OK, here's FRST.txt and addition.txt. Cheers,
-------------frst-----------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015
Ran by Admin 2 for switch (administrator) on ADVAIT-LAPTOP on 06-05-2015 15:16:05
Running from C:\Users\Advait\Documents\Farbar FRST scanner
Loaded Profiles: Advait & Admin 2 for switch (Available profiles: Advait & Standard User Accoun & Admin 2 for switch)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apache Software Foundation) C:\Apache24\bin\httpd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Future Systems Solutions, Inc.) C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERABSVC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Apache Software Foundation) C:\Apache24\bin\httpd.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
() C:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Logitech©) C:\Program Files (x86)\Logitech\Z-5 Speakers\Z-5 Speakers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Mblaze_Home\CheckNDISPort.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(LastPass) C:\Program Files (x86)\LastPass\nplastpass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(The Audacity Team) C:\Program Files (x86)\Audacity\audacity.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [822816 2009-10-30] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [Google Desktop Search] => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-09] (Google)
HKLM-x32\...\Run: [Z-5 Speakers] => C:\Program Files (x86)\Logitech\Z-5 Speakers\Z-5 Speakers.exe [550160 2008-05-31] (Logitech©)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [CheckNDISPort] => C:\Program Files (x86)\Mblaze_Home\CheckNDISPort.exe [454656 2014-11-28] ()
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\utorrent\utorrent.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\utorrent\utorrent.exe <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Run: [Google Update] => C:\Users\Advait\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-26] (Google Inc.)
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-07] (Google Inc.)
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-18] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Run: [uTorrent] => "C:\Users\Advait\Documents\Downloads\Dwld Exes Misc\uTorrent.exe" /MINIMIZED
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {0402a836-e8be-11e3-b605-00262286b35d} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {0402a852-e8be-11e3-b605-00262286b35d} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {04d7129a-55ec-11e4-a17f-00262286b35d} - G:\Autorun.exe /Auto
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {25d41b5c-19a5-11e2-bcc9-806e6f6e6963} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {25d41b77-19a5-11e2-bcc9-00262286b35d} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {3188338b-9e1b-11e4-803a-00262286b35d} - F:\Windows/AutoRun.exe /autoinstall
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {364d44dc-59cf-11df-9ebf-005056c00008} - E:\setup_.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {450a0ce2-ea18-11e3-a7c5-00262286b35d} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {51d33d02-fa09-11df-b62a-80871bada31f} - G:\Setup.exe /Auto
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {7af679bc-d006-11e1-b1e8-00262286b35d} - IomegaEncryptionSetup v1.3.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {899c527b-c414-11e0-a3d9-a3f540c30016} - F:\LaunchU3.exe -a
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {8e1294f1-0b5b-11df-9af1-00262286b35d} - G:\IronKey.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {ac52c267-fc54-11e3-aa70-00262286b35d} - G:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {eef294e0-ea2a-11e3-a7f1-9fb6fd49dec7} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {f2e169d9-ea35-11e3-80c5-00262286b35d} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\MountPoints2: {f2e16a0c-ea35-11e3-80c5-aee97a8233b9} - F:\AutoRun.exe
HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-321482684-1703469-3941775667-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\Run: [Google Update] => C:\Users\Admin 2 for switch\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-26] (Google Inc.)
HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [785416 2015-02-18] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
AppInit_DLLs-x32: C:\PROGRA~2\Google\GOOGLE~4\GO36F4~1.DLL => C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-09-09] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-04-11]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-06-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
GroupPolicyUsers\S-1-5-21-321482684-1703469-3941775667-1006\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-321482684-1703469-3941775667-1000\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ie
HKU\S-1-5-21-321482684-1703469-3941775667-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
SearchScopes: HKU\S-1-5-21-321482684-1703469-3941775667-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
http://isearch.avg.c...r=&d=2012-02-2408:46:06&v=9.0.0.18&sap=dsp&q={searchTerms}
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-04-11] (LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-04-11] (LastPass)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-04-11] (LastPass)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-04-11] (LastPass)
Toolbar: HKU\S-1-5-21-321482684-1703469-3941775667-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Toolbar: HKU\S-1-5-21-321482684-1703469-3941775667-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-321482684-1703469-3941775667-1007 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-03] (Google Inc.)
Handler-x32: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2010-01-23] (Logitech Inc.)
Filter: text/html - No CLSID Value
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\Firefox\Profiles\euph91i7.default
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-04-11] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-04-11] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Advait\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1000: @talk.google.com/O1DPlugin -> C:\Users\Advait\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1007: @talk.google.com/GoogleTalkPlugin -> C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1007: @talk.google.com/O1DPlugin -> C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1007: @tools.google.com/Google Update;version=3 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin HKU\S-1-5-21-321482684-1703469-3941775667-1007: @tools.google.com/Google Update;version=9 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-09] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-02-06] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Admin 2 for switch\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Admin 2 for switch\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: LastPass - C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\Firefox\Profiles\euph91i7.default\Extensions\
[email protected] [2013-06-26]
FF Extension: Flashblock - C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\Firefox\Profiles\euph91i7.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-05-14]
FF Extension: NoScript - C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\Firefox\Profiles\euph91i7.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-06-25]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-30]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2014-06-30]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn [2015-05-06]
Chrome:
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll No File
CHR Plugin: (Java Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Profile: C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-28]
CHR Extension: (Google Drive) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-26]
CHR Extension: (YouTube) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-26]
CHR Extension: (Google Search) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-30]
CHR Extension: (Bookmark Manager) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-01-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-26]
CHR Extension: (Google Wallet) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-11]
CHR Extension: (Gmail) - C:\Users\Admin 2 for switch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-26]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-24]
CHR HKU\S-1-5-21-321482684-1703469-3941775667-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Advait\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-08-15]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apache2.4; C:\Apache24\bin\httpd.exe [22016 2013-02-23] (Apache Software Foundation) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 casperhpb; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERABSVC.EXE [423600 2014-01-25] (Future Systems Solutions, Inc.)
