearSolid2 Substance  
Microsoft Access MUI (English) 2013  
Microsoft Access Setup Metadata MUI (English) 2013  
Microsoft DCF MUI (English) 2013  
Microsoft Excel MUI (English) 2013  
Microsoft Groove MUI (English) 2013  
Microsoft InfoPath MUI (English) 2013  
Microsoft Lync MUI (English) 2013  
Microsoft Office 32-bit Components 2013  
Microsoft Office Office 32-bit Components 2010  
Microsoft Office OSM MUI (English) 2013  
Microsoft Office OSM UX MUI (English) 2013  
Microsoft Office Professional Plus 2013  
Microsoft Office Proof (English) 2010  
Microsoft Office Proof (French) 2010  
Microsoft Office Proof (Spanish) 2010  
Microsoft Office Proofing (English) 2010  
Microsoft Office Proofing (English) 2013  
Microsoft Office Proofing Tools 2013 - English  
Microsoft Office Proofing Tools 2013 - Espa¤ol  
Microsoft Office Shared 32-bit MUI (English) 2010  
Microsoft Office Shared 32-bit MUI (English) 2013  
Microsoft Office Shared MUI (English) 2010  
Microsoft Office Shared MUI (English) 2013  
Microsoft Office Shared Setup Metadata MUI (English) 2010  
Microsoft Office Shared Setup Metadata MUI (English) 2013  
Microsoft OneNote MUI (English) 2013  
Microsoft Outlook MUI (English) 2013  
Microsoft PowerPoint MUI (English) 2013  
Microsoft Publisher MUI (English) 2013  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610  
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610  
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610  
Microsoft Word MUI (English) 2013  
Native Instruments Massive  
Native Instruments Service Center  
NBA 2K15  
NVIDIA 3D Vision Controller Driver 344.46  
NVIDIA 3D Vision Driver 344.48  
NVIDIA Control Panel 344.48  
NVIDIA GeForce Experience 2.1.2  
NVIDIA GeForce Experience Service  
NVIDIA Graphics Driver 344.48  
NVIDIA HD Audio Driver 1.3.32.1  
NVIDIA Install Application  
NVIDIA LED Visualizer 1.0  
NVIDIA Miracast Virtual Audio 344.48  
NVIDIA Network Service  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.14.0702  
NVIDIA ShadowPlay 16.13.42  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 16.13.42  
NVIDIA Update Core  
NVIDIA Virtual Audio 1.2.25  
Outils de v‚rification linguistique 2013 de Microsoft Officeÿ- Fran‡ais  
SampleMoog  
SHIELD Streaming  
SHIELD Wireless Controller Driver  
Steam  
Team Fortress 2  
TeamViewer 9  
TP-LINK TL-WN881ND Driver  
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition  
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition  
Update for Microsoft Lync 2013 (KB2817621) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2727096) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2767851) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2817320) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2817482) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2817489) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2817491) 64-Bit Edition  
Update for Microsoft Office 2013 (KB2817492) 64-Bit Edition  
Update for Microsoft OneNote 2013 (KB2817467) 64-Bit Edition  
Update for Microsoft Outlook 2013 (KB2817629) 64-Bit Edition  
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition  
Update for Microsoft PowerPoint 2013 (KB2810006) 64-Bit Edition  
Update for Microsoft SkyDrive Pro (KB2817622) 64-Bit Edition  
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition  
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition  
Update for Microsoft Word 2013 (KB2767863) 64-Bit Edition  
VCE Exam Simulator Demo  
VirtualDJ PRO Full  
VLC media player  
WinRAR 5.10 beta 4 (64-bit)  
 
==== Running Processes ======================
 
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Manraj\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
 
==== Services(whitelist) ======================
Powered by E Dev
 
R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe
R2 - [Apple Mobile Device] - Apple Mobile Device - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
R2 - [Bonjour Service] - Bonjour Service - c:\program files\bonjour\mdnsresponder.exe
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe
R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [TeamViewer9] - TeamViewer 9 - c:\program files (x86)\teamviewer\version9\teamviewer_service.exe
R2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [iPod Service] - iPod Service - c:\program files\ipod\bin\ipodservice.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
 
==== Drivers(whitelist) ======================
Powered by E Dev
 
R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R0 - [WdFilter] - Windows Defender Mini-Filter Driver - C:\Windows\system32\Drivers\WdFilter.sys
R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [disk] - Disk Driver - C:\Windows\system32\Drivers\disk.sys
R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys
R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [intelpep] - Intel® Power Engine Plug-in Driver - C:\Windows\system32\Drivers\intelpep.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spaceport] - Storage Spaces Driver - C:\Windows\system32\Drivers\spaceport.sys
R0 - [storahci] - Microsoft Standard SATA AHCI Driver - C:\Windows\system32\Drivers\storahci.sys
R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
S0 - [WdBoot] - Windows Defender Boot Driver - C:\Windows\system32\Drivers\WdBoot.sys
S3 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
 
==== Deleting Services ======================
 
 
==== Deleting Files \ Folders ======================
 
C:\Program Files (x86)\AMD AVT\d7f95f05-ac86-42d5-bce2-11792a3afe92.dll deleted
C:\Program Files (x86)\AMD AVT\69012486-ccc8-4510-98aa-6d0389889b90.dll deleted
C:\PROGRA~2\69012486-ccc8-4510-98aa-6d0389889b90 deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
 
