ok done
here is the log files
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2015 01
Ran by Maulik at 2015-04-18 16:53:22
Running from C:\Users\Maulik\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
BitTorrent (HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.100.82.88 - Dell Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{A7365B85-57D8-39EA-BB3E-D20137E92369}) (Version: 5.41.0.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
jGRASP (HKLM-x32\...\jGRASP) (Version: 2.0.1_01 - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark Z700-P700 Series (HKLM\...\Lexmark Z700-P700 Series) (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mathematica Extras 10.0 (5099479) (HKLM\...\A-WIN-Extras 10.0.0 5099479_is1) (Version: 10.0.0 - Wolfram Research, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31010.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\MyFreeCodec) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
OpenAFS for Windows (64-bit) (HKLM\...\{2BF69D53-032B-424F-A98D-AA0596FBCB16}) (Version: 1.7.3100 - OpenAFS.org)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Python 3.4.1 (HKLM-x32\...\{df32bb9e-3ed8-36b5-a649-e8c845c5f3a2}) (Version: 3.4.1150 - Python Software Foundation)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Reliance Netconnect+ (HKLM\...\ZTEWireless-101_is1) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SSH Secure Shell (HKLM-x32\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
SyncDroid version 1.2.3 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.3 - JunTu Software, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7600 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.12.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.3 - The Wireshark developer community, http://www.wireshark.org)
Wolfram Mathematica 10 (M-WIN-L 10.0.0 5099521) (HKLM\...\M-WIN-L 10.0.0 5099521_is1) (Version: 10.0.0 - Wolfram Research, Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-04-2015 03:00:20 Windows Update
09-04-2015 21:35:11 Windows Update
10-04-2015 03:00:14 Windows Update
12-04-2015 03:00:23 Windows Update
13-04-2015 03:00:22 Windows Update
14-04-2015 03:00:11 Windows Update
15-04-2015 03:00:22 Windows Update
16-04-2015 03:00:12 Windows Update
17-04-2015 03:00:19 Windows Update
18-04-2015 03:00:12 Windows Update
18-04-2015 03:12:15 Windows Update
18-04-2015 13:52:18 Restore Point Created by FRST
18-04-2015 16:13:51 Removed Google Talk Plugin
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2015-04-18 13:52 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02B0AD76-A161-4250-8FEB-D8133E645032} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000UA => C:\Users\Maulik\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {14C3EEE6-4A72-454C-B38D-71EC49430EFC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {2B803F54-54F4-4E41-85DC-75CF50903D44} - System32\Tasks\{72D097A9-B308-48CB-9DAB-00011703ED9E} => pcalua.exe -a "C:\Users\Maulik\Downloads\EA SPORTS Cricket 07_uninst.exe" -d C:\Users\Maulik\Downloads
Task: {30B377B1-23E2-4943-8345-1FDFF77AA7D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18] (Google Inc.)
Task: {3614485B-54FD-4584-B4C6-3364C9CD16BA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000UA => C:\Users\Maulik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-25] (Facebook Inc.)
Task: {570E2B20-2508-4A08-AE2B-C2E95189BD43} - System32\Tasks\{3CFC623F-BD02-44A7-A4D7-16470AF7D571} => pcalua.exe -a "C:\Users\Maulik\Downloads\Sophos AntiVirus v7.3.3 Cracked - vibept\Sophos_Anti-Virus_Enterprise 2009.exe" -d "C:\Users\Maulik\Downloads\Sophos AntiVirus v7.3.3 Cracked - vibept"
Task: {6189AEC2-49A5-4D13-8521-0FF342651CBF} - System32\Tasks\ParetoLogic Registration => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll" RunUns
Task: {70585652-4CDC-4221-8644-E124031CAF1E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000Core => C:\Users\Maulik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-25] (Facebook Inc.)