S3 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [217088 2015-01-29] (Connectify) [File not signed]
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-09-09] (Google)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175112 2015-02-18] (Sandboxie Holdings, LLC)
R2 UDisk Monitor; C:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe [403456 2010-05-14] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\BASHDefs\20150501.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2014-08-08] (Connectify)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-30] (Symantec Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-12] (Symantec Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\IPSDefs\20150501.001\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
S3 MEMSWEEP2; C:\Windows\system32\25E8.tmp [6144 2011-08-25] (Sophos Plc) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150505.017\ENG64.SYS [129752 2015-05-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.6.0.32\Definitions\VirusDefs\20150505.017\EX64.SYS [2137304 2015-05-04] (Symantec Corporation)
R1 networx; C:\Windows\System32\drivers\networx.sys [58360 2012-11-26] (NetFilterSDK.com)
S3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [31280 2010-05-25] ()
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15208 2009-06-17] (Secunia) [File not signed]
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-11] (Realtek Semiconductor Corporation )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [237064 2015-02-18] (Sandboxie Holdings, LLC)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2014-08-26] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-08-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-07] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-08-26] (Symantec Corporation)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-04-24] (Windows ® Win 7 DDK provider)
S3 ztemtusbser; C:\Windows\System32\DRIVERS\CT_ZTEMT_U_USBSER.sys [120704 2010-06-07] (ZTEMT Incorporated)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S2 RHDISK_AMD64; \??\C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 15:15 - 2015-05-06 15:16 - 00000000 ____D () C:\FRST
2015-05-06 15:14 - 2015-05-06 15:16 - 00000000 ____D () C:\Users\Advait\Documents\Farbar FRST scanner
2015-05-06 13:07 - 2015-05-06 13:47 - 00000710 _____ () C:\Users\Advait\Desktop\Videos to record.txt
2015-05-06 08:21 - 2015-05-06 08:21 - 00000073 _____ () C:\Users\Admin 2 for switch\Desktop\farbar download link.txt
2015-05-05 20:51 - 2015-05-05 20:51 - 00013788 _____ () C:\Users\Advait\Desktop\adwcleaner_4.203.exe.lnk
2015-05-04 11:52 - 2015-05-05 20:54 - 00000000 ____D () C:\AdwCleaner
2015-05-04 07:05 - 2015-05-04 07:05 - 656366267 _____ () C:\Windows\MEMORY.DMP
2015-04-29 18:37 - 2015-04-29 18:37 - 00000970 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-04-28 18:11 - 2015-04-28 18:11 - 00034978 _____ () C:\Users\Admin
2015-04-25 19:53 - 2015-04-25 19:53 - 00002322 _____ () C:\Users\Advait\Desktop\Evernote.lnk
2015-04-25 18:40 - 2015-04-25 18:40 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evernote
2015-04-25 18:18 - 2015-05-01 11:05 - 00000000 ____D () C:\Users\Advait\Documents\_Mahita Movies
2015-04-19 19:26 - 2015-04-19 19:26 - 00000218 _____ () C:\Users\Advait\AppData\Local\recently-used.xbel
2015-04-15 10:00 - 2015-04-02 05:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 10:00 - 2015-04-02 05:19 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 10:00 - 2015-03-13 09:55 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 10:00 - 2015-03-13 09:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:00 - 2015-03-13 09:39 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 10:00 - 2015-03-13 09:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:00 - 2015-03-13 09:37 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 10:00 - 2015-03-13 09:30 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 10:00 - 2015-03-13 09:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 10:00 - 2015-03-13 09:25 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 10:00 - 2015-03-13 09:24 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 10:00 - 2015-03-13 09:24 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:00 - 2015-03-13 09:14 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:00 - 2015-03-13 09:12 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 10:00 - 2015-03-13 09:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 10:00 - 2015-03-13 09:10 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 10:00 - 2015-03-13 09:02 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:00 - 2015-03-13 08:58 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 10:00 - 2015-03-13 08:58 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 10:00 - 2015-03-13 08:57 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 10:00 - 2015-03-13 08:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 10:00 - 2015-03-13 08:56 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 10:00 - 2015-03-13 08:53 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 10:00 - 2015-03-13 08:52 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 10:00 - 2015-03-13 08:50 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 10:00 - 2015-03-13 08:50 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 10:00 - 2015-03-13 08:47 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 10:00 - 2015-03-13 08:46 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 10:00 - 2015-03-13 08:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 10:00 - 2015-03-13 08:38 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 10:00 - 2015-03-13 08:37 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 10:00 - 2015-03-13 08:36 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 10:00 - 2015-03-13 08:35 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 10:00 - 2015-03-13 08:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:00 - 2015-03-13 08:27 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 10:00 - 2015-03-13 08:26 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 10:00 - 2015-03-13 08:24 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 10:00 - 2015-03-13 08:19 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 10:00 - 2015-03-13 08:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 10:00 - 2015-03-13 08:13 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 10:00 - 2015-03-13 08:12 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 10:00 - 2015-03-13 08:04 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 10:00 - 2015-03-13 08:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 10:00 - 2015-03-13 07:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 10:00 - 2015-03-13 07:50 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 10:00 - 2015-03-13 07:46 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 10:00 - 2015-03-13 07:44 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 09:59 - 2015-03-13 10:02 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:59 - 2015-03-13 09:38 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:59 - 2015-03-13 09:38 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:59 - 2015-03-13 09:36 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:59 - 2015-03-13 09:23 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:59 - 2015-03-13 09:20 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:59 - 2015-03-13 08:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:59 - 2015-03-13 08:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:59 - 2015-03-13 08:35 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:59 - 2015-03-13 08:30 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:59 - 2015-03-13 08:15 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:53 - 2015-03-25 08:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:53 - 2015-03-25 08:53 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:53 - 2015-03-25 08:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:53 - 2015-03-25 08:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:53 - 2015-03-25 08:30 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 09:53 - 2015-03-25 08:30 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 09:53 - 2015-03-25 08:30 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 09:53 - 2015-03-25 08:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 09:53 - 2015-03-25 08:30 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 09:50 - 2015-03-23 08:55 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:50 - 2015-03-23 08:55 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:50 - 2015-03-23 08:54 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:50 - 2015-03-23 08:54 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:50 - 2015-03-23 08:54 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:50 - 2015-03-23 08:54 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:50 - 2015-03-23 08:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:50 - 2015-03-23 08:47 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:50 - 2015-03-17 10:52 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:50 - 2015-03-17 10:52 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:50 - 2015-03-17 10:52 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:50 - 2015-03-17 10:49 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:50 - 2015-03-17 10:47 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 09:50 - 2015-03-17 10:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 09:50 - 2015-03-17 10:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:50 - 2015-03-17 10:46 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:50 - 2015-03-17 10:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:50 - 2015-03-17 10:46 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 09:50 - 2015-03-17 10:45 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 09:50 - 2015-03-17 10:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:50 - 2015-03-17 10:45 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:50 - 2015-03-17 10:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:50 - 2015-03-17 10:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:31 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 09:50 - 2015-03-17 10:31 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 09:50 - 2015-03-17 10:29 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 09:50 - 2015-03-17 10:27 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 09:50 - 2015-03-17 10:26 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 09:50 - 2015-03-17 10:26 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 09:50 - 2015-03-17 10:26 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 09:50 - 2015-03-17 10:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 09:50 - 2015-03-17 10:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 09:50 - 2015-03-17 10:26 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 09:50 - 2015-03-17 10:26 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 09:50 - 2015-03-17 10:23 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 09:50 - 2015-03-17 10:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 10:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 09:15 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 09:50 - 2015-03-17 09:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 09:50 - 2015-03-17 09:13 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 09:13 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 09:13 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:50 - 2015-03-17 09:13 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:48 - 2015-03-10 08:55 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:48 - 2015-03-10 08:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:48 - 2015-03-10 08:38 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 09:48 - 2015-03-10 08:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 09:48 - 2015-03-05 10:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:48 - 2015-03-05 09:35 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 09:48 - 2015-03-04 10:25 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:48 - 2015-03-04 10:11 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:48 - 2015-03-04 09:40 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 09:48 - 2015-02-25 08:48 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-13 07:18 - 2015-04-13 07:18 - 00001500 _____ () C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-04-13 07:18 - 2015-04-13 07:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-04-13 07:16 - 2015-04-13 07:18 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2015-04-12 05:52 - 2015-04-12 05:52 - 00001760 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-12 05:52 - 2015-04-12 05:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-12 05:50 - 2015-04-12 05:50 - 00000000 ____D () C:\Program Files\iPod
2015-04-12 05:50 - 2015-04-12 05:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-12 05:49 - 2015-04-12 05:52 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-12 05:49 - 2015-04-12 05:52 - 00000000 ____D () C:\Program Files\iTunes
2015-04-11 11:26 - 2015-04-11 11:26 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk
2015-04-11 11:25 - 2015-04-11 11:26 - 00000000 ____D () C:\Users\Admin 2 for switch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2015-04-11 11:25 - 2015-04-11 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2015-04-11 08:02 - 2015-04-11 08:02 - 00000000 ____D () C:\Users\Advait\Documents\N5, Xfer to N5
2015-04-10 11:21 - 2015-04-10 11:21 - 00001029 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-10 11:11 - 2015-04-10 11:11 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\MPC-HC
2015-04-10 11:09 - 2015-04-10 11:09 - 00001709 _____ () C:\Users\Public\Desktop\MPC-HC x64.lnk
2015-04-10 11:09 - 2015-04-10 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2015-04-10 11:09 - 2015-04-10 11:09 - 00000000 ____D () C:\Program Files\MPC-HC
2015-04-07 16:00 - 2015-04-07 16:00 - 00000000 ____D () C:\Users\Advait\Netcast
2015-04-07 10:12 - 2015-04-07 10:12 - 00000000 __SHD () C:\Users\Admin 2 for switch\AppData\Local\EmieUserList
2015-04-07 10:12 - 2015-04-07 10:12 - 00000000 __SHD () C:\Users\Admin 2 for switch\AppData\Local\EmieSiteList
2015-04-07 10:12 - 2015-04-07 10:12 - 00000000 __SHD () C:\Users\Admin 2 for switch\AppData\Local\EmieBrowserModeList
2015-04-07 10:07 - 2015-04-07 10:07 - 00000000 ____D () C:\Users\Advait\mobogenieP2sp
2015-04-07 09:03 - 2015-04-07 10:09 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\Mobogenie
2015-04-07 08:03 - 2015-04-07 08:04 - 00000000 ____D () C:\Users\Admin 2 for switch\AppData\Roaming\Mobogenie
2015-04-07 08:03 - 2015-04-07 08:03 - 00000000 ____D () C:\Users\Public\Documents\GenieSoft
2015-04-07 08:02 - 2015-04-07 10:13 - 00000000 ____D () C:\Users\Admin 2 for switch\Documents\Mobogenie
2015-04-07 08:02 - 2015-04-07 10:13 - 00000000 ____D () C:\Program Files (x86)\Mobogenie3
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 15:13 - 2013-08-21 08:12 - 00000000 ____D () C:\Users\Advait\Documents\_dwld files to be processed
2015-05-06 15:11 - 2010-01-18 04:01 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 14:53 - 2010-01-18 03:56 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1000UA.job
2015-05-06 14:29 - 2012-11-26 08:02 - 00000960 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1007UA.job
2015-05-06 13:39 - 2009-11-19 00:49 - 01497755 _____ () C:\Windows\WindowsUpdate.log
2015-05-06 13:04 - 2012-11-14 08:50 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\Audacity
2015-05-06 12:34 - 2014-06-02 17:35 - 00110220 _____ () C:\Windows\setupact.log
2015-05-06 11:48 - 2015-01-17 16:26 - 00000000 ____D () C:\Program Files (x86)\Mblaze_Home
2015-05-06 11:04 - 2009-07-14 10:15 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-06 11:04 - 2009-07-14 10:15 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-06 10:55 - 2010-01-18 04:01 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-06 10:52 - 2009-07-14 10:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-06 09:12 - 2014-06-27 15:40 - 00036017 _____ () C:\Users\Advait\Desktop\scratch pad.txt
2015-05-06 09:05 - 2010-02-02 01:35 - 00000000 ____D () C:\Users\Advait\AppData\Local\CutePDF Writer
2015-05-06 08:58 - 2014-01-22 16:38 - 00003578 _____ () C:\Windows\Sandboxie.ini
2015-05-06 08:22 - 2012-12-25 10:53 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\MediaMonkey
2015-05-05 18:53 - 2010-01-18 03:56 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1000Core.job
2015-05-05 18:29 - 2012-11-26 08:02 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1007Core.job
2015-05-05 16:54 - 2009-07-14 10:43 - 00786662 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-05 16:49 - 2010-01-17 06:12 - 00000000 ____D () C:\Users\Advait\Documents\Misc Docs
2015-05-05 09:11 - 2015-01-06 19:33 - 00000000 ____D () C:\ProgramData\Unified Remote
2015-05-04 19:02 - 2012-06-23 07:00 - 00003998 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{073A47D5-0910-49EF-A958-488414CB55C6}
2015-05-04 15:39 - 2015-02-15 18:17 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\Electrum
2015-05-04 15:38 - 2015-02-15 18:15 - 00000970 _____ () C:\Users\Admin 2 for switch\Desktop\Electrum.lnk
2015-05-04 15:38 - 2015-02-15 18:15 - 00000000 ____D () C:\Program Files (x86)\Electrum
2015-05-04 13:34 - 2013-08-25 07:36 - 00000000 ____D () C:\Users\Advait\AppData\Local\CrashDumps
2015-05-04 07:26 - 2012-10-29 07:44 - 00000000 ____D () C:\Users\Advait\Documents\Fun Misc
2015-05-04 07:06 - 2010-01-15 05:37 - 00000000 ____D () C:\Windows\Minidump
2015-05-03 18:10 - 2010-01-19 21:22 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\Mp3tag
2015-05-03 12:02 - 2012-07-22 14:01 - 00000000 ____D () C:\Windows\PCHEALTH
2015-05-01 16:38 - 2015-02-06 16:53 - 00044217 _____ () C:\Users\Advait\Desktop\Scratch pad.odt
2015-05-01 15:15 - 2010-01-17 03:21 - 00000000 ____D () C:\Users\Advait\Documents\Sanatana Dharma Misc
2015-05-01 09:02 - 2013-07-29 19:11 - 00000000 ____D () C:\Users\Advait\Documents\My Ebooks, Calibre Library