==== System Specs ======================
 
Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8137 MB
CPU Info: Intel® Core™ i5-3570K CPU @ 3.40GHz
CPU Speed: 3511.2 MHz
Sound Card: Speakers (High Definition Audio | 
1 - S24C300 (AMD High Definitio | 
Digital Audio (S/PDIF) (High De | 
Display Adapters: AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series | AMD Radeon R9 200 Series
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9287 Wireless Network Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 2x (D: | F: | ) D: TSSTcorpCDDVDW SH-224DB  | F: DTSOFT  BDROM
Ports: COM1 LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  111.4GB
Hard Disks - Free: C:  46.2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 08/14/13 | ALASKA - 1072009
Time Zone: GMT Standard Time
Motherboard *: ASUSTeK COMPUTER INC. P8Z77-V LX
Country: United Kingdom 
Language: ENG 
 
==== System Specs (Software) ======================
 
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 40.0.2214.111
Internet Explorer Version: 11.0.9600.17631 
Google Chrome version: 40.0.2214.111
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
2015-02-12 22:47:09 D1E75542EC8D1B4851765A57AC63618E 1908 ----a-w- C:\Windows\diagwrn.xml
2015-02-12 22:47:09 D1E75542EC8D1B4851765A57AC63618E 1908 ----a-w- C:\Windows\diagerr.xml
2015-01-20 19:13:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin
====== C:\Users\Manraj\AppData\Local\Temp ====
2015-02-17 17:37:09 057631047016A448B842B96E872B132B 43008 ----a-w- C:\Users\Manraj\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfmqxub.dll
2015-02-13 17:58:06 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\libiconv2.dll
2015-02-13 17:58:06 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\libintl3.dll
2015-02-13 17:58:06 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\pcre3.dll
2015-02-13 17:58:06 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\regex2.dll
2015-02-12 22:12:08 FEFEF2F226FD6BE184BC4A3378B02AAF 155648 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\psmachine.dll
2015-02-12 22:12:08 FC7A2F466F7A0F3E873077505719C1A1 143360 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleUpdateHelper.msi
2015-02-12 22:12:08 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleUpdateBroker.exe
2015-02-12 22:12:08 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleUpdate.exe
2015-02-12 22:12:08 8D90BB3A36521B50D0E512A781E36871 155648 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\psuser.dll
2015-02-12 22:12:08 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleUpdateOnDemand.exe
2015-02-12 22:12:08 571A0327DFB906466645938B4D0EDF2F 761856 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\goopdate.dll
2015-02-12 22:12:08 0C0E5B63A0A2394FC05A9FF63BD08013 220672 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\npGoogleUpdate4.dll
2015-02-12 22:12:08 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleCrashHandler.exe
2015-02-12 21:09:03 2A4688C5E737E09086DA67037FF1D4C0 629824 ------w- C:\Users\Manraj\AppData\Local\Temp\PositiveFinds\Setup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-02-11 18:56:28 83FFF4B1C23711BC5F04A608F8E7BC3C 514560 ----a-w- C:\Windows\SysWOW64\Launcher.exe
2015-02-11 18:56:21 2DC26B9CDC2B4F2DCCA87E4AD2CC3A43 894071 ----a-w- C:\Windows\SysWOW64\Tools.exe
2015-02-11 18:29:19 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-02-11 00:24:00 C9E243A14893E41E1EF6D3A31BAEF08A 359424 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-02-11 00:23:59 332625D3A96613A7CBC66B04F307F2FA 393728 ----a-w- C:\Windows\SysWOW64\scesrv.dll
2015-02-11 00:23:58 F7A9D2E57D357B36C11F1C8269F2B05F 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2015-02-11 00:23:58 ACC85159376F84F49F8FE6D860E39A4F 8704 ----a-w- C:\Windows\SysWOW64\instnm.exe
2015-02-11 00:23:58 A7AA844B8C4F7A5A13D85201877C84E5 1498360 ----a-w- C:\Windows\SysWOW64\ntdll.dll
2015-02-11 00:23:58 3C908C70D5876D6B55D742A665DC88C7 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 00:23:57 20FE9408E23EC6486CD995759B0BE02B 5632 ----a-w- C:\Windows\SysWOW64\wow32.dll
2015-02-11 00:23:57 1D4E9DD1CF2B3A280FCF26693FBBD299 4096 ----a-w- C:\Windows\SysWOW64\user.exe
2015-02-11 00:23:56 96750B86DA18725EBAE201989AAD9B98 1489072 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 00:23:54 FFE2F54DA7DE767C943F18823913EC07 736768 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-02-11 00:23:54 6705E8543E628DE9877F726C6B4A1E39 324096 ----a-w- C:\Windows\SysWOW64\certcli.dll
2015-02-11 00:23:54 53670AE50F15C82990FCF599B02C6B36 154112 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-02-11 00:23:35 74887EBB4777EC450EF167645C99163E 602776 ----a-w- C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 00:23:32 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-02-11 00:23:31 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 00:23:31 E4D2BC3DA34348662960E5C2A66DD2F4 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-02-11 00:23:31 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 00:23:31 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-02-11 00:23:31 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-02-11 00:23:31 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 00:23:31 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-02-11 00:23:31 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-02-11 00:23:30 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 00:23:30 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-02-11 00:23:30 E06ED042936F8D932748FACCB229A52C 128000 ----a-w- C:\Windows\SysWOW64\iepeers.dll
2015-02-11 00:23:30 9947D49276026A96D8ACDE9CBAAFC807 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2015-02-11 00:23:30 94BD6172078CFB71B59A7AF56CF77AF9 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 00:23:30 47893802431547E170D36E033F846882 327168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 00:23:30 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-02-11 18:29:20 16ACAA0C01F31B39F39446188F6A3593 6041600 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-02-11 00:24:00 3D2E3A5CFCE65310134C11A00D6D32D0 430080 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-02-11 00:23:59 F8A442ABBAB56529B625DB9D916EA46A 538624 ----a-w- C:\Windows\Sysnative\scesrv.dll