Task: {872F8A02-00CD-4042-9ECF-8248AB3C0280} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {960625F2-D23D-455F-BCCD-972BEEA5CD53} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B255DC66-6B1E-4D12-91B1-BBE6E5F93C2A} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {C54BC790-889F-42FC-B406-DB7749805A00} - System32\Tasks\Leader Technologies\PowerRegister\Seagate Product Registration (Maulik) => C:\Users\Maulik\AppData\Roaming\Leadertech\PowerRegister\Seagate Product Registration.exe [2012-09-26] (Leader Technologies/Seagate)
Task: {C60FCC9C-2FFF-41AD-8E4B-9CDEA4E797FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {D8CBF0DC-CC3B-49BE-B436-E703061EEA31} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000Core => C:\Users\Maulik\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {E5DD8ADD-25A8-4237-A097-397A71705197} - System32\Tasks\SystemToolsDailyTest => c:\Program Files\Dell Support Center\pcdrcui.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {EEA42B26-CAC9-4DBF-A9CD-EA472B416CF4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18] (Google Inc.)
Task: {FEC113C0-A0DA-4879-B684-AB6D03E20482} - System32\Tasks\PCDEventLauncher => c:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-14] (PC-Doctor, Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000Core.job => C:\Users\Maulik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000UA.job => C:\Users\Maulik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000Core.job => C:\Users\Maulik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000UA.job => C:\Users\Maulik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ParetoLogic Registration.job => C:\windows\system32\rundll32.exeFC:\Program Files (x86)\Common Files\ParetoLogic\UUS2\UUS.dll
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\windows\Tasks\SystemToolsDailyTest.job => c:\Program Files\Dell Support Center\pcdrcui.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-13 07:35 - 2013-09-05 15:14 - 00406528 _____ () C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe
2014-05-13 12:17 - 2014-05-13 12:17 - 00043416 _____ () C:\Program Files\OpenAFS\Client\Program\afs_shl_ext_1033.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-05-12 05:49 - 2014-05-12 05:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2011-01-13 16:56 - 2011-01-13 16:56 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2012-07-25 22:43 - 2011-03-25 21:28 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2011-06-27 20:26 - 2011-06-27 20:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
2012-07-25 20:41 - 2012-01-26 22:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-06-29 09:52 - 2011-06-29 09:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
2014-05-13 12:12 - 2014-05-13 12:12 - 00071576 _____ () C:\Program Files\OpenAFS\Common\TaAfsAppLib_1033.dll
2014-05-13 12:18 - 2014-05-13 12:18 - 00097688 _____ () C:\Program Files\OpenAFS\Client\Program\afscreds_1033.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
2010-03-22 16:52 - 2010-03-22 16:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
2010-03-16 21:28 - 2010-03-16 21:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
2011-06-25 00:20 - 2011-06-25 00:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
2011-06-27 20:25 - 2011-06-27 20:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
2011-06-25 00:21 - 2011-06-25 00:21 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
2010-03-05 16:07 - 2010-03-05 16:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
2010-03-11 20:52 - 2010-03-11 20:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
2014-10-15 04:12 - 2014-10-15 04:12 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2012-07-25 20:14 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Maulik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-891173389-2658835656-2395992767-500 - Administrator - Disabled)
Guest (S-1-5-21-891173389-2658835656-2395992767-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-891173389-2658835656-2395992767-1002 - Limited - Enabled)
Maulik (S-1-5-21-891173389-2658835656-2395992767-1000 - Administrator - Enabled) => C:\Users\Maulik
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/18/2015 03:31:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2015 03:04:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2015 01:58:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2015 01:52:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8b899193-3ff3-4c3f-8238-1ead11d6d4f7}
Error: (04/18/2015 11:08:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/16/2015 10:23:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13897286
Error: (04/16/2015 10:23:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13897286
Error: (04/16/2015 10:23:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/16/2015 06:31:19 PM) (Source: Google Update) (EventID: 20) (User: Maulik-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80
Error: (04/16/2015 04:06:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4446