2015-05-01 07:47 - 2015-02-27 08:08 - 00000000 ____D () C:\Users\Admin 2 for switch\AppData\Roaming\Darkcoin
2015-04-30 16:15 - 2015-01-17 16:27 - 00002150 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 08:34 - 2015-01-06 19:33 - 00001077 _____ () C:\Users\Public\Desktop\Unified Remote.lnk
2015-04-30 08:34 - 2015-01-06 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3.0
2015-04-30 08:34 - 2015-01-06 19:33 - 00000000 ____D () C:\Program Files (x86)\Unified Remote 3.0
2015-04-30 08:23 - 2013-07-08 17:33 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-04-30 08:23 - 2010-02-23 04:32 - 00000632 __RSH () C:\Users\Advait\ntuser.pol
2015-04-30 08:23 - 2010-01-14 04:30 - 00000000 ____D () C:\Users\Advait
2015-04-29 18:39 - 2014-04-09 07:45 - 00000000 ____D () C:\Users\Admin 2 for switch\AppData\Roaming\Audacity
2015-04-29 18:38 - 2010-01-18 07:57 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-04-29 18:37 - 2010-01-18 07:58 - 00000982 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-04-28 18:11 - 2012-06-02 16:09 - 00000000 ____D () C:\Users\Admin 2 for switch\AppData\Roaming\DVDVideoSoft
2015-04-27 07:19 - 2010-01-14 07:11 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2015-04-26 19:25 - 2012-06-25 13:58 - 00000000 ____D () C:\Users\Admin 2 for switch\AppData\Roaming\Mozilla
2015-04-25 18:50 - 2012-05-19 21:26 - 00000000 ____D () C:\Users\Admin 2 for switch
2015-04-24 11:50 - 2015-01-06 19:33 - 00025592 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\uvhid.sys
2015-04-24 11:49 - 2015-01-06 19:33 - 00007680 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2015-04-21 04:08 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\AppCompat
2015-04-19 06:03 - 2010-04-24 11:04 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-19 06:02 - 2015-03-28 06:01 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-16 08:48 - 2010-01-14 07:25 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\Skype
2015-04-15 16:51 - 2013-07-23 08:51 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\vlc
2015-04-15 15:47 - 2010-01-17 04:15 - 00000000 ____D () C:\Users\Advait\Documents\Documents on Advait's Old Treo Pro
2015-04-15 11:00 - 2010-02-19 06:53 - 00779276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 10:35 - 2014-12-10 17:47 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 10:35 - 2014-04-30 07:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 10:35 - 2009-07-14 08:50 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 10:34 - 2009-11-07 08:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 10:32 - 2013-07-10 15:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 10:09 - 2010-01-14 05:19 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 18:58 - 2012-06-02 16:12 - 00115640 _____ () C:\Users\Admin 2 for switch\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-13 07:24 - 2010-01-14 04:31 - 00115640 _____ () C:\Users\Advait\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-13 07:22 - 2009-07-14 10:15 - 00447560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-12 05:50 - 2010-01-15 01:38 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-11 11:26 - 2010-02-01 06:01 - 00000000 ____D () C:\Program Files (x86)\LastPass
2015-04-10 20:02 - 2015-03-25 19:51 - 00000000 ____D () C:\Users\Advait\AppData\Local\RippleClient
2015-04-10 18:27 - 2015-03-28 07:31 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\MultiDoge
2015-04-08 18:13 - 2014-02-25 18:06 - 00000000 ____D () C:\Users\Advait\Documents\N5 man bu, archived
2015-04-08 06:41 - 2015-02-27 13:35 - 00000000 ____D () C:\Users\Advait\AppData\Roaming\Darkcoin
2015-04-07 10:12 - 2012-06-02 16:12 - 00000000 ____D () C:\Users\Admin 2 for switch\AppData\Local\Google
==================== Files in the root of some directories =======
2015-04-11 11:26 - 2015-04-11 11:26 - 14283832 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-09-13 16:46 - 2013-09-13 16:46 - 0000218 _____ () C:\Users\Admin 2 for switch\AppData\Local\recently-used.xbel
2013-03-04 08:39 - 2014-12-17 07:16 - 0007623 _____ () C:\Users\Admin 2 for switch\AppData\Local\Resmon.ResmonCfg
2013-12-19 08:30 - 2013-12-19 08:30 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-11-07 09:14 - 2009-11-07 09:16 - 0008415 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-01-14 07:37 - 2010-01-14 07:37 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-07-13 20:03 - 2011-07-13 20:03 - 0000091 _____ () C:\ProgramData\PS.log
Files to move or delete:
====================
C:\Users\Advait\IP_Log_Data.js
C:\Users\Advait\Network_Meter_Data.js
Some content of TEMP:
====================
C:\Users\Admin 2 for switch\AppData\Local\Temp\7z.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\cygiconv-2.dll
C:\Users\Admin 2 for switch\AppData\Local\Temp\cygintl-8.dll
C:\Users\Admin 2 for switch\AppData\Local\Temp\cygwin1.dll
C:\Users\Admin 2 for switch\AppData\Local\Temp\dtkill.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\Executor.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\md5sum.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\MyRouter.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\npp.6.4.3.Installer.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\un17396.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\un27374.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Admin 2 for switch\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Advait\AppData\Local\Temp\Checkupdate.exe
C:\Users\Advait\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbo4b3k.dll
C:\Users\Advait\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Advait\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Advait\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Advait\AppData\Local\Temp\jna1340698543165834466.dll
C:\Users\Advait\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Advait\AppData\Local\Temp\npp.6.6.9.Installer.exe
C:\Users\Advait\AppData\Local\Temp\npp.6.7.5.Installer.exe
C:\Users\Advait\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Advait\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Advait\AppData\Local\Temp\vlc-2.1.5-win32.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\IconCodecService.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-04 19:58
==================== End Of Log ============================
-------------end frst-----------------
--------------------addition.txt--------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015
Ran by Admin 2 for switch at 2015-05-06 15:17:45
Running from C:\Users\Advait\Documents\Farbar FRST scanner
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin 2 for switch (S-1-5-21-321482684-1703469-3941775667-1007 - Administrator - Enabled) => C:\Users\Admin 2 for switch
Administrator (S-1-5-21-321482684-1703469-3941775667-500 - Administrator - Disabled)
Advait (S-1-5-21-321482684-1703469-3941775667-1000 - Limited - Enabled) => C:\Users\Advait
Guest (S-1-5-21-321482684-1703469-3941775667-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-321482684-1703469-3941775667-1002 - Limited - Enabled)
Standard User Accoun (S-1-5-21-321482684-1703469-3941775667-1006 - Limited - Enabled) => C:\Users\Standard User Accoun
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Assist (HKLM-x32\...\Acer Assist) (Version: - Acer Incorporated)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.5.3 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3006 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3006 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.02.0804 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Amazon MP3 Downloader 1.0.10 (HKLM-x32\...\Amazon MP3 Downloader) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audio Notes (HKLM-x32\...\Audio Notes) (Version: - )
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 3.5.0.0 - Auslogics Labs Pty Ltd)
Auslogics System Information (HKLM-x32\...\{AF5A39FE-51FB-4BA3-B399-2D1F0C65D617}_is1) (Version: version 1.5 - Auslogics Software Pty Ltd)
AutoRun Disable by Endpoint Protector (HKLM-x32\...\{553CB6F4-CE15-4C37-A624-AF14667B8006}) (Version: 1.0.06 - CoSoSys Ltd.)
AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB)
Bitcoin (HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Bitcoin) (Version: 0.3.20 - Bitcoin project)
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
calibre 64bit (HKLM\...\{C30715AA-E41F-4B8E-BA9E-4C455FB22DD4}) (Version: 2.4.0 - Kovid Goyal)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Casper 7.0 (HKLM\...\{467B36C7-C3B1-40CA-824D-C564F54E3F03}) (Version: 7.0.2754 - Future Systems Solutions, Inc.)
Casper 7.0 Startup Disk Creator (HKLM-x32\...\Casper 7.0 Startup Disk Creator 7.0.2600) (Version: 7.0.2600 - Future Systems Solutions, Inc.)
Casper 7.0 Startup Disk Creator (x32 Version: 7.0.2600 - Future Systems Solutions, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Cheetah Sync (HKLM-x32\...\{0600EEDA-11EA-4588-81F3-8F1D89FC83DE}) (Version: 1.5.1 - JRT Studio)
CompanionLink (HKLM-x32\...\{506EA5AF-B1FF-4340-AFC5-7A3EAC61737F}) (Version: 6.00.6000 - CompanionLink Software, Inc.)