2015-02-11 00:23:58 BC9E947C4B1E166CE2237871CAA4BDC0 16896 ----a-w- C:\Windows\Sysnative\ntvdm64.dll
2015-02-11 00:23:58 7162FD845D142C542C0D041F3B3D525F 1733440 ----a-w- C:\Windows\Sysnative\ntdll.dll
2015-02-11 00:23:58 63274242700279852B5CFFE4E2E0C6D1 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll
2015-02-11 00:23:58 57D55B8D3387C51758C785C425922C0E 285184 ----a-w- C:\Windows\Sysnative\wow64.dll
2015-02-11 00:23:58 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2015-02-11 00:23:56 9EC0B4E613DB6002DEF0346208E433E7 1762840 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2015-02-11 00:23:54 F5BC103612FE72C176C751721B874FA6 445440 ----a-w- C:\Windows\Sysnative\certcli.dll
2015-02-11 00:23:54 A40E52EB03C793735C916FC2C58A015F 154112 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-02-11 00:23:54 8E0AA77F379DEA510D8AC00102C8D509 736768 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-02-11 00:23:54 461729186C7F280019E369ECD652D4DB 1441792 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-02-11 00:23:35 6835D94FDAAB39E008E8490BD3E88CA3 788680 ----a-w- C:\Windows\Sysnative\oleaut32.dll
2015-02-11 00:23:35 43647B730E82998201C61CA7FF7B524A 391526 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml
2015-02-11 00:23:33 CD726C899BD9A398E8420564A957320B 25056256 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-02-11 00:23:32 E0F76B5B904E4F448641B2B506496351 14401024 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-02-11 00:23:31 D7922F3AC6BF1EA77240E0061D648174 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-02-11 00:23:31 BF57C911895454A8874E9DFA5716C624 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-02-11 00:23:31 A7A3775B0014B165D75A00A1F632E4B5 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-02-11 00:23:31 9DFE41A69DF70AAB75CB5BA8C1109EA2 2358272 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-02-11 00:23:31 76DB5845E168173BBA2D3CCC4B363E42 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-02-11 00:23:31 505815B1967A504B077497D304239B4A 816128 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-02-11 00:23:31 49FABD0144A3BBD59D5DA1A0180DCE6E 374272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-02-11 00:23:31 15842FB41A3BF2A2F5071518B38C957A 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-02-11 00:23:30 F86097CFDE7624DA2DE246F5B4BE3704 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll
2015-02-11 00:23:30 CF1488FCA487516DB09E797F3AC49E4A 2865152 ----a-w- C:\Windows\Sysnative\actxprxy.dll
2015-02-11 00:23:30 CB2528D522FF1F5A7BF9B27D2FB250FF 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-02-11 00:23:30 A04F0C4A0B80C92F92E854E7157D6466 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-02-11 00:23:30 907B558B742B1E52E9E37E3CAAF6508E 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll
2015-02-11 00:23:30 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-02-11 00:23:30 7A388AFC6885D22F4D988EE9B8D1291A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-02-11 00:23:30 47162151E35EA0B7152B7C841FA21FDB 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-02-11 00:23:26 BA0ED854110D45E5D4A46BD250BAF4E0 1487976 ----a-w- C:\Windows\Sysnative\sppobjs.dll
2015-02-11 00:23:25 FCEE1C08EA416800FAC891DDEB608627 414208 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-02-11 00:23:25 EF2C89AEE3D56860F6CCB8D97374402B 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-02-11 00:23:25 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-02-11 00:23:25 E357B0D37DB9C4B17923C893CCF75A18 894464 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-02-11 00:23:25 642A03FB834B4C4BCA8DFEE2EFD4175B 609280 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-02-11 00:23:25 32DE26000788F35DA344702B44728524 761856 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-02-11 00:23:25 12D4142E4EBFDB6F057B615A0547C4CF 1098752 ----a-w- C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
2015-02-11 00:23:55 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2015-02-11 00:23:55 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-01-20 19:13:20 AF30006CCC74853BB57159E5107D256A 141312 ----a-w- C:\Windows\Sysnative\drivers\amdacpksl.sys
2015-01-20 19:13:20 9ECB91E7B64FC6B41ABFDB73F7C7E662 222720 ----a-w- C:\Windows\Sysnative\drivers\AtihdWB6.sys
2015-01-20 19:12:21 F2FF8C1B41B3784EDBD5C6D5397F403C 21160 ----a-w- C:\Windows\Sysnative\drivers\amdkmafd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-20 19:15:51 -------- d-----w- C:\Program Files\AMD
2015-01-20 19:11:25 -------- d-----w- C:\Program Files\ATI
======= C:\PROGRA~2 =====
2015-02-12 22:11:39 -------- d-----w- C:\PROGRA~2\ImgBurn
2015-02-11 19:00:32 -------- d-----w- C:\PROGRA~2\Windows Media Player
2015-01-20 19:13:43 -------- d-----w- C:\PROGRA~2\AMD AVT
======= C: =====
====== C:\Users\Manraj\AppData\Roaming ======
2015-02-12 22:12:29 -------- d-----w- C:\Users\Manraj\AppData\Roaming\ImgBurn
2015-01-20 19:17:48 -------- d-----w- C:\Users\Manraj\AppData\Roaming\ATI
2015-01-20 19:17:48 -------- d-----w- C:\Users\Manraj\AppData\Local\ATI
2015-01-20 19:16:07 -------- d-----w- C:\Users\Default\AppData\Roaming\ATI
2015-01-20 19:16:07 -------- d-----w- C:\Users\Default\AppData\Local\ATI
2015-01-20 19:16:07 -------- d-----w- C:\Users\Default User\AppData\Roaming\ATI
2015-01-20 19:16:07 -------- d-----w- C:\Users\Default User\AppData\Local\ATI
2015-01-20 19:16:06 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\ATI
2015-01-20 19:16:06 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\ATI
====== C:\Users\Manraj ======
2015-02-13 16:54:14 8559E0F9A5E5E9488B09AF1D2BF5AEC8 2085888 ----a-w- C:\Users\Manraj\Desktop\FRST64.exe
2015-02-07 11:18:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15
2015-01-24 15:12:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4 - Gold Edition
2015-01-22 19:36:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-20 19:17:48 -------- d-----w- C:\ProgramData\ATI
2015-01-20 19:16:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-20 19:13:43 -------- d-----w- C:\ProgramData\AMD
 