System errors:
=============
Error: (04/18/2015 03:30:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069
Error: (04/18/2015 03:30:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (04/18/2015 03:30:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\System32\bcmihvsrv64.dll
Error: (04/18/2015 03:30:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\System32\bcmihvsrv64.dll
Error: (04/18/2015 03:30:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
%%1069
Error: (04/18/2015 03:30:01 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error:
%%50
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (04/18/2015 03:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069
Error: (04/18/2015 03:30:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (04/18/2015 03:29:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\windows\System32\bcmihvsrv64.dll
Error: (04/18/2015 03:29:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The OpenAFS Client Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Microsoft Office Sessions:
=========================
Error: (04/18/2015 03:31:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2015 03:04:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2015 01:58:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/18/2015 01:52:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8b899193-3ff3-4c3f-8238-1ead11d6d4f7}
Error: (04/18/2015 11:08:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/16/2015 10:23:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13897286
Error: (04/16/2015 10:23:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13897286
Error: (04/16/2015 10:23:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/16/2015 06:31:19 PM) (Source: Google Update) (EventID: 20) (User: Maulik-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80
Error: (04/16/2015 04:06:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4446
==================== Memory info ===========================
Processor: Intel® Core i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 51%
Total physical RAM: 4004.27 MB
Available physical RAM: 1949.61 MB
Total Pagefile: 8006.73 MB
Available Pagefile: 5566.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive a: (smarat) (Fixed) (Total:210.13 GB) (Free:210.04 GB) NTFS
Drive c: (OS) (Fixed) (Total:236 GB) (Free:134.49 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1F908D00)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=236 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=210.1 GB) - (Type=OF Extended)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by Maulik (administrator) on MAULIK-PC on 18-04-2015 16:52:28
Running from C:\Users\Maulik\Desktop
Loaded Profiles: Maulik (Available profiles: Maulik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\WINDOWS\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
( ) C:\WINDOWS\System32\lxblcoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(OpenAFS Project) C:\Program Files\OpenAFS\Client\Program\afsd_service.exe
() C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(OpenAFS Project) C:\Program Files\OpenAFS\Client\Program\afscreds.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\AfsLogon: C:\Program Files\OpenAFS\Client\Program\afslogon.dll (OpenAFS Project)
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\Run: [Facebook Update] => C:\Users\Maulik\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-25] (Facebook Inc.)
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\Run: [Google Update] => C:\Users\Maulik\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-11] (Google Inc.)
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\RunOnce: [Adobe Speed Launcher] => 1429385514
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\MountPoints2: E - E:\Autorun.exe /Auto
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\MountPoints2: {750af871-c974-11e4-b325-642737f2a352} - E:\Autorun.exe /Auto
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\...\MountPoints2: {750af882-c974-11e4-b325-642737f2a352} - E:\Autorun.exe /Auto
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AFS Credentials.lnk
ShortcutTarget: AFS Credentials.lnk -> C:\Program Files\OpenAFS\Client\Program\afscreds.exe (OpenAFS Project)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\WINDOWS\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\Maulik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Clash of Clans.lnk
ShortcutTarget: Clash of Clans.lnk -> C:\ProgramData\{416eca45-de47-9077-416e-eca45de42917}\Clash of Clans.exe (No File)
ShellIconOverlayIdentifiers: [AFS Mount Point Overlay] -> {5F820CA1-3DDE-11DB-B2CE-001558092DB5} => C:\Program Files\OpenAFS\Client\Program\afs_shl_ext.dll (OpenAFS Project)