Connectify 2015 (HKLM\...\Connectify) (Version: 2015.0.1.34332 - Connectify)
Cool Timer 3.6 (HKLM-x32\...\Cool Timer_is1) (Version: - )
CryptoPrevent v6.0.2 (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
CVE-2012-1889 (HKLM\...\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{29447369-6968-4e86-a208-603f6f0771a6}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{393ffabe-5a1a-43b3-8e03-8f573e1e0d01}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{7d32ab1f-1858-4373-a75a-b7cd8feb5d92}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{f300e352-12de-4e7f-ace3-a376874402b6}.sdb) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darkcoin Core (32-bit) (HKU\S-1-5-21-321482684-1703469-3941775667-1007\...\Darkcoin Core (32-bit)) (Version: 0.11.1 - Darkcoin Core project)
Direct MP3 Joiner version 3.0.2.9 (HKLM-x32\...\Direct MP3 Joiner_is1) (Version: 3.0.2.9 - Piston Software)
Dropbox (HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EaseUS Partition Master 10.1 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EMET (HKLM-x32\...\{002E4E18-D227-4053-AEEB-84C12F954C93}) (Version: 2.0.0.2 - Microsoft)
Eraser 6.0.9.2343 (HKLM\...\{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}) (Version: 6.0.2343 - The Eraser Project)
Evernote v. 5.8.5 (HKLM-x32\...\{5EDC25EC-D966-11E4-9E5C-00163E98E7D6}) (Version: 5.8.5.7193 - Evernote Corp.)
FanFictionDownloader version 0.8.8 (HKLM-x32\...\{1D868954-1083-4BBA-8379-C7A9B2705CBA}_is1) (Version: 0.8.8 - Raimond Eisele)
FastStone Photo Resizer 3.1 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.1 - FastStone Soft.)
Folder Size 2.0.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}}_is1) (Version: 2.0.0.0 - MindGems, Inc.)
FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
FreeFileSync 6.8 (HKLM-x32\...\FreeFileSync) (Version: 6.8 - Zenju)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google SketchUp 8 (HKLM-x32\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
HP Deskjet 1510 series Basic Device Software (HKLM\...\{7D3BA8DC-91DF-4310-B5D5-DDEFE685B668}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - )
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Karen's Replicator (HKLM-x32\...\Karen's Replicator) (Version: 3.6.0.8 - Karen Kenworthy)
L&H TTS3000 British English (HKLM-x32\...\LHTTSENG) (Version: - )
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
LastPass (uninstall only) (HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\LastPass) (Version: - LastPass)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
LibreOffice 4.4.2.2 (HKLM-x32\...\{99A395EF-A310-40BB-B7A3-E3FF07CC38FC}) (Version: 4.4.2.2 - The Document Foundation)
Logitech Desktop Messenger (HKLM-x32\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.56.102 - Logitech, Inc.)
Logitech Updater (HKLM-x32\...\{53735ECE-E461-4FD0-B742-23A352436D3A}) (Version: 1.70 - Logitech, Inc.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Logitech Z-5 (HKLM-x32\...\{C314AD4A-1715-40DD-9C20-04EF3D22598B}) (Version: 1.0.0 - Logitech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00E0-0000-0000-0000000FF1CE}_OUTLOOKSTD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Outlook 2007 (HKLM-x32\...\OUTLOOKSTD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SAPI 5.1 English Voices for 2nd Speech Center (HKLM-x32\...\{204A93F8-DAF2-4934-A2EA-5F4FFBDFDD10}) (Version: 5.1 - Zero2000.com)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.22.00.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.53 (HKLM-x32\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiDoge 0.1.4 (HKLM-x32\...\MultiDoge 0.1.4) (Version: 0.1.4 - )
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
NetWorx 5.2.7 (HKLM\...\NetWorx_is1) (Version: - Softperfect Research)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
Oracle VM VirtualBox 4.1.18 (HKLM\...\{4EE61784-10C6-4B7C-A0B2-5BED17B05741}) (Version: 4.1.18 - Oracle Corporation)
Path Copy Copy 2.1 (HKLM\...\{3C01F274-867C-4D1D-BE8C-CB488C31B0C9}_is1) (Version: - Charles Lechasseur)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.0 - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{A1AB5398-D117-4B66-8754-732397E85022}) (Version: 32.1.145.46951 - Hewlett-Packard Co.)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Reliance Netconnect - Broadband+ (HKLM\...\ZTEWireless-101_is1) (Version: - )
RemoteComms External Disk Access (HKLM-x32\...\{04FCD5DE-1662-4F99-BDA9-C57212113EF2}) (Version: 1.25.0003 - PLX Technology)
Resco Explorer (HKLM-x32\...\Resco Explorer) (Version: - )
Sandboxie 4.16 (64-bit) (HKLM\...\Sandboxie) (Version: 4.16 - Sandboxie Holdings, LLC)
Secunia PSI (HKLM-x32\...\Secunia PSI) (Version: - )
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Defrag 2 (HKLM-x32\...\Smart Defrag 2_is1) (Version: 2.3 - IObit)
Sophos Free Encryption 2.40.1 (HKLM-x32\...\{64C13A35-B44C-47E5-88DC-0916FCE1E7C1}) (Version: 2.40.1.1 - Sophos)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.3 - Sophos Limited)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Taggtool Desktop (HKLM\...\{C735AAD2-9D49-491A-96ED-C41B7DCFCB20}) (Version: 4.1.1 - Taggtool)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.0.9104 - TeamViewer GmbH)
TextAloud 3.0 (HKLM-x32\...\TextAloud3_is1) (Version: 3.0 - NextUp.com)
TheTravelCollection (HKLM-x32\...\TheTravelCollection) (Version: - )
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.2.5 - Unified Intents AB)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-00E0-0000-0000-0000000FF1CE}_OUTLOOKSTD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Winamp Detector Plug-in (HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Updates Downloader (HKLM-x32\...\Windows Updates Downloader) (Version: 2.50 Build 1002 - Supremus Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{53B2AC1B-7B81-47FC-8D3B-595CDE21D0BA}\InprocServer32 -> C:\Users\Advait\AppData\Local\Apps\Evernote\Evernote\EvernoteCCx64.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\Advait\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{BD6BEEE8-64CE-4814-B319-990645883E89}\InprocServer32 -> C:\Users\Advait\AppData\Local\Apps\Evernote\Evernote\EvernoteOLx64.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Advait\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Advait\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-321482684-1703469-3941775667-1007_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Admin 2 for switch\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-18 23:25 - 2014-10-05 19:57 - 00000898 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0FEE67CE-63D9-4490-9902-CC0A1FE06B00} - System32\Tasks\{0D9C49EE-EA3D-4752-846B-FD8974E4A380} => pcalua.exe -a "C:\Users\Advait\Documents\Downloads\Dwld TTS\spchapi.EXE" -d "C:\Users\Advait\Documents\Downloads\Dwld TTS"
Task: {115BC57A-0B1E-4AD0-8B3B-92447F04B29E} - System32\Tasks\{82D67DEF-561B-456A-92EC-5BB5255B5D5D} => pcalua.exe -a "C:\Users\Advait\Documents\Dwld Exes Media\install_flash_player.exe" -d "C:\Users\Advait\Documents\Dwld Exes Media"
Task: {1CA663DA-B4F9-4502-9C36-8BCC871CC565} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {22DEB8B5-C611-4320-A788-C691A7F43141} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1007UA => C:\Users\Admin 2 for switch\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-26] (Google Inc.)