====== C: exe-files ==
2015-02-15 19:48:24 8559E0F9A5E5E9488B09AF1D2BF5AEC8 2085888 ----a-w- C:\Users\Manraj\AppData\Local\Microsoft\Windows\INetCache\IE\RTZQ7795\FRST64[1].exe
2015-02-13 16:54:14 8559E0F9A5E5E9488B09AF1D2BF5AEC8 2085888 ----a-w- C:\Users\Manraj\Desktop\FRST64.exe
2015-02-13 16:54:14 3BF9308A6F6B5E8E152FD61C412D33C2 2134016 ----a-w- C:\Users\Manraj\Desktop\FRST-OlderVersion\FRST64.exe
2015-02-12 22:53:30 D4588F95AB43AE4FEA1E3D3A8F3D7649 1177600 ----a-w- C:\Users\Manraj\Desktop\Windows 8\boot\memtest.exe
2015-02-12 22:53:30 C5F121D26F6355DE5A69CF41125EDAEF 109408 ----a-w- C:\Users\Manraj\Desktop\Windows 8\boot\bootsect.exe
2015-02-12 22:53:30 76C692DDC9E6BA28A261C4572E94D40B 23208 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_wpf-xamlviewer_31bf3856ad364e35_6.3.9600.16384_none_eaae1108988677cd\xamlviewer_v0300.exe
2015-02-12 22:53:30 6FB889C8B21FD94750BDE9A6B5B62EA1 77424 ----a-w- C:\Users\Manraj\Desktop\Windows 8\setup.exe
2015-02-12 22:53:30 19F810B1F9ABC04F6E6CB66A2AFB5327 240128 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.3.9600.16384_none_0493f7d83bb77377\presentationhost.exe
2015-02-12 22:53:30 134F0E458D2DBDC297CD785F53F7129F 35480 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_wpf-terminalserverwpfwrapperexe_31bf3856ad364e35_6.3.9600.16384_none_b8ff0411e739190c\tswpfwrp.exe
2015-02-12 22:53:29 ECFEF8A263671EA93EF8ADADC1B74FEC 197792 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx35cdf-csd_cdf_installer_31bf3856ad364e35_6.3.9600.16384_none_ecfbdccc478f0793\wfservicesreg.exe
2015-02-12 22:53:29 DFDFD4255F959D860D0343E05D353296 53248 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_regasm_b03f5f7f11d50a3a_6.3.9600.16384_none_32215d49d9904043\regasm.exe
2015-02-12 22:53:29 D6C053D2FAF5098442A856D6F8B548AB 178856 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.3.9600.16384_none_94c1209738bf7fa9\smconfiginstaller.exe
2015-02-12 22:53:29 AB67A82B60EECA985CC91FDAB03663A0 32768 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_regsvcs_b03f5f7f11d50a3a_6.3.9600.16384_none_053c87f02c0338f3\regsvcs.exe
2015-02-12 22:53:29 747C1C3EC29982856B3899782181DEAD 1545864 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx35linq-csharp_31bf3856ad364e35_6.3.9600.16384_none_abcb73912fc36e0a\csc.exe
2015-02-12 22:53:29 70E81121D28C26EA523EB6194107C18E 88224 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx35linq-linqwebconfig_31bf3856ad364e35_6.3.9600.16384_none_ebac7a3003a1f997\linqwebconfig.exe
2015-02-12 22:53:29 276A35B2EA237DD1EA420EB03D4F0CC3 1718920 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx35linq-vb_compiler_orcas_31bf3856ad364e35_6.3.9600.16384_none_2aa2191e0afa3da6\vbc.exe
2015-02-12 22:53:28 E13F605ECA72E851BB586FEE2A1EAD33 32912 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-cvtres_for_vc_and_vb_b03f5f7f11d50a3a_6.3.9600.16384_none_00cd53c8f81a11c0\cvtres.exe
2015-02-12 22:53:28 C7C7173564C3C84EFF3EF441900A125F 67224 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-mscorsvw_exe_b03f5f7f11d50a3a_6.3.9600.16384_none_3b035eb4ac843bd9\mscorsvw.exe
2015-02-12 22:53:28 B84879C0CFE5B8F35EBE2A9A1D4AE219 33936 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-dw_b03f5f7f11d50a3a_6.3.9600.16384_none_e8a9a77fdf448e75\dw20.exe
2015-02-12 22:53:28 A43BA35AE0211496848666D0F7D8D715 98448 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.3.9600.16384_none_92ca1b230eaf2d83\ngen.exe
2015-02-12 22:53:28 659DC1C25F742633428FF5F4D4E5E543 1171592 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-vb_compiler_b03f5f7f11d50a3a_6.3.9600.16384_none_5afc48926a4cb2c0\vbc.exe
2015-02-12 22:53:28 458ABFBE6584486F4233594FA18814EB 77960 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-csharp_compiler_csc_b03f5f7f11d50a3a_6.3.9600.16384_none_1985dc1cf125db97\csc.exe
2015-02-12 22:53:28 35A46B09B9D24C5D016551CBDB4B54C0 87824 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-netfxsbs10_exe_31bf3856ad364e35_6.3.9600.16384_none_d02eb3fbc98e0016\netfxsbs10.exe
2015-02-12 22:53:27 D23047ABB3E548B89C73CE8AC65A3A75 31384 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-aspnet_wp_exe_b03f5f7f11d50a3a_6.3.9600.16384_none_dff60f8750549d0e\aspnet_wp.exe
2015-02-12 22:53:27 BFABF5C5027671A4FA266DF3DE334D6F 56472 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-applaunch_exe_b03f5f7f11d50a3a_6.3.9600.16384_none_e043f7972eff33f5\applaunch.exe
2015-02-12 22:53:27 84B64A04020D953103E52B8E9D07A3AA 30880 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-aspnet_regiis_exe_b03f5f7f11d50a3a_6.3.9600.16384_none_2d34f50de605d0d6\aspnet_regiis.exe
2015-02-12 22:53:27 49E85D74F61CA93F44CED9B9EB241EF3 228496 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-clr_ilasm_exe_b03f5f7f11d50a3a_6.3.9600.16384_none_1e1d5e9c51d9d1dd\ilasm.exe
2015-02-12 22:53:27 3B349EB27524AF05DECBA31CCE0999B8 31904 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_netfx-aspnet_state_exe_b03f5f7f11d50a3a_6.3.9600.16384_none_9c2a250c86e7ad74\aspnet_state.exe
2015-02-12 22:53:26 E8A64E3AA2172C8745A6A0B0FAB4A045 150168 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_wsatconfig_b03f5f7f11d50a3a_6.3.9600.16384_none_23eae3147b8caec0\wsatconfig.exe
2015-02-12 22:53:26 DED684BB6A0842DE4284FC15F14147DA 24576 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_aspnet_regbrowsers_b03f5f7f11d50a3a_6.3.9600.16384_none_24753e59dd1e0e9f\aspnet_regbrowsers.exe