ShellIconOverlayIdentifiers: [AFS Symlink Overlay] -> {5F820CA1-3DDE-11DB-B2CE-001558092DB6} => C:\Program Files\OpenAFS\Client\Program\afs_shl_ext.dll (OpenAFS Project)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-891173389-2658835656-2395992767-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-891173389-2658835656-2395992767-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-891173389-2658835656-2395992767-1000 -> {8552A5F7-68D6-4B7E-B34A-0708F8C7F986} URL =
SearchScopes: HKU\S-1-5-21-891173389-2658835656-2395992767-1000 -> {A9023071-08B6-45F7-B480-5411E54BDDB2} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Maulik\AppData\Roaming\Mozilla\Firefox\Profiles\szphl5wi.default-1429389796530
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll [2014-10-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll [2014-10-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.0.0.5099479\npmathplugin.dll [2014-07-01] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-891173389-2658835656-2395992767-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Maulik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-891173389-2658835656-2395992767-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Maulik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-03-26] (Google)
FF Plugin HKU\S-1-5-21-891173389-2658835656-2395992767-1000: @talk.google.com/O1DPlugin -> C:\Users\Maulik\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-03-26] (Google)
FF Plugin HKU\S-1-5-21-891173389-2658835656-2395992767-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Maulik\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-891173389-2658835656-2395992767-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Maulik\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-891173389-2658835656-2395992767-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Maulik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Maulik\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-01-27] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Maulik\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-03-26] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Maulik\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-03-26] (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-03]
Chrome:
=======
CHR Profile: C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18]
CHR Extension: (Google Docs) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18]
CHR Extension: (Google Drive) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-18]
CHR Extension: (YouTube) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-18]
CHR Extension: (Google Search) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18]
CHR Extension: (Google Sheets) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18]
CHR Extension: (Skype Click to Call) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-18]
CHR Extension: (Google Wallet) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-18]
CHR Extension: (Gmail) - C:\Users\Maulik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2253016 2013-10-02] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 lxbl_device; C:\windows\system32\lxblcoms.exe [566704 2007-04-20] ( )
R2 lxbl_device; C:\windows\SysWOW64\lxblcoms.exe [537520 2007-04-20] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 TransarcAFSDaemon; C:\Program Files\OpenAFS\Client\Program\afsd_service.exe [1011608 2014-05-13] (OpenAFS Project)
R2 UDisk Monitor; C:\Program Files\Reliance Netconnect+\bin\MonServiceUDisk.exe [406528 2013-09-05] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AFSLibrary; C:\Windows\System32\DRIVERS\AFSRedirLib.sys [338288 2014-05-13] (OpenAFS Project)
R1 AFSRedirector; C:\Windows\System32\DRIVERS\AFSRedir.sys [102768 2014-05-13] (OpenAFS Project)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 Generalusbserialser20679; C:\Windows\System32\DRIVERS\CT_U_USBSER.sys [124160 2013-09-05] (Incorporated)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 16:43 - 2015-04-18 16:43 - 00000000 ____D () C:\Users\Maulik\Desktop\Old Firefox Data
2015-04-18 16:27 - 2015-04-18 16:27 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-18 16:27 - 2015-04-18 16:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-18 16:26 - 2015-04-18 16:31 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-18 16:26 - 2015-04-18 16:31 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-18 16:26 - 2015-04-18 16:26 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-18 16:26 - 2015-04-18 16:26 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-18 15:38 - 2015-04-18 15:38 - 00000207 _____ () C:\windows\tweaking.com-regbackup-MAULIK-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-18 15:37 - 2015-04-18 15:37 - 00000000 ____D () C:\RegBackup
2015-04-18 15:35 - 2015-04-18 15:35 - 02686254 _____ (Thisisu) C:\Users\Maulik\Desktop\JRT.exe
2015-04-18 15:33 - 2015-04-18 15:33 - 00018541 _____ () C:\Users\Maulik\Desktop\cleaner so.txt
2015-04-18 15:26 - 2015-04-18 15:29 - 00000000 ____D () C:\AdwCleaner
2015-04-18 15:25 - 2015-04-18 15:25 - 02217984 _____ () C:\Users\Maulik\Desktop\adwcleaner_4.201.exe
2015-04-18 15:13 - 2015-04-18 15:13 - 00046195 _____ () C:\Users\Maulik\Desktop\results.txt