Task: {2367C4D9-51EF-43C6-AEC4-04BF3D34B17A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1000UA => C:\Users\Advait\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {2A728321-F5C3-4DC9-B3FD-427F5F330D8F} - System32\Tasks\{04F2FA3F-4FD3-41AE-93FB-9B77C34BA147} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {45A92B9B-EC19-47BD-93DF-DDAE46779F8C} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {5DC6DBDC-49EC-42C1-AA88-9B4F8F714EBB} - System32\Tasks\{66A4BFB0-A56C-4656-9F67-9531BC560B16} => pcalua.exe -a "C:\Users\Advait\Documents\Downloads\Dwld TTS\SpchCpl.exe" -d "C:\Users\Advait\Documents\Downloads\Dwld TTS"
Task: {604028CB-42D7-470A-B7C0-D132F2E7978B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {6E004495-BFDE-4228-9422-E6CE6474BB4A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {80230AEB-5CF8-4A21-B951-605CF1E76453} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-31] (Symantec Corporation)
Task: {84E5E350-E53E-42FC-A4E4-F55C98BEC526} - System32\Tasks\{2D9C49CD-6E84-4FD1-99C7-230BEEABD781} => pcalua.exe -a "C:\Users\Advait\Documents\Dwld Exes Security\lastpass_x64.exe" -d "C:\Users\Advait\Documents\Dwld Exes Security"
Task: {869BF78D-9BF5-4282-8F05-011FEA5B680E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {8E40A12D-3EA9-4F2D-9449-885B5BCE4F14} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {94CC50E0-47FB-498E-8992-646FE7EE5D65} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {9CD7F8CC-6D5E-4D54-BC45-3D4765CEA915} - System32\Tasks\hpUtility.exe_{520AD80F-A387-4AAF-953A-3895368B5905} => C:\Program Files\HP\HP Deskjet 1510 series\Bin\utils\hpUtility.exe [2013-11-29] (Hewlett-Packard Co.)
Task: {A1520FC0-32C6-4DB9-AC60-DAA78F6E7A22} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2013-11-29] (Hewlett-Packard Co.)
Task: {BAE884AF-14AC-426D-BB8E-744E1E6232F2} - System32\Tasks\{303DDC5D-7478-4701-957C-5B4B7611822F} => pcalua.exe -a "C:\ProgramData\VMware\VMware Player\Uninstaller\uninstall.exe" -c -x
Task: {BB80B387-5460-43B1-B08E-24096C57559F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1007Core => C:\Users\Admin 2 for switch\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-26] (Google Inc.)
Task: {BB920056-0416-426D-8F59-E36D78868619} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-11-22] ()
Task: {BE876BC4-49AC-4720-8022-36C4D5C085F9} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {CA4929DF-29DE-4B66-A655-51F19B105FBF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1000Core => C:\Users\Advait\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {CF38099C-9745-4197-84FE-68581AB67233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {D488DDD7-9311-4CED-8BA7-B18AA93533F6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D6797056-2B5E-4CB5-B006-BEFF4C9105AA} - System32\Tasks\Future Systems Solutions\Casper\Casper 7.0 Update Notification Task => C:\Program Files\Future Systems Solutions\Casper 7.0\CASPER.EXE [2014-01-25] (Future Systems Solutions, Inc.)
Task: {E2CFCB43-BEF6-432F-80C7-99EC34A234CF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {EB4C17B6-623C-41AA-9AEE-871F97100CF1} - System32\Tasks\{3B08649E-F227-4593-AB89-AF9AC15E4F70} => pcalua.exe -a "C:\Users\Advait\Documents\Dwld Exes Security\lastpass.exe" -d "C:\Users\Advait\Documents\Dwld Exes Security"
Task: {F9F0867A-D650-4679-A1DC-0EAD52DFBA17} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1000Core.job => C:\Users\Advait\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1000UA.job => C:\Users\Advait\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1007Core.job => C:\Users\Admin 2 for switch\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-321482684-1703469-3941775667-1007UA.job => C:\Users\Admin 2 for switch\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2010-01-19 06:07 - 2009-11-05 19:10 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-25 17:02 - 2013-07-23 09:17 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2010-11-27 15:09 - 2010-05-14 14:33 - 00403456 _____ () C:\Program Files\Reliance Netconnect - Broadband+\bin\MonServiceUDisk.exe
2010-01-30 02:53 - 2010-01-10 09:13 - 00200704 _____ () C:\Program Files\Path Copy Copy\PCC64.dll
2014-09-16 17:39 - 2013-12-17 11:59 - 03526240 _____ () C:\Program Files (x86)\TextAloud\TAContextMenu64.dll
2014-05-12 15:19 - 2014-05-12 15:19 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-01-17 16:26 - 2014-11-28 12:04 - 00454656 _____ () C:\Program Files (x86)\Mblaze_Home\CheckNDISPort.exe
2013-05-14 16:27 - 2012-12-24 11:49 - 00111616 _____ () C:\Apache24\bin\pcre.dll
2013-08-21 08:41 - 2009-12-23 17:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2010-01-18 06:15 - 2010-09-09 03:24 - 00034816 _____ () C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
2008-04-24 22:05 - 2008-04-24 22:05 - 00249856 _____ () C:\Program Files (x86)\Logitech\Z-5 Speakers\wxmsw28u_skin_vc_custom.dll
2008-05-31 03:06 - 2008-05-31 03:06 - 00144656 _____ () C:\Program Files (x86)\Logitech\Z-5 Speakers\LMPMdllExport.dll
2015-01-17 16:26 - 2014-11-28 12:03 - 00335872 _____ () C:\Program Files (x86)\Mblaze_Home\Helper.dll
2015-01-17 16:26 - 2014-04-03 08:18 - 00971776 _____ () C:\Program Files (x86)\Mblaze_Home\libxml2.dll
2015-01-17 16:26 - 2014-04-03 08:18 - 00073728 _____ () C:\Program Files (x86)\Mblaze_Home\zlib1.dll
2015-01-17 16:26 - 2014-04-03 08:18 - 00290904 _____ () C:\Program Files (x86)\Mblaze_Home\libxslt.dll
2015-01-17 16:26 - 2014-11-28 12:04 - 00851968 _____ () C:\Program Files (x86)\Mblaze_Home\Runtime.dll
2015-01-17 16:26 - 2014-11-28 12:03 - 00026624 _____ () C:\Program Files (x86)\Mblaze_Home\Threading.dll
2015-04-30 16:14 - 2015-04-28 07:37 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 16:14 - 2015-04-28 07:37 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\93707840.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\93707840.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\grc.com -> hxxps://www.grc.com
IE trusted site: HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\mozilla.com -> hxxps://www.mozilla.com
IE trusted site: HKU\S-1-5-21-321482684-1703469-3941775667-1000\...\secunia.com -> hxxps://psi.secunia.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-321482684-1703469-3941775667-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-321482684-1703469-3941775667-1007\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer5 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk => C:\Windows\pss\Logitech Desktop Messenger.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Taggtool.lnk => C:\Windows\pss\Taggtool.lnk.CommonStartup
MSCONFIG\startupreg: Acer Assist Launcher => C:\Program Files (x86)\Acer\Acer Assist\launcher.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files (x86)\Connectify\Connectify.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: Easy Sync => C:\Program Files (x86)\Pocket Wizards\Easy Sync\Easy Sync.exe
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KSS => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: lxczbmgr.exe => "C:\Program Files (x86)\Lexmark 1200 Series\lxczbmgr.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NetLimiter => C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: PLFSetI => C:\Windows\PLFSetI.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: Rohos => C:\Program Files (x86)\Rohos\agent.exe
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Admin 2 for switch\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: VMware hqtray => "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{BEC67F59-159C-44F1-B497-27EC8031005A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{FFFB0FB0-F1EF-4566-8942-8E59902A8B58}] => (Allow) svchost.exe