2015-02-12 22:53:26 AA9F979481BAD377ECA3655EB4ABE687 106496 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_caspol_b03f5f7f11d50a3a_6.3.9600.16384_none_86e3e4a7b3eaa9b8\caspol.exe
2015-02-12 22:53:26 9B167479236A1232B4BFC3C4B59AD7DA 69632 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_msbuild_b03f5f7f11d50a3a_6.3.9600.16384_none_9c40514475438ebc\msbuild.exe
2015-02-12 22:53:26 7C6A11E80FE4E837219A880E7C8C62F7 28672 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_installutil_b03f5f7f11d50a3a_6.3.9600.16384_none_9684d201e52c559f\installutil.exe
2015-02-12 22:53:26 4A84F1D8A3ECA06E3DE5EF5D5E111D30 39584 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_addinprocess32_b77a5c561934e089_6.3.9600.16384_none_15af74c40880791f\addinprocess32.exe
2015-02-12 22:53:26 40B5345FF645F149C5CA677442A5FF0D 36864 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_aspnet_compiler_b03f5f7f11d50a3a_6.3.9600.16384_none_33d456511c9c37d9\aspnet_compiler.exe
2015-02-12 22:53:26 4034C57C73E54B055342CC9B99028D6E 106496 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_aspnet_regsql_b03f5f7f11d50a3a_6.3.9600.16384_none_6ae74fe0803fc7b0\aspnet_regsql.exe
2015-02-12 22:53:26 0653B51FE3E822CB95619D9E6388E37F 88720 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\x86_msbuild_b03f5f7f11d50a3a_3.5.9600.16384_none_90a8c55125986212\msbuild.exe
2015-02-12 22:53:25 F51C373055E605139799D8B188CE281F 129688 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_smsvchost_b03f5f7f11d50a3a_6.3.9600.16384_none_2d66ff7b187d2243\smsvchost.exe
2015-02-12 22:53:25 7B47332931E0B083D09F1E7FBDD3F147 43696 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_presentationfontcache_31bf3856ad364e35_6.3.9600.16384_none_a26a9554cbcdfac7\presentationfontcache.exe
2015-02-12 22:53:25 6910A5ED7D15D5E3D474D3A20C3C4E33 154272 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.3.9600.16384_none_65d9f56bc011cfa5\servicemodelreg.exe
2015-02-12 22:53:24 C7F7B5AD12C4751D7935376525CDEF0F 9728 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_ieexec_b03f5f7f11d50a3a_6.3.9600.16384_none_99ed792acbb894c6\ieexec.exe
2015-02-12 22:53:24 90DE74CDCD75EF5AD72ED2ED75126753 39576 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_addinutil_b77a5c561934e089_6.3.9600.16384_none_ad19c66312c2ee1e\addinutil.exe
2015-02-12 22:53:24 7578E1997F8F1C69317174C472F52683 72344 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_datasvcutil_b77a5c561934e089_6.3.9600.16384_none_62749fc7780d687a\datasvcutil.exe
2015-02-12 22:53:24 667A9F2D1D7D8FF0B088DC118D6E7F35 92816 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_edmgen_b77a5c561934e089_6.3.9600.16384_none_6077d492cf64b350\edmgen.exe
2015-02-12 22:53:24 57873746FBD36C12D574559275D4976F 5120 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_dfsvc_b03f5f7f11d50a3a_6.3.9600.16384_none_80da7f6d4d09de71\dfsvc.exe
2015-02-12 22:53:24 2DFED515E39065ACBD5C5559A90A9142 39584 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_addinprocess_b77a5c561934e089_6.3.9600.16384_none_8c3e1443ae37e517\addinprocess.exe
2015-02-12 22:53:24 2927B65CC840C145E1F11D1DEE2BE004 166560 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.3.9600.16384_none_0695b04598a5ca34\comsvcconfig.exe
2015-02-12 22:53:24 0ACA1AC0E70EDD8C44854AAE627F5D60 40960 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\sxs\msil_jsc_b03f5f7f11d50a3a_6.3.9600.16384_none_c2e130db9b83028d\jsc.exe
2015-02-12 22:53:17 7D510F7D05E0A16A1B6A0643E49213F0 507904 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\dlmanifests\microsoft-windows-iasserver-migplugin\iasmigreader.exe
2015-02-12 22:53:16 1FADEE024CBE8396538CFA2C8D412629 2935928 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\$OEM$\$$\Setup\Scripts\KMSpico_setup.exe
2015-02-12 22:53:15 C64440BB360D52882CC957E39CBA75D9 6168176 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\setupplatform.exe
2015-02-12 22:53:15 9865548C043CCD1A927A6EABA257B06B 46704 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\wicainventory.exe
2015-02-12 22:53:15 6F8D8FD1BF83E8452875D574E726A994 260712 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\setupresume.exe
2015-02-12 22:53:14 ED9729D6CA24B4AADACD5123D1BB2067 116328 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\queryappblock.exe
2015-02-12 22:53:14 ECF429E42C623E435DA179CA7BB361E1 280168 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\mighost.exe
2015-02-12 22:53:14 28F66D38E320A443C895A3FE353EDB31 257640 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\postrollback.exe
2015-02-12 22:53:14 27106FF84C1CA20E7E778B2C9BBD4995 126056 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\rollback.exe
2015-02-12 22:53:14 21FDF02893648E543DB64728D5437AB9 94824 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\setuperror.exe
2015-02-12 22:53:14 05E57FBD3B027894CFA8C56959E57B89 270952 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\setup.exe
2015-02-12 22:53:13 6B354EBA6274926D25F30290F7950F4D 10518632 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\installprep.exe
2015-02-12 22:52:33 659DA8B4BC805E2AB7E6280A6CA89F2F 4928616 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\install.exe
2015-02-12 22:52:33 22DC4542413D519E6B5033B523B065D0 245760 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\dism.exe
2015-02-12 22:47:11 7D510F7D05E0A16A1B6A0643E49213F0 507904 ----a-r- C:\$WINDOWS.~BT\Sources\dlmanifests\microsoft-windows-iasserver-migplugin\iasmigreader.exe