2015-04-18 14:32 - 2015-04-18 15:32 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-18 14:32 - 2015-04-18 14:32 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-18 14:32 - 2015-04-18 14:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-18 14:32 - 2015-04-18 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-18 14:32 - 2015-04-18 14:32 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-18 14:32 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-04-18 14:32 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-04-18 14:32 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-04-18 14:30 - 2015-04-18 14:31 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Maulik\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-18 11:54 - 2015-04-18 11:54 - 00038703 _____ () C:\Users\Maulik\Desktop\Addition.txt
2015-04-18 11:52 - 2015-04-18 16:53 - 00022732 _____ () C:\Users\Maulik\Desktop\FRST.txt
2015-04-18 11:52 - 2015-04-18 16:52 - 00000000 ____D () C:\FRST
2015-04-18 11:52 - 2015-04-18 11:52 - 02098176 _____ (Farbar) C:\Users\Maulik\Desktop\FRST64.exe
2015-04-15 23:03 - 2015-04-15 23:03 - 18178736 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 18:53 - 2015-04-18 15:01 - 00000000 ____D () C:\Program Files (x86)\Facebook Invite Them All
2015-04-14 18:50 - 2015-04-18 15:01 - 00000000 ____D () C:\ProgramData\{416eca45-de47-9077-416e-eca45de42917}
2015-04-14 03:20 - 2015-04-14 03:20 - 00364179 _____ () C:\Users\Maulik\Documents\a thought of life.wma
2015-04-12 00:09 - 2015-04-12 00:09 - 17385800 _____ (Google Inc.) C:\Users\Maulik\Downloads\picasa39-setup.exe
2015-04-11 08:32 - 2015-04-14 12:03 - 02009674 _____ () C:\Users\Maulik\Documents\CH 15 the chemical revolution.pptx
2015-04-08 18:03 - 2015-04-08 18:03 - 00300975 _____ () C:\Users\Maulik\Downloads\IS 350 Debate.pptx
2015-04-07 16:52 - 2015-04-07 16:52 - 00046248 _____ () C:\Users\Maulik\Downloads\Java_Socke183657142005.zip
2015-04-07 16:23 - 2015-04-07 16:23 - 00935657 _____ () C:\Users\Maulik\Downloads\C2J.exe
2015-04-03 21:31 - 2015-04-03 21:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-01 22:49 - 2015-01-14 01:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-01 22:49 - 2015-01-14 01:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-01 22:49 - 2015-01-11 23:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-01 22:49 - 2015-01-11 23:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-01 22:49 - 2015-01-11 22:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-01 22:49 - 2015-01-11 22:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-01 22:49 - 2015-01-11 22:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-01 22:49 - 2015-01-11 22:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-01 22:49 - 2015-01-11 22:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-01 22:49 - 2015-01-11 22:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-01 22:49 - 2015-01-11 22:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-01 22:49 - 2015-01-11 22:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-01 22:49 - 2015-01-11 22:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-01 22:49 - 2015-01-11 22:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-01 22:49 - 2015-01-11 22:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-01 22:49 - 2015-01-11 22:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-01 22:49 - 2015-01-11 22:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-01 22:49 - 2015-01-11 22:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-01 22:49 - 2015-01-11 22:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-01 22:49 - 2015-01-11 22:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-01 22:49 - 2015-01-11 22:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-01 22:49 - 2015-01-11 22:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-01 22:49 - 2015-01-11 22:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-01 22:49 - 2015-01-11 21:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-01 22:49 - 2015-01-11 21:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-01 22:49 - 2015-01-11 21:55 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-01 22:49 - 2015-01-11 21:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-01 22:49 - 2015-01-11 21:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-01 22:49 - 2015-01-11 21:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-01 22:49 - 2015-01-11 21:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-01 22:49 - 2015-01-11 21:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-01 22:49 - 2015-01-11 21:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-01 22:49 - 2015-01-11 21:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-01 22:49 - 2015-01-11 21:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-01 22:49 - 2015-01-11 21:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-01 22:49 - 2015-01-11 21:29 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-01 22:49 - 2015-01-11 21:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-01 22:49 - 2015-01-11 21:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-01 22:49 - 2015-01-11 21:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-01 22:49 - 2015-01-11 21:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-01 22:49 - 2015-01-11 21:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-01 22:49 - 2015-01-11 21:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-01 22:49 - 2015-01-11 21:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-01 22:49 - 2015-01-11 20:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-01 22:49 - 2015-01-11 20:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-01 22:49 - 2015-01-10 02:51 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-01 22:49 - 2015-01-10 02:51 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-01 22:49 - 2015-01-10 02:48 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-01 22:49 - 2015-01-10 02:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-01 22:49 - 2015-01-10 02:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-01 22:49 - 2015-01-10 02:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-01 22:49 - 2015-01-10 02:44 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-01 22:49 - 2015-01-10 02:44 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-01 22:49 - 2015-01-10 02:42 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-01 22:49 - 2015-01-10 02:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-01 22:49 - 2015-01-10 02:26 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-01 22:49 - 2015-01-10 02:26 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-01 22:49 - 2015-01-10 02:24 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-01 22:49 - 2015-01-10 02:24 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-01 22:49 - 2015-01-10 02:23 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-01 22:49 - 2014-12-29 21:23 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-04-01 22:48 - 2015-01-11 23:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-01 22:48 - 2015-01-11 22:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-01 22:48 - 2015-01-11 22:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-01 22:48 - 2015-01-11 22:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-01 22:48 - 2015-01-11 22:33 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-01 22:48 - 2015-01-11 22:32 - 06041088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-01 22:48 - 2015-01-11 22:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-01 22:48 - 2015-01-11 22:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-01 22:48 - 2015-01-11 21:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-01 22:48 - 2015-01-11 21:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-01 22:48 - 2015-01-11 21:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-31 21:34 - 2015-03-31 23:04 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
2015-03-31 21:34 - 2015-03-31 21:34 - 00003402 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Delay
2015-03-31 12:03 - 2015-03-31 12:03 - 00000000 ____D () C:\Users\Maulik\AppData\Roaming\Mathematica
2015-03-31 12:03 - 2015-03-31 12:03 - 00000000 ____D () C:\Users\Maulik\AppData\Local\Wolfram Research
2015-03-31 12:03 - 2015-03-31 12:03 - 00000000 ____D () C:\Users\Maulik\AppData\Local\Mathematica
2015-03-31 12:02 - 2015-03-31 12:03 - 00000000 ____D () C:\ProgramData\Mathematica
2015-03-31 12:02 - 2015-03-31 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2015-03-31 12:02 - 2015-03-31 12:02 - 00000000 ____D () C:\Program Files\Extras
2015-03-31 12:02 - 2015-03-31 12:02 - 00000000 ____D () C:\Program Files\Common Files\Wolfram Research
2015-03-31 11:07 - 2015-03-31 11:07 - 00000000 ____D () C:\Program Files\Wolfram Research
2015-03-29 16:31 - 2015-03-29 16:31 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-03-29 16:31 - 2015-03-29 16:31 - 00000000 ____D () C:\windows\System32\Tasks\Apple
2015-03-29 16:31 - 2015-03-29 16:31 - 00000000 ____D () C:\Users\Maulik\AppData\Local\Apple
2015-03-29 16:31 - 2015-03-29 16:31 - 00000000 ____D () C:\Program Files\Bonjour
2015-03-29 16:31 - 2015-03-29 16:31 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-03-29 16:31 - 2015-03-29 16:31 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-03-29 16:30 - 2015-03-29 16:31 - 00000000 ____D () C:\ProgramData\Apple
2015-03-29 16:30 - 2015-03-29 16:31 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-26 11:26 - 2015-03-26 11:29 - 00001584 _____ () C:\Users\Maulik\Downloads\Midterm 2 Solutions.py
2015-03-26 11:24 - 2015-03-26 11:29 - 00001914 _____ () C:\Users\Maulik\Downloads\PMT2.py
2015-03-24 11:17 - 2015-03-24 11:17 - 00000000 ____D () C:\Users\Maulik\Tracing
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 16:40 - 2014-02-11 21:54 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000UA.job
2015-04-18 16:38 - 2012-07-25 20:07 - 01085882 _____ () C:\windows\WindowsUpdate.log