FirewallRules: [{07127C18-C2E0-4955-8808-3E9CE9C39690}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C07194AF-39EC-4E84-A26C-BD86805A9337}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4BF353B0-04CF-4ACF-9BD2-9673D5E014B2}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{2C4A7039-C8C0-4697-9DF1-569D095B4593}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{991A3BB4-7CA7-4B09-9DAA-B0B5E8F51DEB}] => (Allow) LPort=26675
FirewallRules: [{35B569E5-7333-47BF-AD7D-9CCCD7329B87}] => (Allow) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
FirewallRules: [{2F29D5A8-F199-4409-92E2-F27E24A8F337}] => (Allow) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
FirewallRules: [{6E3BFF02-55E3-4403-9779-3271860E4914}] => (Allow) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
FirewallRules: [{1794AFF5-2AA4-4200-A122-B2648D2A9F4F}] => (Allow) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
FirewallRules: [TCP Query User{9DDD8F28-D1AD-4A1B-9D01-DDE3720EEA58}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe] => (Block) C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe
FirewallRules: [UDP Query User{3D358F83-3B95-4FF0-8D5B-18D996062953}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe] => (Block) C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe
FirewallRules: [{D3526E83-066F-45FB-ADEB-587CBD4CAB99}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{737114D7-CCB5-4C3E-8218-B7E633C6B441}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{A18EC516-762C-458C-9095-546773E47B45}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{866C381A-B01F-47A0-848E-FB517C9660C4}C:\program files (x86)\sprite software\sprite backup\spriteservice.exe] => (Allow) C:\program files (x86)\sprite software\sprite backup\spriteservice.exe
FirewallRules: [UDP Query User{50F956E7-BB28-4F70-A3F5-4F496AD4CC3D}C:\program files (x86)\sprite software\sprite backup\spriteservice.exe] => (Allow) C:\program files (x86)\sprite software\sprite backup\spriteservice.exe
FirewallRules: [{5C609708-FB97-407A-A34D-A5B67403DDB6}] => (Block) C:\program files (x86)\sprite software\sprite backup\spriteservice.exe
FirewallRules: [{C0FD3AD4-E4C1-4BD3-AF1F-E8362722E58E}] => (Block) C:\program files (x86)\sprite software\sprite backup\spriteservice.exe
FirewallRules: [{A7F567BF-5AA9-4DA2-9198-4A6A4CBB4873}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{EA4BFA7E-692A-46FA-A89E-80EA74B2D7A2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer.exe
FirewallRules: [{557C827A-EF15-4931-BAED-59DE94C56BDE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{33D24E72-C2C0-4044-BE59-715ADD2B5FC4}] => (Allow) LPort=2869
FirewallRules: [{7839E61B-BAAF-4B0A-89AD-C3C576472786}] => (Allow) LPort=1900
FirewallRules: [{86247AAA-0811-4696-9488-F0A127C222D0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{8C1FC204-6558-4819-80F1-17E7F3CA856C}C:\program files (x86)\bitcoin\bitcoin.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin.exe
FirewallRules: [UDP Query User{DF63D1E5-0B0C-4C6C-89BD-8C3BBFEA9A89}C:\program files (x86)\bitcoin\bitcoin.exe] => (Allow) C:\program files (x86)\bitcoin\bitcoin.exe
FirewallRules: [{5A2464EC-36BC-4374-9023-4003DC2D81EB}] => (Allow) C:\Users\Advait\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{4D4E39A3-D5C3-4DAC-9160-8F0B6361F51C}] => (Allow) C:\Users\Advait\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{D482581D-D03A-40E2-BD0B-16844A39BF3B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{119954CB-C3B0-4C57-A3D9-ED2A5FA915C1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{09C69F85-749C-4043-AB7E-B6CC9E0874F9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CA2A0F2F-8BB3-4D61-8594-33D21F5D6B08}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{785D1285-F4B7-4CAA-832C-3D7A091EFB66}] => (Allow) C:\Users\Admin 2 for switch\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{B6E90437-1572-4843-8E58-85A4A149DFD9}] => (Allow) C:\Users\Admin 2 for switch\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{0D0809CB-2528-453F-94E6-2192FAAB728D}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [UDP Query User{4E6F6027-2682-47AF-89C1-5EFEAF906DDB}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe
FirewallRules: [{8AFC68A4-5C86-4B84-B6C6-04D7379F5AA8}] => (Block) C:\apache24\bin\httpd.exe
FirewallRules: [{46799911-D3AC-4F4E-AC2C-BFAD7D9B859D}] => (Block) C:\apache24\bin\httpd.exe
FirewallRules: [{74A89696-DD74-4DFA-81AF-B31174999295}] => (Allow) C:\Users\Advait\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{620BA49B-51BB-4014-B7CF-7C95DDE828A8}] => (Allow) C:\Users\Advait\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{02D6BE9A-6B13-4EED-B231-611E51B1DEB2}] => (Allow) C:\Users\Advait\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{175A84A8-C04D-40F9-B8F1-C298C0FF975D}] => (Allow) C:\Users\Advait\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A7E6EB6D-1365-4E81-BFB8-664AB2B368BE}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{C21AAFF0-91FF-4386-B61B-3EB98A9BBA78}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{15E309AB-4953-4142-B981-93B8DAF9165F}] => (Allow) C:\Program Files (x86)\MyRouter\MyRouter.exe
FirewallRules: [{3EB676DA-9F33-4C19-B93C-28EC0A8A6FD7}] => (Allow) C:\Program Files (x86)\MyRouter\MyRouter.exe
FirewallRules: [{8FFC966F-E406-4E3F-B52B-74D78A42D6A0}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [{A9B32D72-14D2-4316-AAAD-E52B96EBF81D}] => (Allow) C:\Program Files (x86)\mHotspot\mHotspot.exe
FirewallRules: [TCP Query User{112D5C30-0AE0-4248-8B8F-5E10E48BEA1D}C:\program files (x86)\jrt studio\cheetah sync\cheetahsync.exe] => (Allow) C:\program files (x86)\jrt studio\cheetah sync\cheetahsync.exe
FirewallRules: [UDP Query User{AB34C7D2-14D7-4F20-857E-84A8AF0C3BE8}C:\program files (x86)\jrt studio\cheetah sync\cheetahsync.exe] => (Allow) C:\program files (x86)\jrt studio\cheetah sync\cheetahsync.exe
FirewallRules: [{C74DF20E-E4E1-4B6B-816E-28447ECCD849}] => (Allow) C:\Users\Admin 2 for switch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5DDAB995-5E12-41D7-A90E-7BF138339A5B}] => (Allow) C:\Users\Admin 2 for switch\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1DB72DB-ACD3-4E11-9C29-A790F08956DB}] => (Allow) C:\Program Files (x86)\Connectify\Connectify.exe
FirewallRules: [{88C316D4-7A74-4F21-8CCB-6701BAC68129}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{5D987F45-5BE7-4B8E-948B-3A7B98DAC4B3}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{5C755D83-5962-480A-91E7-0460CDAFA91A}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{E72C9AA2-DC7B-4AF4-AD38-E9C5973B21F8}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{3AD492CA-01A2-4633-A441-4DB895885C37}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{D564A6DE-31B8-4DB4-BA41-921BFE99F06D}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{2851B087-6EDA-415C-A78A-79080B82B81F}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{CE91284A-8F55-46CC-924C-4C81E126E7A5}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{76220CE9-7D7D-4B2B-AB0C-54C23B0A1638}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{0CD5F944-2E79-42B6-A4FB-BD6CF7E5FD19}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{2AA874A2-75FA-4E43-AB7E-7DAB41FDA3F9}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{8755B038-5B60-40DC-BEA4-8A625B728E1E}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
FirewallRules: [{971DE296-B923-44B5-9087-AD3E78A87B6A}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
FirewallRules: [{6C356EEB-2661-4EFB-B5D9-F98F84F1EB58}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{4348F436-08A5-41A9-A6E4-FC511F5605EC}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{9CA5F178-EE52-4837-B251-F3AEC9217EA4}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{54DF9984-C196-4239-8317-098B7C18A3DB}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{ECF446E3-C605-493A-93C9-76E20410812B}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{9A8E5189-3D4F-471B-9F7C-90EF6639E120}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