2015-02-12 22:47:10 C64440BB360D52882CC957E39CBA75D9 6168176 ----a-r- C:\$WINDOWS.~BT\Sources\setupplatform.exe
2015-02-12 22:47:10 9865548C043CCD1A927A6EABA257B06B 46704 ----a-r- C:\$WINDOWS.~BT\Sources\wicainventory.exe
2015-02-12 22:47:10 6F8D8FD1BF83E8452875D574E726A994 260712 ----a-r- C:\$WINDOWS.~BT\Sources\setupresume.exe
2015-02-12 22:47:09 ED9729D6CA24B4AADACD5123D1BB2067 116328 ----a-r- C:\$WINDOWS.~BT\Sources\QueryAppBlock.exe
2015-02-12 22:47:09 ECF429E42C623E435DA179CA7BB361E1 280168 ----a-r- C:\$WINDOWS.~BT\Sources\mighost.exe
2015-02-12 22:47:09 6B354EBA6274926D25F30290F7950F4D 10518632 ----a-r- C:\$WINDOWS.~BT\Sources\InstallPrep.exe
2015-02-12 22:47:09 659DA8B4BC805E2AB7E6280A6CA89F2F 4928616 ----a-r- C:\$WINDOWS.~BT\Sources\Install.exe
2015-02-12 22:47:09 28F66D38E320A443C895A3FE353EDB31 257640 ----a-r- C:\$WINDOWS.~BT\Sources\PostRollback.exe
2015-02-12 22:23:29 B5E6433A4CBC10C019BD24452E79D054 42555824 ----a-w- C:\Users\Manraj\AppData\Roaming\Dropbox\bin\Dropbox.exe
2015-02-12 22:12:08 F98DE4108614E4BB81E95E58E36C7000 46080 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleUpdateBroker.exe
2015-02-12 22:12:08 D858BA2EE718B1DB1CED20646E641D08 68608 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleUpdate.exe
2015-02-12 22:12:08 7E767B342E55EB1DFD74A65D24EA4B70 46080 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleUpdateOnDemand.exe
2015-02-12 22:12:08 03114DADBD9977FC823F95B21FB987E7 72872 ----a-w- C:\Users\Manraj\AppData\Local\Temp\comh.240431\GoogleCrashHandler.exe
2015-02-12 22:11:45 BAA47E14DC9181081E076CA6F715C93C 73465 ----a-w- C:\Program Files (x86)\ImgBurn\uninstall.exe
2015-02-12 21:09:03 2A4688C5E737E09086DA67037FF1D4C0 629824 ------w- C:\Users\Manraj\AppData\Local\Temp\PositiveFinds\Setup.exe
2015-02-11 21:25:20 CFF93A0B5C60B532A9DD83123A975D03 4971760 ----a-w- C:\Users\Manraj\AppData\Local\NVIDIA\NvBackend\Packages\0000700c\DAO.19311953.exe
2015-02-11 18:56:28 83FFF4B1C23711BC5F04A608F8E7BC3C 514560 ----a-w- C:\Windows\SysWOW64\Launcher.exe
2015-02-11 18:56:21 2DC26B9CDC2B4F2DCCA87E4AD2CC3A43 894071 ----a-w- C:\Windows\SysWOW64\Tools.exe
2015-02-11 01:13:22 82DA8BC4AB3F5719A5D67AB1E3CD87BC 262760 ----a-w- C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
2015-02-11 01:12:28 D5D19E8325CFEA00DF53FEC724D9DA51 257696 ----a-w- C:\Users\Manraj\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
2015-02-11 00:23:58 F7A9D2E57D357B36C11F1C8269F2B05F 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe
2015-02-11 00:23:58 ACC85159376F84F49F8FE6D860E39A4F 8704 ----a-w- C:\Windows\SysWOW64\instnm.exe
2015-02-11 00:23:58 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-02-11 00:23:57 1D4E9DD1CF2B3A280FCF26693FBBD299 4096 ----a-w- C:\Windows\SysWOW64\user.exe
2015-02-11 00:23:30 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\System32\ie4uinit.exe
2015-02-11 00:23:25 B62B7F2ACDEDF61F4DAA1FF2A6BB247A 67240 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-02-10 21:24:17 4870B929D6B7A75196C54710221FBA56 4402928 ----a-w- C:\Users\Manraj\AppData\Local\NVIDIA\NvBackend\Packages\00006fd5\vops-skyrim.19307525.exe
=== C: other files ==
2015-02-13 17:58:05 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\prelim.bat
2015-02-13 17:58:05 E49F9C309DC32E854A081507B89EBE39 11201 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\runvalues.bat
2015-02-13 17:58:05 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\TDL4.bat
2015-02-13 17:58:05 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\medfos.bat
2015-02-13 17:58:05 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\surfvox.bat
2015-02-13 17:58:05 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\searchlnk.bat
2015-02-13 17:58:05 8BA81DD47CF392BEBEE506E3789F9FBA 14924 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\get.bat
2015-02-13 17:58:05 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\firefox.bat
2015-02-13 17:58:05 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\ev_clear.bat
2015-02-13 17:58:05 56CE326F6AAE3CF1709D332C04E8F9F1 191237 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\misc.bat
2015-02-13 17:58:05 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\ask.bat
2015-02-13 17:58:05 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\iexplore.bat
2015-02-13 17:58:05 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\delfolders.bat
2015-02-13 17:58:05 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\mws.bat
2015-02-13 17:58:05 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Manraj\AppData\Local\Temp\jrt\chrome.bat
2015-02-12 22:53:30 D4BEFEBF3CEF129AC087422B9E912788 4096 ----a-w- C:\Users\Manraj\Desktop\Windows 8\boot\etfsboot.com
2015-02-12 22:53:18 46E876C55F0B4A5EAC1DD6F36B10156D 6868 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\etwproviders\etwproviderinstall.vbs
2015-02-12 22:53:14 2E04BDD813B3A18158F9916AF4210734 5120 ----a-w- C:\Users\Manraj\Desktop\Windows 8\sources\nxquery.sys
2015-02-12 22:47:10 2E04BDD813B3A18158F9916AF4210734 5120 ----a-r- C:\$WINDOWS.~BT\Sources\nxquery.sys
2015-02-11 00:23:55 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\Windows\System32\drivers\cng.sys
2015-02-11 00:23:55 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-02-11 00:23:25 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\Windows\System32\win32k.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-21-2917843931-2079053167-3573301051-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
 