2015-04-18 16:27 - 2013-09-21 02:27 - 00000000 ____D () C:\Users\Maulik\AppData\Local\Google
2015-04-18 16:27 - 2013-09-21 02:27 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-18 16:03 - 2012-07-25 20:15 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 15:39 - 2009-07-14 00:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 15:39 - 2009-07-14 00:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 15:37 - 2009-07-14 01:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-18 15:31 - 2014-02-14 00:30 - 00000000 ____D () C:\Users\Maulik\AppData\Roaming\Skype
2015-04-18 15:31 - 2012-07-25 20:52 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-04-18 15:31 - 2012-07-25 20:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-04-18 15:31 - 2012-07-25 20:41 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-04-18 15:30 - 2010-11-20 23:47 - 00271790 _____ () C:\windows\PFRO.log
2015-04-18 15:30 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-18 15:30 - 2009-07-14 00:51 - 00078137 _____ () C:\windows\setupact.log
2015-04-18 15:13 - 2013-09-25 03:08 - 00000932 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000UA.job
2015-04-18 15:02 - 2012-07-25 22:59 - 00000000 ____D () C:\windows\ShellNew
2015-04-18 14:15 - 2013-09-13 14:33 - 00000422 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2015-04-18 14:13 - 2013-09-15 14:00 - 00003488 _____ () C:\windows\System32\Tasks\PCDEventLauncher
2015-04-18 14:13 - 2013-09-13 14:33 - 00003452 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2015-04-18 12:40 - 2014-02-11 21:54 - 00000860 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000Core.job
2015-04-18 11:06 - 2014-01-29 23:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 03:13 - 2013-09-25 03:08 - 00000910 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-891173389-2658835656-2395992767-1000Core.job
2015-04-17 20:33 - 2014-01-29 19:56 - 00000468 _____ () C:\windows\Tasks\ParetoLogic Registration.job
2015-04-16 22:24 - 2015-01-27 16:17 - 00000000 ____D () C:\Users\Maulik\Documents\CS113
2015-04-16 22:23 - 2014-05-16 14:56 - 00000000 ____D () C:\Users\Maulik\Desktop\Vivek and Mrugha Wedding5.16
2015-04-16 22:23 - 2014-01-28 02:01 - 00000000 ____D () C:\Users\Maulik\.grasp_settings
2015-04-16 03:47 - 2013-12-09 16:36 - 00000000 ____D () C:\windows\System32\Tasks\Games
2015-04-15 23:03 - 2012-07-25 20:15 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 23:03 - 2012-07-25 20:15 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 23:03 - 2012-07-25 20:15 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 17:36 - 2015-01-27 18:39 - 00000000 ____D () C:\Users\Maulik\Documents\CS356
2015-04-13 14:25 - 2015-02-04 08:13 - 00000000 ____D () C:\Users\Maulik\Documents\CS114
2015-04-13 10:02 - 2014-09-18 14:14 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-04-13 10:02 - 2014-09-18 14:14 - 00001052 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2015-04-08 21:20 - 2015-02-03 11:53 - 00000000 ____D () C:\Users\Maulik\Documents\IS350
2015-04-02 03:56 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2015-04-01 22:52 - 2014-07-16 23:58 - 00000000 ____D () C:\Users\Maulik\AppData\Local\Adobe
2015-04-01 22:39 - 2013-09-13 14:33 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-04-01 00:56 - 2015-02-03 12:32 - 00000000 ____D () C:\Users\Maulik\Downloads\junk
2015-04-01 00:56 - 2014-03-19 00:25 - 00000000 ____D () C:\Users\Maulik\AppData\Roaming\BitTorrent
2015-03-31 21:34 - 2013-09-13 14:33 - 00004272 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-03-31 11:04 - 2014-03-19 05:12 - 00000000 ____D () C:\Users\Maulik\Downloads\software plugins
2015-03-30 10:45 - 2012-07-25 20:29 - 00000000 ____D () C:\ProgramData\Nero
2015-03-30 10:45 - 2012-07-25 20:29 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-03-30 10:45 - 2012-07-25 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL
2015-03-30 10:36 - 2014-03-19 05:11 - 00000000 ____D () C:\Users\Maulik\Downloads\other stuff
2015-03-30 10:34 - 2015-03-03 11:19 - 00000000 ____D () C:\Users\Maulik\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones
2015-03-29 18:14 - 2013-09-23 21:39 - 00000000 ____D () C:\Users\Maulik\AppData\Local\Nero
2015-03-29 17:55 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2015-03-27 06:01 - 2014-09-17 21:43 - 00000000 ____D () C:\Users\Maulik\Documents\CS100 Python
2015-03-24 11:17 - 2014-12-08 20:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-24 11:17 - 2014-02-14 00:29 - 00000000 ____D () C:\ProgramData\Skype
2015-03-24 11:17 - 2013-09-13 03:30 - 00000000 ____D () C:\Users\Maulik
2015-03-21 04:19 - 2013-09-26 00:33 - 00000000 ____D () C:\Users\Maulik\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2014-01-26 22:15 - 2014-01-27 00:06 - 0000041 _____ () C:\Users\Maulik\AppData\Roaming\WB.CFG
Some content of TEMP:
====================
C:\Users\Maulik\AppData\Local\Temp\Quarantine.exe
C:\Users\Maulik\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 19:17
==================== End Of Log ============================