FirewallRules: [{1CD82423-C396-4CD3-8283-13E95D5136FB}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
FirewallRules: [{A218FE76-BB79-40C8-91F5-78D8DFD3F7B4}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{A2C12CDF-B5C4-40FB-92C9-DA321055B45F}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe
FirewallRules: [{BEEA67A5-D8A7-4E1C-A08C-305D2B7C7F28}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
FirewallRules: [{D9C8DF01-CD1F-4FDB-83EE-EBE4D9764CB7}] => (Allow) C:\Program Files (x86)\Connectify\Connectifyd.exe
FirewallRules: [{F005F418-37CA-40C5-A838-8EF3A4A4FB4E}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{0D2DDC97-4440-4B83-95D6-54628D601383}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{74724220-6C1C-4CF4-A001-28959613B6BC}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{5B805C8D-A1D5-4CA3-A667-C6C1E7F6AD8A}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{2071B381-1497-4F6F-BA33-ED74B567E9F1}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{358C1F62-0779-44F5-836F-38494564ADEF}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{C17B1795-3890-4E28-A80C-97A04B85578B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8052710A-06B3-4FF1-8DC0-E7E6239BF4E8}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{045A4822-D4BD-4CA1-9159-EC190E5685FF}] => (Allow) C:\Program Files (x86)\Unified Remote 3.0\RemoteServerWin.exe
FirewallRules: [{71D58155-A8CC-4DF4-BAB8-90893C5D5B54}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: RHDISK_AMD64
Description: RHDISK_AMD64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RHDISK_AMD64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/04/2015 01:33:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: soffice.bin, version: 4.4.2.2, time stamp: 0x55144c5f
Faulting module name: vcllo.dll, version: 4.4.2.2, time stamp: 0x55143773
Exception code: 0xc0000005
Fault offset: 0x0037eee5
Faulting process id: 0x1c2c
Faulting application start time: 0xsoffice.bin0
Faulting application path: soffice.bin1
Faulting module path: soffice.bin2
Report Id: soffice.bin3
Error: (05/03/2015 09:18:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000045f0fd8
Faulting process id: 0xef4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (04/29/2015 09:25:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: soffice.bin, version: 4.4.2.2, time stamp: 0x55144c5f
Faulting module name: vcllo.dll, version: 4.4.2.2, time stamp: 0x55143773
Exception code: 0xc0000005
Fault offset: 0x0037eee5
Faulting process id: 0x1680
Faulting application start time: 0xsoffice.bin0
Faulting application path: soffice.bin1
Faulting module path: soffice.bin2
Report Id: soffice.bin3
Error: (04/29/2015 04:20:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: soffice.bin, version: 4.4.2.2, time stamp: 0x55144c5f
Faulting module name: vcllo.dll, version: 4.4.2.2, time stamp: 0x55143773
Exception code: 0xc0000005
Fault offset: 0x0037eee5
Faulting process id: 0xd10
Faulting application start time: 0xsoffice.bin0
Faulting application path: soffice.bin1
Faulting module path: soffice.bin2
Report Id: soffice.bin3
Error: (04/25/2015 06:16:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MediaMonkey.exe version 4.1.5.1719 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: d60
Start Time: 01d07f2a46fc5e22
Termination Time: 38
Application Path: C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
Report Id: 0ee92807-eb49-11e4-a525-00262286b35d
Error: (04/19/2015 07:21:13 PM) (Source: Casper SmartSense) (EventID: 1010) (User: NT AUTHORITY)
Description: No active user detected for \\?\STORAGE#Volume#_??_USBSTOR#Disk&Ven_ZXID&Prod_USB_Storage_FFF1&Rev_2.31#1234567890ABCDEF&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Error: 50
Error: (04/19/2015 07:21:13 PM) (Source: Casper SmartSense) (EventID: 1010) (User: NT AUTHORITY)
Description: No active user detected for \\?\USBSTOR#Disk&Ven_ZXID&Prod_USB_Storage_FFF1&Rev_2.31#1234567890ABCDEF&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.
Error: 50
Error: (04/19/2015 07:21:13 PM) (Source: Casper SmartSense) (EventID: 1010) (User: NT AUTHORITY)
Description: No active user detected for \\?\USBSTOR#CdRom&Ven_ZXID&Prod_USB_Storage_FFF1&Rev_2.31#1234567890ABCDEF&0#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Error: 50
Error: (04/19/2015 07:20:57 PM) (Source: Casper SmartSense) (EventID: 1010) (User: NT AUTHORITY)
Description: No active user detected for \\?\STORAGE#Volume#_??_USBSTOR#Disk&Ven_ZXID&Prod_USB_Storage_FFF1&Rev_2.31#1234567890ABCDEF&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}.
Error: 50
Error: (04/19/2015 07:20:57 PM) (Source: Casper SmartSense) (EventID: 1010) (User: NT AUTHORITY)
Description: No active user detected for \\?\USBSTOR#Disk&Ven_ZXID&Prod_USB_Storage_FFF1&Rev_2.31#1234567890ABCDEF&1#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}.
Error: 50
System errors:
=============
Error: (05/06/2015 00:25:20 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/06/2015 10:56:28 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/06/2015 10:55:46 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/06/2015 10:53:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RHDISK_AMD64 service failed to start due to the following error:
%%3
Error: (05/06/2015 10:04:22 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/06/2015 10:03:26 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/06/2015 10:00:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RHDISK_AMD64 service failed to start due to the following error:
%%3
Error: (05/06/2015 08:46:32 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/06/2015 07:35:19 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (05/05/2015 09:42:25 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Microsoft Office Sessions:
=========================
Error: (01/01/2015 07:27:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/13/2010 00:20:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3097 seconds with 0 seconds of active time. This session ended with a crash.
Error: (10/30/2010 03:48:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11124 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-04-10 19:18:15.326
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-10 19:18:15.233
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-10 18:52:14.393
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-10 18:52:14.315
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-09 13:21:56.200
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-09 13:21:56.106
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-09 09:09:24.960
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-09 09:09:24.866
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-08 19:41:27.610
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-04-08 19:41:27.517
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 66%
Total physical RAM: 4025.98 MB
Available physical RAM: 1330.86 MB
Total Pagefile: 8050.14 MB
Available Pagefile: 5088.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Toshiba) (Fixed) (Total:285.95 GB) (Free:6.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (SYSTEM RESERVED) (Fixed) (Total:0.13 GB) (Free:0.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 27560AF5)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Not Active) - (Size=133 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=286 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--------------end of addition.txt------------------------