==== Startup Folders ======================
 
2014-05-28 03:53:33 1153 ----a-w- C:\Users\Manraj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/05/2014 09:21]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/05/2014 09:21]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{79ECBCEF-EE26-487F-8DE4-490C964862E6}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== Chromium Look ======================
 
Angry Birds - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Google Docs - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Show the YouTube Channel bar or the name. - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn
YouTube - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Inline Youtube - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehebapamcfpaadhjagimnbohggikmlpc
Photo Zoom for Facebook - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi
Streamus - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbnkffmindojffecdhbbmekbmkkfpmjd
ShiftEdit - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij
Smooth Gestures - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld
Google Maps - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
Google Dictionary (by Google) - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja
Google Wallet - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Evernote Web Clipper - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc
Gmail - Manraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Manraj\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Manraj\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Manraj\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Manraj\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
 
==== Empty FireFox Cache ======================
 
No FireFox Profiles found
 
==== Empty Chrome Cache ======================
 
C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=25 folders=24 21541822 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Manraj\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Manraj\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
 
==== EOF on 17/02/2015 at 17:46:56.34 ======================

  • 0

#12
ruggie_uk

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Hi Nas, Naathim is indisposed right now so I will take over where he left off.

 

Please bear with me while I catch up on where we are at and we can carry on. :D

 

Rugs


  • 0

#13
ruggie_uk

ruggie_uk

    Trusted Helper

  • Malware Removal
  • 2,083 posts

Hi.
Ok it looks pretty good so far apart from a dodgy chrome start page so we will get rid of that, then let malwarebytes take a look for any remnants.

 
Step 1
 
FRST Fix

If FRST.exe/FRST64.exe is not on your desktop, please download Farbar Recovery Scan Tool and save it to your desktop.

  • Download the attached Attached File  fixlist.txt   187bytes   36 downloads and save it to your desktop <<< very important - it must be in the same location as FRST.exe/FRST64.exe
  • Right click frst.png and run as administrator. When the tool opens click Yes to the disclaimer.
  • Press the Fix button.
  • It will produce a log called fixlog.txt on your Desktop.
  • Please copy and paste the contents of that log back here.

    NOTICE: This script was written specifically for this user, for use on that particular machine, at this point in time. Running this on another machine may cause damage to your operating system.

Step 2
Install and Run Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware from Here or Here (or re-run it if you already have it installed)

  • Double Click the downloaded mbam-setup-x.x.x.xxxx.exe to install the application. (x.x.x.xxxx represents the current version number).
  • During installation, make sure uncheck Enable free trial of Malwarebytes Anti-Malware Premium, then click Finish. You can always upgrade later ;) :
    MBAM1_zps65d773c0.png
  • If an update is found, it will download and install the latest updates automatically:
  • Now select the Settings tab, and check the box next to Scan for rootkits and ensure the PUP and PUM options are selected to treat as malware:
    mbam-select.png
  • Go back to the Dashboard tab, and click the Scan Now button:
    mbam-scan.png
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, it will show you the results. (This one is clean):
    MBAM65_zpsb0aa143c.png
  • If threats are detected, click the Apply Actions button.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note below) If the log doesn't open, select View detailed log in the Scan tab:
    MBAM7_zps782405f0.png
  • The log is automatically saved by MBAM and can be viewed by going to the History tab and clicking on Application Logs:
    MBAM9_zps1f87702b.png
  • Choose the latest Scan Log, and click on the View button:
    MBAM10_zps5a48f689.png
  • In the bottom of the Scanning History Log window that opens, you can click on Export > Save to Text file (*.txt). Save the report to your Desktop.
    MBAM8_zpsad402941.png
  • Copy & Paste the entire contents of the report log in your next reply.
     
  • Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

    *** In your next reply, I need you to Copy&Paste the contents of the MBAM log file.

Items I need to see in your next post:

  • FRST Fixlog
  • Malwarebytes Log
  • How is it running?


  • 0

#14
Nas

Nas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by Manraj at 2015-02-19 18:55:47 Run:1
Running from C:\Users\Manraj\Desktop
Loaded Profiles: Manraj (Available profiles: Manraj)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
createrestorepoint:
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/", "hxxp://uk.search.yahoo.com?type=714647&fr=spigot-yhp-ch", "https://www.google.co.uk/"
emptytemp:
end
*****************
 
Restore point was successfully created.
Chrome StartupUrls deleted successfully.
EmptyTemp: => Removed 632.1 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 18:55:53 ====
 
 
 
 
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 19/02/2015
Scan Time: 18:59:35
Logfile: report.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.19.08
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Manraj
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340327
Time Elapsed: 4 min, 25 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 8
PUP.Optional.SuperPlusRadio.A, HKLM\SOFTWARE\WOW6432NODE\SuperPlusRadio v2.1, Quarantined, [ef236bafe2a89f97793f99fe39ca1de3], 
PUP.Optional.SuperPlusRadio.A, HKLM\SOFTWARE\WOW6432NODE\SuperPlusRadio v2.1-nv, Quarantined, [8b8783974c3e67cf9a1eff9853b051af], 
PUP.Optional.SuperPlusRadio.A, HKLM\SOFTWARE\WOW6432NODE\SuperPlusRadio v2.1-nv-ie, Quarantined, [d042db3f7218e94d1a9e148342c1c63a], 
PUP.Optional.SuperPlusRadio.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SuperPlusRadio v2.1-nv, Quarantined, [e82a8b8f5535ed496257f3a40cf7956b], 
PUP.Optional.SuperPlusRadio.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SuperPlusRadio v2.1-nv-ie, Quarantined, [47cb63b7a0ea122465541681c63d43bd], 
PUP.Optional.SuperPlusRadio.A, HKU\S-1-5-21-2917843931-2079053167-3573301051-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SuperPlusRadio v2.1, Quarantined, [bc569b7fd3b78da9ffba1a7d8d763fc1], 
PUP.Optional.SuperPlusRadio.A, HKU\S-1-5-21-2917843931-2079053167-3573301051-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SuperPlusRadio v2.1-nv, Quarantined, [f022948689010b2b269371264fb449b7], 
PUP.Optional.SuperPlusRadio.A, HKU\S-1-5-21-2917843931-2079053167-3573301051-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SuperPlusRadio v2.1-nv-ie, Quarantined, [769ce634325878becbeedeb9cf346e92], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 4
PUP.Optional.BoostSaves.A, C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage, Delete-on-Reboot, [c34f40da5e2cb4820572cad35ea506fa], 
PUP.Optional.BoostSaves.A, C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal, Delete-on-Reboot, [55bda872e4a642f4e2952d707192d927], 
PUP.Optional.Boost.A, C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage, Delete-on-Reboot, [c9492eec612941f548041a9d2ed5cd33], 
PUP.Optional.Boost.A, C:\Users\Manraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal, Delete-on-Reboot, [d33fa7733b4fba7cfc504374af543ac6], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
 
Thanks for your help Ruggie! Now as for how its running, its actually worse than what it was before lol. Ive got pop ups on my right side of screen, left side I have a navigation bar, videos opening up, its a mess. 

  • 0

#15
Nas

Nas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

2meegwk.png

 

Im getting audio adverts and all sorts, not looking good!  :headscratch:


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP