My home network is infected [Closed]
Started by
achint
, Aug 10 2015 06:08 AM
-
This topic is locked
#17
Posted 22 August 2015 - 02:40 PM
Nevan
-
- Malware Removal
-
- 1,765 posts
Trusted Helper
So? What are we doing? 
#18
Posted 24 August 2015 - 11:41 AM
achint
- Topic Starter
-
- Member
-
- 12 posts
Member
Hey,
Sorry for the delayed response. I have just followed your instructions on my personal computer and here are the results of the 2 .txt documents.
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
Ran by vineet (administrator) on LENOVO-PC (24-08-2015 22:43:03)
Running from C:\Users\vineet\Desktop
Loaded Profiles: vineet (Available Profiles: vineet)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Unique Solutions) C:\ProgramData\ZRPkKEesI\yXjrmwrcMEW.exe
() C:\Program Files\Common Files\ShopperPro\spbiu.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Pokki) C:\Users\vineet\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
(ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe
(ClientConnect LTD) C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe
() C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
() C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe
(Pokki) C:\Users\vineet\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\vineet\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\vineet\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12391.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\vineet\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\vineet\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-08-12] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-10-07] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-02] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10843120 2014-12-02] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [Akamai NetSession Interface] => C:\Users\vineet\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31090272 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [OneDrive] => C:\Users\vineet\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-08-12] (Microsoft Corporation)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [GoogleChromeAutoLaunch_B3D164C090B1212EA3E9FB4FFC53CFA6] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-05-12] (Crossbrowse)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-08-24]
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130848794342571126&GUID=1B9C8361-68B0-4D6F-9396-FD2448084845
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
SearchScopes: HKU\S-1-5-21-2630856962-2882739809-239791393-1001 -> DefaultScope {0D0BF34B-F642-11E4-8299-D07E350FEA64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2630856962-2882739809-239791393-1001 -> {0D0BF34B-F642-11E4-8299-D07E350FEA64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{084a06eb-6985-49d5-8c85-96565e4ad3fd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1c8031dd-aa1d-451f-9e72-5cdba9beff01}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\vineet\AppData\Roaming\Mozilla\Firefox\Profiles\TFwFauIl.default
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-13] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-07] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Extension: Avira Browser Safety - C:\Users\vineet\AppData\Roaming\Mozilla\Firefox\Profiles\TFwFauIl.default\Extensions\[email protected] [2014-12-02]
Chrome:
=======
CHR Profile: C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Profile: C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Google Drive) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-11]
CHR Extension: (YouTube) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-11]
CHR Extension: (Google Search) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-11]
CHR Extension: (Avira Browser Safety) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-11]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-08-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\CltMngSvc.exe [2735408 2015-05-06] (ClientConnect LTD)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-22] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-22] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-12-12] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-11] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-08-14] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-11-21] (LENOVO INCORPORATED.)
S2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-10-07] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-07] (Lenovo(beijing) Limited)
S3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2002-02-02] (Robert McNeel & Associates) [File not signed]
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session6; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-10-07] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-10-07] (Lenovo)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session6; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [996352 2015-08-11] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-12] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-10-07] (Lenovo)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-24] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-24] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session6; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session6; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
R2 yXjrmwrcMEW; C:\ProgramData\ZRPkKEesI\yXjrmwrcMEW.exe [2731488 2015-08-24] (Unique Solutions)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-08-12] (Intel Corporation)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-12] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-08-12] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-14] (Synaptics Incorporated)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41632 2015-08-24] ()
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-14] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-24 22:48 - 2015-08-24 22:48 - 00016148 _____ C:\WINDOWS\system32\LENOVO-PC_vineet_HistoryPrediction.bin
2015-08-24 22:44 - 2015-08-24 22:44 - 00000000 ____D C:\ProgramData\Browser
2015-08-24 22:43 - 2015-08-24 22:46 - 00029263 _____ C:\Users\vineet\Desktop\FRST.txt
2015-08-24 22:42 - 2015-08-24 22:44 - 00000000 ____D C:\FRST
2015-08-24 22:40 - 2015-08-24 22:41 - 02173952 _____ (Farbar) C:\Users\vineet\Desktop\FRST64.exe
2015-08-24 22:34 - 2015-08-24 22:39 - 02173952 _____ (Farbar) C:\Users\vineet\Downloads\FRST64.exe
2015-08-24 14:32 - 2015-08-24 14:41 - 00000370 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2015-08-24 14:32 - 2015-08-24 14:32 - 00003440 _____ C:\WINDOWS\System32\Tasks\AmiUpdXp
2015-08-24 14:32 - 2015-08-24 14:32 - 00000000 ____D C:\Users\vineet\AppData\Local\14877
2015-08-24 14:31 - 2015-08-24 14:31 - 00002537 _____ C:\Users\vineet\Desktop\Reimage2.lnk
2015-08-24 14:30 - 2015-08-24 22:34 - 00000000 ____D C:\Users\vineet\AppData\Local\DesktopSearch
2015-08-24 14:30 - 2015-08-24 14:30 - 00000000 ____D C:\DesktopSearch
2015-08-24 14:26 - 2015-08-24 22:44 - 00003542 _____ C:\WINDOWS\System32\Tasks\Ssiulaurxaf
2015-08-24 14:26 - 2015-08-24 14:26 - 00000000 ____D C:\ProgramData\Ssiulaurxaf
2015-08-24 14:21 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Search
2015-08-24 14:20 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\ZRPkKEesI
2015-08-24 14:20 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\DesktopSearch
2015-08-24 14:18 - 2015-08-24 20:18 - 00001078 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-08-24 14:18 - 2015-08-24 14:18 - 00004198 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00001264 _____ C:\Users\vineet\Desktop\Continue Max Driver Updater Uninstaller.lnk
2015-08-24 14:18 - 2015-08-24 14:18 - 00000008 _____ C:\END
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\Users\vineet\AppData\Local\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-08-24 14:16 - 2015-08-24 14:39 - 00001024 _____ C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job
2015-08-24 14:16 - 2015-08-24 14:16 - 00004158 _____ C:\WINDOWS\System32\Tasks\yRYXdCg1yVyJmA
2015-08-24 14:14 - 2015-08-24 20:19 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-24 14:14 - 2015-08-24 14:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-24 14:14 - 2015-08-24 14:14 - 00000000 ____D C:\Users\vineet\AppData\Local\globalUpdate
2015-08-24 14:13 - 2015-08-24 22:44 - 00000000 ____D C:\Program Files\Common Files\ShopperPro
2015-08-24 14:13 - 2015-08-24 14:18 - 00000000 ____D C:\Program Files (x86)\MaxDrivrUpdater
2015-08-24 14:13 - 2015-08-24 14:15 - 00000000 ____D C:\Users\vineet\AppData\Local\BrowserHelper
2015-08-24 14:13 - 2015-08-24 14:13 - 00004412 _____ C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841
2015-08-24 14:13 - 2015-08-24 14:13 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-08-24 14:13 - 2015-08-24 14:13 - 00000000 ____D C:\ProgramData\ShopperPro
2015-08-24 14:12 - 2015-08-24 14:28 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Opera Software
2015-08-24 14:12 - 2015-08-24 14:28 - 00000000 ____D C:\Users\vineet\AppData\Local\Opera Software
2015-08-24 14:12 - 2015-08-24 14:13 - 00000000 ____D C:\Program Files (x86)\ShopperPro
2015-08-24 14:12 - 2015-08-24 14:12 - 00003680 _____ C:\WINDOWS\System32\Tasks\ShopperProJSUpd
2015-08-24 14:12 - 2015-08-24 14:12 - 00000000 ____D C:\Users\vineet\AppData\Local\CrashRpt
2015-08-24 14:10 - 2015-08-24 14:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-24 14:08 - 2015-08-24 14:13 - 00000000 ____D C:\Users\vineet\Downloads\VrayForRhino5v20024184x64
2015-08-24 14:08 - 2015-08-24 14:08 - 00578819 _____ C:\Users\vineet\Downloads\VrayForRhino5v20024184x64.rar
2015-08-24 13:43 - 2015-08-24 13:43 - 00712940 _____ C:\Users\vineet\Downloads\VRayforRhino52.00.24184(x64.rar
2015-08-24 13:43 - 2015-08-24 13:43 - 00000000 ____D C:\Users\vineet\Downloads\VRayforRhino52.00.24184(x64
2015-08-24 13:38 - 2015-08-24 13:40 - 00000000 ____D C:\Program Files\T-Splines for Rhino
2015-08-24 13:38 - 2015-08-24 13:38 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\T-Splines for Rhino (64)
2015-08-24 13:38 - 2015-08-24 13:38 - 00000000 ____D C:\ProgramData\TSplines
2015-08-24 12:28 - 2015-08-24 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2015-08-24 12:28 - 2015-08-24 12:28 - 00000000 ____D C:\ProgramData\FARO
2015-08-24 12:25 - 2015-08-24 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 - English
2015-08-24 12:23 - 2015-08-24 12:23 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2015-08-24 02:36 - 2015-08-24 02:36 - 00003533 _____ C:\Users\vineet\Downloads\v-ray-for-rhino-5-v20024184-wi-n64.torrent
2015-08-24 02:35 - 2015-08-24 02:35 - 00000903 _____ C:\Users\vineet\Downloads\rhinoceros-5-sr7-v-ray-20-for-rhino-win64-full-software-by-milebb.torrent
2015-08-24 02:29 - 2015-08-24 02:29 - 01550409 _____ C:\Users\vineet\Downloads\Vray+For+Rhino+5+v2.00.24184+(x64).rar.rar
2015-08-24 02:21 - 2015-08-24 13:06 - 00000000 ____D C:\Users\vineet\Downloads\Autocad 64 bit 2014
2015-08-24 02:20 - 2015-08-24 02:20 - 00015997 _____ C:\Users\vineet\Downloads\[kickass-torrents.ytsre.net]autocad.2014.64.bit.xforce.keygen.instructions.torrent
2015-08-24 02:13 - 2015-08-24 02:13 - 00002740 _____ C:\Users\vineet\Desktop\BitTorrent.lnk
2015-08-24 02:13 - 2015-08-24 02:13 - 00000000 ____D C:\Users\vineet\AppData\Roaming\RPEng
2015-08-24 02:11 - 2015-08-24 14:32 - 00000000 ____D C:\Users\vineet\AppData\Roaming\BitTorrent
2015-08-24 02:10 - 2015-08-24 02:11 - 01701992 _____ (BitTorrent Inc.) C:\Users\vineet\Downloads\BitTorrent.exe
2015-08-24 02:07 - 2015-08-24 02:08 - 01052264 _____ C:\WINDOWS\Minidump\082415-15734-01.dmp
2015-08-24 02:07 - 2015-08-24 02:07 - 872664573 _____ C:\WINDOWS\MEMORY.DMP
2015-08-24 02:07 - 2015-08-24 02:07 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-22 18:21 - 2015-08-22 18:25 - 00000000 ____D C:\Users\vineet\Desktop\New folder
2015-08-22 17:49 - 2015-08-22 12:19 - 00533574 _____ C:\Users\vineet\Desktop\Shivlani Staircase Meeting 2_3 .obj
2015-08-22 17:36 - 2015-08-22 11:55 - 00558140 _____ C:\Users\vineet\Desktop\Shivlani Staircase Meeting 2_2 .obj
2015-08-22 17:14 - 2015-08-22 11:49 - 00658620 _____ C:\Users\vineet\Desktop\Shivlani Staircase Meeting 2 .obj
2015-08-22 11:05 - 2015-08-05 06:48 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-22 11:05 - 2015-08-05 06:48 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-21 15:15 - 2014-12-16 10:56 - 00001142 _____ C:\Users\vineet\Desktop\Autodesk Installation.txt
2015-08-21 15:09 - 2015-08-21 15:09 - 00000000 ____D C:\Users\vineet\Desktop\Autocad 2012
2015-08-21 15:08 - 2015-08-21 15:08 - 00000000 ____D C:\Users\vineet\Desktop\TSplines_34_Rhino_x64
2015-08-20 17:42 - 2015-08-20 17:43 - 00196558 _____ C:\Users\vineet\Downloads\Anagha residence_Juhu_Interiors.dwg
2015-08-19 10:38 - 2015-08-19 10:38 - 00123120 _____ C:\Users\vineet\Downloads\110311_startingpointrectengular.ghx
2015-08-19 10:38 - 2015-08-19 10:38 - 00076649 _____ C:\Users\vineet\Downloads\110121_NewStartPtonClosedCrv_01.ghx
2015-08-19 10:38 - 2015-08-19 10:38 - 00056585 _____ C:\Users\vineet\Downloads\ChangeClosedCurveSeam.ghx
2015-08-19 09:47 - 2015-08-13 10:03 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 09:47 - 2015-08-11 14:52 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-19 09:46 - 2015-08-13 09:53 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-19 09:46 - 2015-08-13 09:52 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-19 09:46 - 2015-08-13 09:50 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-19 09:46 - 2015-08-13 09:47 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-19 09:46 - 2015-08-13 09:37 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 09:46 - 2015-08-13 09:23 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-19 09:46 - 2015-08-11 15:34 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-19 09:46 - 2015-08-11 15:34 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-19 09:46 - 2015-08-11 15:34 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-19 09:46 - 2015-08-11 15:33 - 08021840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-19 09:46 - 2015-08-11 15:33 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-19 09:46 - 2015-08-11 15:32 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-19 09:46 - 2015-08-11 15:32 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-19 09:46 - 2015-08-11 15:32 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-19 09:46 - 2015-08-11 15:27 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-19 09:46 - 2015-08-11 15:22 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-19 09:46 - 2015-08-11 15:20 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-19 09:46 - 2015-08-11 15:10 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-19 09:46 - 2015-08-11 15:10 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-19 09:46 - 2015-08-11 15:10 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-19 09:46 - 2015-08-11 15:08 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-19 09:46 - 2015-08-11 15:07 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-19 09:46 - 2015-08-11 15:01 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-19 09:46 - 2015-08-11 14:56 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-19 09:46 - 2015-08-11 14:53 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-19 09:46 - 2015-08-11 14:51 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-19 09:46 - 2015-08-11 14:51 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-19 09:46 - 2015-08-11 14:50 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-19 09:46 - 2015-08-11 14:50 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-19 09:46 - 2015-08-11 14:49 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-19 09:46 - 2015-08-11 14:48 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-19 09:46 - 2015-08-11 14:46 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-19 09:46 - 2015-08-11 14:44 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-19 09:46 - 2015-08-11 14:43 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-19 09:46 - 2015-08-11 14:41 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-19 09:46 - 2015-08-11 14:41 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-19 09:46 - 2015-08-11 14:40 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-19 09:46 - 2015-08-11 14:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 09:46 - 2015-08-11 14:40 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-19 09:46 - 2015-08-11 14:39 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-19 09:46 - 2015-08-11 14:38 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-19 09:46 - 2015-08-11 14:38 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-19 09:46 - 2015-08-11 14:37 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-19 09:46 - 2015-08-11 14:37 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-19 09:46 - 2015-08-11 14:37 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-19 09:46 - 2015-08-11 14:36 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-19 09:46 - 2015-08-11 14:36 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-19 09:46 - 2015-08-11 14:33 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-19 09:46 - 2015-08-11 14:32 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-19 09:46 - 2015-08-11 14:32 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-19 09:46 - 2015-08-11 14:32 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-19 09:46 - 2015-08-11 14:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-19 09:46 - 2015-08-11 14:31 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-19 09:46 - 2015-08-11 14:30 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-19 09:46 - 2015-08-11 14:30 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-19 09:46 - 2015-08-11 14:28 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-19 09:46 - 2015-08-11 14:27 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-19 09:46 - 2015-08-11 14:27 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-19 09:46 - 2015-08-11 14:21 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-19 09:46 - 2015-08-11 14:21 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-19 09:46 - 2015-08-11 14:20 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-19 09:46 - 2015-08-11 14:20 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-19 09:46 - 2015-08-11 14:20 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-19 09:46 - 2015-08-11 14:19 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-19 09:46 - 2015-08-11 14:19 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 09:46 - 2015-08-11 14:18 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-19 09:46 - 2015-08-11 14:17 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-19 09:46 - 2015-08-11 14:15 - 18805760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-19 09:46 - 2015-08-11 14:15 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-19 09:46 - 2015-08-11 14:13 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-19 09:46 - 2015-08-11 14:12 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-19 09:46 - 2015-08-11 14:10 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-19 09:46 - 2015-08-11 14:10 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-19 09:46 - 2015-08-11 14:10 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-19 09:46 - 2015-08-11 14:09 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-19 09:46 - 2015-08-11 14:08 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 11:22 - 2015-08-18 11:22 - 00009007 _____ C:\Users\vineet\Downloads\Trial11_re.gh
2015-08-18 11:21 - 2015-08-18 11:22 - 04622811 _____ C:\Users\vineet\Downloads\Trial011_re.3dm
2015-08-17 21:12 - 2015-08-17 21:12 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-08-17 21:11 - 2015-08-17 21:11 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-08-17 18:51 - 2015-08-17 18:58 - 04445374 _____ C:\Users\vineet\Desktop\Trial 011.3dm
2015-08-17 18:51 - 2015-08-17 18:55 - 04446807 _____ C:\Users\vineet\Desktop\Trial 011.3dmbak
2015-08-17 13:08 - 2015-08-17 13:08 - 00018621 _____ C:\Users\vineet\Downloads\Trial010_re.gh
2015-08-17 10:41 - 2015-08-17 10:41 - 00691102 _____ C:\Users\vineet\Downloads\agave.skp
2015-08-17 10:41 - 2015-08-17 10:41 - 00508376 _____ C:\Users\vineet\Downloads\Hydrangea macrophylla.skp
2015-08-17 10:41 - 2015-08-17 10:41 - 00231743 _____ C:\Users\vineet\Downloads\ilalang.skp
2015-08-17 10:39 - 2015-08-17 10:39 - 00730391 _____ C:\Users\vineet\Downloads\Calotropis giganthea.skp
2015-08-17 10:38 - 2015-08-17 10:39 - 00588439 _____ C:\Users\vineet\Downloads\ruellia simplex.skp
2015-08-17 10:38 - 2015-08-17 10:38 - 00502448 _____ C:\Users\vineet\Downloads\butterfly ginger.skp
2015-08-17 10:38 - 2015-08-17 10:38 - 00487165 _____ C:\Users\vineet\Downloads\pandanus amarylifolius.skp
2015-08-17 10:35 - 2015-08-17 10:35 - 00142888 _____ C:\Users\vineet\Downloads\Plants_CALATHEA LUTEA.skp
2015-08-17 10:33 - 2015-08-17 10:33 - 00576992 _____ C:\Users\vineet\Downloads\Watercolor_Plant.skp
2015-08-17 10:32 - 2015-08-17 10:33 - 01211653 _____ C:\Users\vineet\Downloads\crinum asiaticum.skp
2015-08-17 09:26 - 2015-08-17 14:48 - 04176338 _____ C:\Users\vineet\Desktop\Trial 010.3dm
2015-08-17 09:26 - 2015-08-17 14:48 - 00011689 _____ C:\Users\vineet\Desktop\Trial 010.gh
2015-08-17 09:26 - 2015-08-17 09:33 - 04183135 _____ C:\Users\vineet\Desktop\Trial 010.3dmbak
2015-08-17 09:18 - 2015-08-17 09:18 - 00009167 _____ C:\Users\vineet\Desktop\Staircase 010.gh
2015-08-17 09:16 - 2015-08-17 09:16 - 24653320 _____ C:\Users\vineet\Desktop\2015-08-08_Staircase Development_01 009.3dm
2015-08-16 17:41 - 2015-08-16 17:41 - 00186161 _____ C:\Users\vineet\Downloads\reordermeshfaces.ghx
2015-08-16 15:16 - 2015-08-16 15:16 - 00045528 _____ C:\Users\vineet\Downloads\Sphagetti.gh
2015-08-15 21:43 - 2015-08-15 21:43 - 00081662 _____ C:\Users\vineet\Downloads\startingpointchanging.ghx
2015-08-15 21:38 - 2015-08-15 21:38 - 00077757 _____ C:\Users\vineet\Desktop\110121_NewStartPtonClosedCrv_01.ghx
2015-08-15 18:17 - 2015-08-03 07:48 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-15 18:17 - 2015-08-03 07:43 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-15 18:17 - 2015-08-03 07:26 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-15 18:17 - 2015-08-03 07:20 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-15 18:17 - 2015-08-03 06:48 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-15 18:17 - 2015-08-03 06:48 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-15 18:17 - 2015-08-03 06:31 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-15 18:17 - 2015-07-30 09:19 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-15 18:17 - 2015-07-30 08:45 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-15 18:17 - 2015-07-26 10:43 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-15 18:17 - 2015-07-26 09:58 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-15 18:17 - 2015-07-22 09:24 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-15 18:17 - 2015-07-22 08:41 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-15 18:17 - 2015-07-15 08:11 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-15 18:17 - 2015-07-11 06:47 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-15 18:17 - 2015-07-11 06:21 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-15 18:16 - 2015-08-08 12:59 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-15 18:16 - 2015-08-08 12:49 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-15 18:16 - 2015-08-08 12:31 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-15 18:16 - 2015-08-08 12:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-15 18:16 - 2015-08-08 12:10 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-15 18:16 - 2015-08-08 11:54 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-15 18:16 - 2015-08-08 11:54 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-15 18:16 - 2015-08-08 11:45 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-15 18:16 - 2015-08-08 11:30 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-15 18:16 - 2015-08-06 08:47 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-15 18:16 - 2015-08-06 08:47 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-15 18:16 - 2015-08-06 07:52 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-15 18:16 - 2015-08-05 10:19 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-15 18:16 - 2015-08-05 09:59 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-15 18:16 - 2015-08-05 09:30 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-15 18:16 - 2015-08-05 09:24 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-15 18:16 - 2015-08-05 09:17 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-15 18:16 - 2015-08-05 09:09 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-15 18:16 - 2015-08-04 09:37 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-15 18:16 - 2015-08-04 09:36 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-15 18:16 - 2015-08-04 08:53 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-15 18:16 - 2015-08-04 08:29 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-15 18:16 - 2015-08-04 08:17 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-15 18:16 - 2015-08-03 08:02 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-15 18:16 - 2015-08-03 07:58 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-15 18:16 - 2015-08-03 07:49 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-15 18:16 - 2015-08-03 07:49 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-15 18:16 - 2015-08-03 07:48 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-15 18:16 - 2015-08-03 07:48 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-15 18:16 - 2015-08-03 07:47 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-15 18:16 - 2015-08-03 07:42 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-15 18:16 - 2015-08-03 07:19 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-15 18:16 - 2015-08-03 07:01 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-15 18:16 - 2015-08-03 07:00 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-15 18:16 - 2015-08-03 06:54 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-15 18:16 - 2015-08-03 06:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-15 18:16 - 2015-08-03 06:54 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-15 18:16 - 2015-08-03 06:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-15 18:16 - 2015-08-03 06:52 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-15 18:16 - 2015-08-03 06:52 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-15 18:16 - 2015-08-03 06:52 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-15 18:16 - 2015-08-03 06:51 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-15 18:16 - 2015-08-03 06:49 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-15 18:16 - 2015-08-03 06:49 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-15 18:16 - 2015-08-03 06:48 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-15 18:16 - 2015-08-03 06:48 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-15 18:16 - 2015-08-03 06:44 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-15 18:16 - 2015-08-03 06:44 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-15 18:16 - 2015-08-03 06:42 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-15 18:16 - 2015-08-03 06:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-15 18:16 - 2015-08-03 06:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-15 18:16 - 2015-08-03 06:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-15 18:16 - 2015-08-03 06:36 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-15 18:16 - 2015-08-03 06:33 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-15 18:16 - 2015-08-03 06:32 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-15 18:16 - 2015-08-03 06:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-15 18:16 - 2015-08-03 06:29 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-15 18:16 - 2015-07-30 11:54 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-15 18:16 - 2015-07-30 11:53 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-15 18:16 - 2015-07-30 11:51 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-15 18:16 - 2015-07-30 11:47 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-15 18:16 - 2015-07-30 11:47 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 11:46 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-15 18:16 - 2015-07-30 11:44 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-15 18:16 - 2015-07-30 11:39 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-15 18:16 - 2015-07-30 11:36 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-15 18:16 - 2015-07-30 11:35 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-15 18:16 - 2015-07-30 11:35 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-15 18:16 - 2015-07-30 11:34 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-15 18:16 - 2015-07-30 11:33 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-15 18:16 - 2015-07-30 10:54 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-15 18:16 - 2015-07-30 09:59 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-15 18:16 - 2015-07-30 09:56 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-15 18:16 - 2015-07-30 09:56 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:55 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-15 18:16 - 2015-07-30 09:55 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-15 18:16 - 2015-07-30 09:52 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:51 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-15 18:16 - 2015-07-30 09:42 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-15 18:16 - 2015-07-30 09:42 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-15 18:16 - 2015-07-30 09:38 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-15 18:16 - 2015-07-30 09:38 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-15 18:16 - 2015-07-30 09:38 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-15 18:16 - 2015-07-30 09:29 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-15 18:16 - 2015-07-30 09:22 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-15 18:16 - 2015-07-30 09:22 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-15 18:16 - 2015-07-30 09:22 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-15 18:16 - 2015-07-30 09:16 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-15 18:16 - 2015-07-30 09:16 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:16 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-15 18:16 - 2015-07-30 09:15 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-15 18:16 - 2015-07-30 09:14 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-15 18:16 - 2015-07-30 09:14 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-15 18:16 - 2015-07-30 09:12 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-15 18:16 - 2015-07-30 09:11 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-15 18:16 - 2015-07-30 09:10 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-15 18:16 - 2015-07-30 09:08 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-15 18:16 - 2015-07-30 09:08 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-15 18:16 - 2015-07-30 09:04 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-15 18:16 - 2015-07-30 08:59 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-15 18:16 - 2015-07-30 08:37 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-15 18:16 - 2015-07-30 08:36 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 08:34 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-15 18:16 - 2015-07-30 08:34 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-15 18:16 - 2015-07-30 08:29 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-15 18:16 - 2015-07-30 08:28 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-15 18:16 - 2015-07-26 10:46 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-15 18:16 - 2015-07-26 10:46 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-15 18:16 - 2015-07-26 10:44 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-15 18:16 - 2015-07-26 10:44 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-15 18:16 - 2015-07-26 10:36 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-15 18:16 - 2015-07-26 09:19 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-15 18:16 - 2015-07-26 09:19 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-15 18:16 - 2015-07-26 09:17 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-15 18:16 - 2015-07-26 09:10 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-15 18:16 - 2015-07-26 09:10 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-15 18:16 - 2015-07-26 09:09 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-15 18:16 - 2015-07-26 09:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-15 18:16 - 2015-07-26 09:08 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-15 18:16 - 2015-07-26 09:05 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-15 18:16 - 2015-07-26 09:04 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-15 18:16 - 2015-07-26 09:00 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-15 18:16 - 2015-07-26 09:00 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-15 18:16 - 2015-07-26 08:59 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-15 18:16 - 2015-07-24 09:00 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-15 18:16 - 2015-07-24 08:48 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-15 18:16 - 2015-07-24 08:47 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-15 18:16 - 2015-07-24 08:42 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-15 18:16 - 2015-07-24 08:25 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-15 18:16 - 2015-07-24 08:22 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-15 18:16 - 2015-07-24 08:16 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-15 18:16 - 2015-07-24 08:14 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-15 18:16 - 2015-07-24 08:10 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-15 18:16 - 2015-07-24 08:09 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-15 18:16 - 2015-07-24 08:04 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-15 18:16 - 2015-07-24 07:55 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-15 18:16 - 2015-07-24 07:54 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-15 18:16 - 2015-07-24 07:54 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-15 18:16 - 2015-07-24 07:54 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-15 18:16 - 2015-07-22 10:48 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-15 18:16 - 2015-07-22 10:32 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-15 18:16 - 2015-07-22 09:43 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-15 18:16 - 2015-07-22 09:32 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-15 18:16 - 2015-07-22 09:30 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-15 18:16 - 2015-07-22 09:30 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-15 18:16 - 2015-07-22 09:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-15 18:16 - 2015-07-22 09:29 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-15 18:16 - 2015-07-22 09:25 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-15 18:16 - 2015-07-22 09:25 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-15 18:16 - 2015-07-22 09:23 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-15 18:16 - 2015-07-22 09:16 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-15 18:16 - 2015-07-22 08:51 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-15 18:16 - 2015-07-22 08:43 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-15 18:16 - 2015-07-22 08:43 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-15 18:16 - 2015-07-22 08:40 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-15 18:16 - 2015-07-22 08:37 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-15 18:16 - 2015-07-22 08:33 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-15 18:16 - 2015-07-22 08:20 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-15 18:16 - 2015-07-19 09:34 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-15 18:16 - 2015-07-19 09:24 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-15 18:16 - 2015-07-19 08:53 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-15 18:16 - 2015-07-19 08:48 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-15 18:16 - 2015-07-19 08:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-15 18:16 - 2015-07-19 08:09 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-15 18:16 - 2015-07-18 13:13 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-15 18:16 - 2015-07-18 13:07 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-15 18:16 - 2015-07-18 12:59 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-15 18:16 - 2015-07-18 10:32 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-15 18:16 - 2015-07-18 09:36 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-15 18:16 - 2015-07-18 09:29 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-15 18:16 - 2015-07-18 09:29 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-15 18:16 - 2015-07-18 09:22 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-15 18:16 - 2015-07-18 09:19 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-15 18:16 - 2015-07-18 09:18 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-15 18:16 - 2015-07-17 09:53 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-15 18:16 - 2015-07-17 09:37 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-15 18:16 - 2015-07-17 08:09 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-15 18:16 - 2015-07-17 08:06 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-15 18:16 - 2015-07-17 08:03 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-15 18:16 - 2015-07-17 08:02 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-15 18:16 - 2015-07-17 08:01 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-15 18:16 - 2015-07-17 07:56 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-15 18:16 - 2015-07-17 07:54 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-15 18:16 - 2015-07-17 07:49 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-15 18:16 - 2015-07-17 07:48 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-15 18:16 - 2015-07-17 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-15 18:16 - 2015-07-17 07:26 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-15 18:16 - 2015-07-17 07:23 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-15 18:16 - 2015-07-17 07:21 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-15 18:16 - 2015-07-17 07:20 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-15 18:16 - 2015-07-17 07:14 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-15 18:16 - 2015-07-16 11:09 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-15 18:16 - 2015-07-16 09:39 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-15 18:16 - 2015-07-16 09:34 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-15 18:16 - 2015-07-16 09:33 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-15 18:16 - 2015-07-16 09:31 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-15 18:16 - 2015-07-16 09:17 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-15 18:16 - 2015-07-16 09:15 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-15 18:16 - 2015-07-16 09:14 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-15 18:16 - 2015-07-16 09:13 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-15 18:16 - 2015-07-16 09:11 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-15 18:16 - 2015-07-16 09:10 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-15 18:16 - 2015-07-16 09:06 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-15 18:16 - 2015-07-16 09:05 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-15 18:16 - 2015-07-16 09:03 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-15 18:16 - 2015-07-16 09:02 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-15 18:16 - 2015-07-16 08:59 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-15 18:16 - 2015-07-16 08:57 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-15 18:16 - 2015-07-16 08:49 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-15 18:16 - 2015-07-15 08:51 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-15 18:16 - 2015-07-15 08:19 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-15 18:16 - 2015-07-15 08:19 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-15 18:16 - 2015-07-15 07:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-15 18:16 - 2015-07-15 07:46 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-15 18:16 - 2015-07-15 07:27 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-15 18:16 - 2015-07-15 07:17 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-15 18:16 - 2015-07-15 07:11 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-15 18:16 - 2015-07-15 07:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-15 18:16 - 2015-07-15 07:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-15 18:16 - 2015-07-14 08:30 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-15 18:16 - 2015-07-14 08:07 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-15 18:16 - 2015-07-14 07:34 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-15 18:16 - 2015-07-14 07:21 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-15 18:16 - 2015-07-14 07:19 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-15 18:16 - 2015-07-14 07:08 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-15 18:16 - 2015-07-14 06:50 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-15 18:16 - 2015-07-13 05:31 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-15 18:16 - 2015-07-13 05:00 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-15 18:16 - 2015-07-12 06:08 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-15 18:16 - 2015-07-12 05:55 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-15 18:16 - 2015-07-12 05:48 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-15 18:16 - 2015-07-12 05:16 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-15 18:16 - 2015-07-11 06:58 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-15 18:16 - 2015-07-11 06:37 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-15 18:16 - 2015-07-11 06:35 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-15 18:16 - 2015-07-11 06:34 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-15 18:16 - 2015-07-11 06:33 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-15 18:16 - 2015-07-11 06:33 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-15 18:16 - 2015-07-11 06:32 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-15 18:16 - 2015-07-11 06:27 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-15 18:16 - 2015-07-11 06:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-15 18:16 - 2015-07-11 06:12 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-15 18:16 - 2015-07-11 06:11 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-15 18:16 - 2015-07-11 06:10 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-15 18:16 - 2015-07-11 06:04 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-15 18:16 - 2015-07-10 21:21 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-15 18:16 - 2015-07-10 21:17 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-15 18:16 - 2015-07-10 20:30 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-15 18:16 - 2015-07-10 20:22 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-15 18:16 - 2015-07-10 16:29 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-15 18:16 - 2015-07-10 15:35 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-15 18:16 - 2015-07-10 15:23 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-15 18:16 - 2015-07-10 15:05 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-15 18:16 - 2015-07-10 15:01 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-15 18:16 - 2015-07-10 14:59 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-15 18:15 - 2015-08-04 09:36 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-15 18:15 - 2015-08-03 07:48 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-15 18:15 - 2015-08-03 07:47 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-15 18:15 - 2015-07-30 11:45 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-15 18:15 - 2015-07-30 09:52 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-15 18:15 - 2015-07-30 09:39 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-15 18:15 - 2015-07-30 09:15 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-15 18:15 - 2015-07-30 09:14 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-15 18:15 - 2015-07-30 09:14 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-15 18:15 - 2015-07-30 09:14 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-15 18:15 - 2015-07-30 09:11 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-15 18:15 - 2015-07-30 08:36 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-15 18:15 - 2015-07-30 08:36 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-15 18:15 - 2015-07-24 08:47 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-15 18:15 - 2015-07-24 08:00 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-15 18:15 - 2015-07-24 07:59 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-15 18:15 - 2015-07-24 07:54 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-15 18:15 - 2015-07-22 10:45 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-15 18:15 - 2015-07-22 08:39 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-15 18:15 - 2015-07-18 14:17 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-15 18:15 - 2015-07-18 12:58 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-15 18:15 - 2015-07-18 12:58 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-15 18:15 - 2015-07-18 12:56 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-15 18:15 - 2015-07-18 10:47 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-15 18:15 - 2015-07-18 09:20 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-15 18:15 - 2015-07-18 09:20 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-15 18:15 - 2015-07-18 09:19 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-15 18:15 - 2015-07-18 09:19 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-15 18:15 - 2015-07-18 09:18 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-15 18:15 - 2015-07-18 09:17 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-15 18:15 - 2015-07-17 09:43 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-15 18:15 - 2015-07-17 09:42 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-15 18:15 - 2015-07-17 08:09 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-15 18:15 - 2015-07-17 08:03 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-15 18:15 - 2015-07-17 07:56 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-15 18:15 - 2015-07-17 07:49 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-15 18:15 - 2015-07-17 07:35 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-15 18:15 - 2015-07-16 09:24 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-15 18:15 - 2015-07-15 07:34 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-15 18:15 - 2015-07-15 06:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-15 18:15 - 2015-07-11 06:31 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-15 18:15 - 2015-07-11 06:10 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-15 18:15 - 2015-07-11 06:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-15 18:15 - 2015-07-10 16:12 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-15 18:15 - 2015-07-10 15:40 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-14 23:41 - 2015-07-23 06:14 - 00572048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-14 23:39 - 2015-08-14 23:39 - 42730312 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 37749064 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 22973584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 18376584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 16160440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 16011680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 15754192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 14511608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 13274904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 12973680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 11843384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 11142984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-14 23:39 - 2015-08-14 23:39 - 03351864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 02963208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 02164040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01061008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01053000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00384464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00364360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00314936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-14 11:49 - 2015-08-14 11:49 - 00000000 ____D C:\Users\vineet\AppData\Local\MicrosoftEdge
2015-08-14 10:01 - 2015-08-14 10:01 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-08-14 09:59 - 2015-08-14 09:59 - 36681912 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 35768808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 30404056 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 29613040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 29084160 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 19844096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 13727296 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 12880160 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 11384832 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 11276968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 10528136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 08507392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 06741482 _____ C:\WINDOWS\system32\igdclbif.bin
2015-08-14 09:59 - 2015-08-14 09:59 - 06389688 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-08-14 09:59 - 2015-08-14 09:59 - 06305696 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05467648 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05245440 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05121136 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05092320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 04841488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 04443136 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 03873280 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 03801600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-08-14 09:59 - 2015-08-14 09:59 - 02028032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01858632 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01767992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01765408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01565696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01456408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01216000 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01156608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01008016 _____ C:\WINDOWS\system32\igfxSDK.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00970752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00927120 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00923536 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00803113 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-08-14 09:59 - 2015-08-14 09:59 - 00723456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-08-14 09:59 - 2015-08-14 09:59 - 00624128 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00589712 _____ C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00519056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00511260 _____ C:\WINDOWS\system32\cp_resources.bin
2015-08-14 09:59 - 2015-08-14 09:59 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00425472 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-08-14 09:59 - 2015-08-14 09:59 - 00397824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00396688 _____ C:\WINDOWS\system32\igfxTray.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00386048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-08-14 09:59 - 2015-08-14 09:59 - 00373248 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00353280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00351120 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00331808 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00328080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00313888 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00300032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00284280 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00283024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00269360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-08-14 09:59 - 2015-08-14 09:59 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00243200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00219024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00214416 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00213904 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4256.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00200856 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00172032 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00163776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00162752 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00160680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00153600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00143904 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00141080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00140056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00090112 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00086016 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00082944 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00073728 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00064512 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00011264 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00004682 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-08-14 09:58 - 2015-08-14 09:58 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-08-14 09:58 - 2015-08-14 09:58 - 00255176 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo29.dll
2015-08-14 09:58 - 2015-08-14 09:58 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-08-14 09:58 - 2015-08-14 09:58 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-08-12 21:50 - 2015-08-12 21:50 - 00000000 ____D C:\Users\vineet\Downloads\Home
2015-08-12 16:52 - 2015-08-12 16:54 - 09989794 _____ C:\Users\vineet\Downloads\Home.zip
2015-08-12 14:54 - 2015-08-12 14:54 - 00000206 ____H C:\Users\vineet\Desktop\RCC LAYOUT AT TYPICAL SLAB LEVEL (23.12.2013)-1.dwl2
2015-08-12 14:54 - 2015-08-12 14:54 - 00000056 ____H C:\Users\vineet\Desktop\RCC LAYOUT AT TYPICAL SLAB LEVEL (23.12.2013)-1.dwl
2015-08-12 14:53 - 2015-08-12 14:51 - 00124064 ____N C:\Users\vineet\Desktop\RCC LAYOUT AT TYPICAL SLAB LEVEL (23.12.2013)-1.dwg
2015-08-12 14:51 - 2015-08-12 14:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-12 12:52 - 2015-08-12 12:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-12 12:46 - 2015-08-12 12:46 - 00263952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2015-08-12 12:46 - 2015-08-12 12:46 - 00242448 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2015-08-12 12:45 - 2015-08-12 12:45 - 02636032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe
2015-08-12 12:45 - 2015-08-12 12:45 - 01980672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsDecode.dll
2015-08-12 12:45 - 2015-08-12 12:45 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2015-08-12 12:45 - 2015-08-12 12:45 - 00495872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamX.dll
2015-08-12 12:45 - 2015-08-12 12:45 - 00100000 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-08-11 23:18 - 2015-08-11 23:18 - 00000205 ____H C:\Users\vineet\Downloads\Typical Floor Plan.dwl2
2015-08-11 23:18 - 2015-08-11 23:18 - 00000055 ____H C:\Users\vineet\Downloads\Typical Floor Plan.dwl
2015-08-11 21:21 - 2015-08-11 21:21 - 01506425 _____ C:\Users\vineet\Downloads\Nasik facade_R2.skp
2015-08-11 13:07 - 2015-08-11 00:10 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-11 13:04 - 2015-08-11 13:04 - 00000000 ____D C:\Windows.old
2015-08-11 13:03 - 2015-08-11 13:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files\MSBuild
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-11 13:01 - 2015-06-18 07:40 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-11 13:01 - 2015-06-18 07:40 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 13:01 - 2015-06-18 07:40 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-11 13:01 - 2015-05-30 10:37 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-11 13:01 - 2015-05-30 10:37 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 13:01 - 2015-05-30 10:37 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-11 11:49 - 2015-08-11 11:49 - 00103215 _____ C:\Users\vineet\Downloads\Typical Floor Plan.dwg
2015-08-11 06:13 - 2015-08-11 06:13 - 00000000 ____D C:\Users\vineet\AppData\Local\NetworkTiles
2015-08-11 00:13 - 2015-08-12 12:44 - 00002348 _____ C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-11 00:13 - 2015-08-12 12:44 - 00000000 ___RD C:\Users\vineet\OneDrive
2015-08-11 00:12 - 2015-08-11 00:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-11 00:10 - 2015-08-11 00:10 - 00000000 ____D C:\Users\vineet\AppData\Local\Publishers
2015-08-11 00:09 - 2015-08-14 11:46 - 00000000 ____D C:\Users\vineet\AppData\Local\Comms
2015-08-11 00:09 - 2015-08-11 00:09 - 00000020 ___SH C:\Users\vineet\ntuser.ini
2015-08-11 00:09 - 2015-08-11 00:09 - 00000000 ____D C:\Users\vineet\AppData\Local\TileDataLayer
2015-08-11 00:04 - 2015-08-11 00:04 - 00000000 __SHD C:\Recovery
2015-08-11 00:02 - 2015-08-24 14:43 - 00887678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-11 00:02 - 2015-08-11 00:02 - 00023356 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-10 23:51 - 2015-08-10 23:51 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-10 23:51 - 2015-08-10 23:51 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-08-10 23:51 - 2015-08-10 23:51 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-08-10 23:45 - 2015-08-10 23:53 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-10 23:43 - 2015-08-23 19:24 - 00000000 ____D C:\Users\vineet
2015-08-10 23:43 - 2015-08-11 00:09 - 00000000 ___RD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 __RSD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-10 23:41 - 2015-07-10 16:29 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-10 23:40 - 2015-08-10 23:40 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____D C:\Program Files\Synaptics
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____D C:\Program Files\Realtek
2015-08-10 23:38 - 2015-08-24 14:38 - 00009272 _____ C:\WINDOWS\PFRO.log
2015-08-10 23:38 - 2015-08-10 23:39 - 00036241 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-10 23:21 - 2015-08-11 00:04 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-08-10 23:21 - 2015-08-11 00:04 - 00009528 _____ C:\WINDOWS\diagerr.xml
2015-08-10 23:21 - 2015-08-11 00:03 - 00006551 _____ C:\WINDOWS\comsetup.log
2015-08-10 14:15 - 2015-08-10 14:15 - 00122856 _____ C:\Users\vineet\Downloads\Our Bedroom_17.dwg
2015-08-08 10:59 - 2015-08-08 10:59 - 00016329 _____ C:\Users\vineet\Downloads\ExtrudeTapered.gh
2015-08-08 10:46 - 2015-08-08 10:46 - 00019141 _____ C:\Users\vineet\Downloads\FilletPolyline.gh
2015-08-07 19:38 - 2015-08-08 02:03 - 00154961 _____ C:\Users\vineet\Downloads\Staircase.ghx
2015-08-07 19:37 - 2015-08-07 19:37 - 00041094 _____ C:\Users\vineet\Downloads\ParabolaPlanePoint_PSG.gh
2015-08-07 19:35 - 2015-08-07 19:35 - 00143376 _____ C:\Users\vineet\Downloads\parabola.ghx
2015-08-07 19:01 - 2015-08-11 00:02 - 00003354 _____ C:\WINDOWS\System32\Tasks\Pokki
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-24 22:50 - 2014-11-28 10:29 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3.job
2015-08-24 22:46 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-24 22:34 - 2014-11-06 23:57 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 21:40 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-24 21:12 - 2014-11-06 07:27 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AB3C39AC-1E49-4DF1-B6F9-391C1D055603}
2015-08-24 20:42 - 2014-10-31 16:16 - 00000000 ____D C:\Users\vineet\AppData\Local\Pokki
2015-08-24 19:50 - 2014-11-06 23:57 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 19:34 - 2014-12-16 08:52 - 00000000 ____D C:\Users\vineet\AppData\Local\Akamai
2015-08-24 14:39 - 2015-07-10 17:52 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-24 14:39 - 2014-10-31 16:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-24 14:38 - 2015-07-10 17:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-24 14:38 - 2015-07-10 17:50 - 04941736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-24 14:38 - 2014-10-07 15:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-24 14:33 - 2015-07-10 14:35 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-24 14:29 - 2014-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-24 14:28 - 2014-11-06 07:27 - 00000000 __SHD C:\Users\vineet\AppData\Local\EmieUserList
2015-08-24 14:28 - 2014-11-06 07:27 - 00000000 __SHD C:\Users\vineet\AppData\Local\EmieSiteList
2015-08-24 14:24 - 2015-07-10 16:34 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-24 14:22 - 2014-10-07 15:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-08-24 14:18 - 2014-11-07 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-24 14:14 - 2015-02-03 00:14 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Nitro PDF
2015-08-24 13:08 - 2014-11-11 15:36 - 00000000 ____D C:\Users\vineet\AppData\Local\cache
2015-08-24 13:03 - 2014-11-11 15:01 - 00000000 ____D C:\Users\vineet\AppData\Local\Autodesk
2015-08-24 13:03 - 2014-11-11 14:53 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Autodesk
2015-08-24 13:03 - 2014-11-11 14:53 - 00000000 ____D C:\ProgramData\Autodesk
2015-08-24 12:28 - 2014-11-11 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-08-24 12:28 - 2014-11-11 15:01 - 00000000 ____D C:\Program Files\Autodesk
2015-08-24 12:26 - 2014-11-11 15:01 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-08-24 12:20 - 2014-11-11 14:58 - 00000000 ____D C:\Program Files (x86)\Autodesk
2015-08-24 12:17 - 2014-11-11 14:57 - 00011750 _____ C:\WINDOWS\DirectX.log
2015-08-24 12:08 - 2014-11-11 14:46 - 00000000 ____D C:\Autodesk
2015-08-24 03:49 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\rescache
2015-08-24 02:14 - 2014-11-11 15:42 - 00000000 ____D C:\Users\vineet\AppData\Local\Adobe
2015-08-23 18:43 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-22 10:57 - 2015-07-10 14:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-22 10:57 - 2015-07-10 14:35 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-21 17:01 - 2015-07-10 17:50 - 00026712 _____ C:\WINDOWS\setupact.log
2015-08-19 18:45 - 2015-07-10 16:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-16 09:21 - 2014-11-11 15:49 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-14 23:42 - 2014-10-07 14:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-14 23:41 - 2014-10-07 15:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-14 23:40 - 2014-10-07 14:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-14 23:29 - 2014-10-07 14:55 - 00000000 ___HD C:\Intel
2015-08-14 23:29 - 2014-10-07 14:41 - 00041866 _____ C:\WINDOWS\DPINST.LOG
2015-08-14 11:45 - 2014-10-31 16:17 - 00000000 ____D C:\Users\vineet\AppData\Local\Packages
2015-08-14 10:04 - 2014-11-11 15:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 10:02 - 2014-11-11 15:17 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-14 09:59 - 2014-10-07 14:56 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-14 09:59 - 2014-10-07 14:56 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-14 09:58 - 2014-07-26 13:24 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-08-14 09:58 - 2014-07-26 13:24 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-08-14 09:58 - 2014-07-26 13:24 - 00613576 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-08-14 09:58 - 2014-07-26 13:24 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-08-14 09:58 - 2014-07-26 13:24 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-08-14 09:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-13 10:54 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-12 12:45 - 2014-10-07 15:02 - 05060864 _____ (Realtek semiconductor) C:\WINDOWS\RTFTrack.exe
2015-08-12 12:45 - 2014-10-07 15:02 - 03068160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2015-08-12 12:45 - 2014-10-07 15:02 - 00557824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamX64.dll
2015-08-11 21:48 - 2014-10-07 15:50 - 00000000 ____D C:\ProgramData\LU
2015-08-11 13:07 - 2015-07-10 16:34 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-11 05:10 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-11 00:10 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-11 00:10 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-11 00:07 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-11 00:03 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\Registration
2015-08-11 00:02 - 2014-11-28 10:29 - 00004008 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3
2015-08-11 00:02 - 2014-11-11 15:50 - 00003616 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Lenovo-PC-vineet
2015-08-11 00:02 - 2014-11-06 23:57 - 00004008 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-11 00:02 - 2014-11-06 23:57 - 00003772 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-11 00:02 - 2014-10-31 16:50 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2630856962-2882739809-239791393-1001
2015-08-11 00:02 - 2014-10-07 15:11 - 00003382 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-08-11 00:02 - 2014-10-07 15:07 - 00003100 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-08-11 00:02 - 2014-10-07 14:55 - 00004046 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-08-11 00:02 - 2014-10-07 14:55 - 00003800 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-08-10 23:59 - 2015-07-10 16:34 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-10 23:53 - 2015-07-10 14:35 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-10 23:53 - 2015-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoSketcher
2015-08-10 23:53 - 2014-12-20 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-10 23:53 - 2014-12-17 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Podium
2015-08-10 23:53 - 2014-12-17 03:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 6
2015-08-10 23:53 - 2014-11-13 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
2015-08-10 23:53 - 2014-11-12 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2015-08-10 23:53 - 2014-11-11 15:14 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-10 23:53 - 2014-11-11 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-10 23:53 - 2014-10-07 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2015-08-10 23:53 - 2014-10-07 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Reach
2015-08-10 23:53 - 2014-10-07 15:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2015-08-10 23:53 - 2014-10-07 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-10 23:53 - 2014-10-07 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-08-10 23:53 - 2014-10-07 15:11 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-08-10 23:53 - 2014-10-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-10 23:51 - 2015-07-10 16:35 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-10 23:51 - 2015-07-10 14:35 - 00000000 __RHD C:\Users\Default
2015-08-10 23:51 - 2013-08-22 19:06 - 00000000 ____D C:\Users\Default.migrated
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-08-10 23:47 - 2014-10-07 15:02 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-10 23:47 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-10 23:47 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-10 23:46 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-08-10 23:46 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-08-10 23:46 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\Help
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-10 23:45 - 2015-06-20 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-10 23:45 - 2014-11-14 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tata Photon+
2015-08-10 23:45 - 2014-10-07 15:39 - 00000000 ____D C:\Program Files\Lenovo
2015-08-10 23:45 - 2014-10-07 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2015-08-10 23:45 - 2014-10-07 15:35 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-10 23:45 - 2014-10-07 15:35 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-10 23:45 - 2014-10-07 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-08-10 23:45 - 2014-10-07 14:53 - 00000000 ____D C:\Program Files\Intel
2015-08-10 23:45 - 2014-10-07 14:52 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-10 23:45 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-10 23:44 - 2014-12-02 12:08 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-10 23:42 - 2015-07-10 14:35 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-10 23:24 - 2014-10-07 15:39 - 00004608 _____ C:\WINDOWS\system32\VfService.trf
2015-08-10 23:24 - 2014-10-07 14:41 - 01999386 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-10 23:21 - 2015-07-10 19:09 - 00000000 ___HD C:\$Windows.~BT
2015-08-10 12:23 - 2014-10-07 15:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-08-08 02:05 - 2013-08-22 21:06 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-08 02:04 - 2014-11-06 22:48 - 00002285 _____ C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-08-08 02:03 - 2014-11-13 00:12 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Grasshopper
2015-08-06 14:33 - 2014-10-07 15:46 - 00000000 ____D C:\ProgramData\Energy Manager
==================== Files in the root of some directories =======
2015-06-22 12:14 - 2015-06-22 12:14 - 0000259 _____ () C:\Users\vineet\AppData\Roaming\FotoSketcher.ini
2015-04-19 17:50 - 2015-04-19 17:50 - 0005872 _____ () C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA
2015-04-20 19:35 - 2015-04-20 19:35 - 1579520 _____ () C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe
2015-08-10 23:40 - 2015-08-10 23:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-11 15:02 - 2014-11-11 15:02 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\vineet\AppData\Local\Temp\1856.exe
C:\Users\vineet\AppData\Local\Temp\3f60e5a7-072a-430e-a247-b6348d144451.dll
C:\Users\vineet\AppData\Local\Temp\AcDeltree.exe
C:\Users\vineet\AppData\Local\Temp\amt_oursurfing.exe
C:\Users\vineet\AppData\Local\Temp\ba4eca8a-e1fa-4ad6-ab18-219f2d0b973f.dll
C:\Users\vineet\AppData\Local\Temp\beeadjgbca.exe
C:\Users\vineet\AppData\Local\Temp\f0db64dc-06c7-41ce-8461-edefb3d5c834.dll
C:\Users\vineet\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\vineet\AppData\Local\Temp\newversion.exe
C:\Users\vineet\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\vineet\AppData\Local\Temp\tu17p84.exe
C:\Users\vineet\AppData\Local\Temp\UninstallModule.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-21 11:47
==================== End of log ============================
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-08-2015
Ran by vineet (2015-08-24 22:55:42)
Running from C:\Users\vineet\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2630856962-2882739809-239791393-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2630856962-2882739809-239791393-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2630856962-2882739809-239791393-503 - Limited - Disabled)
Guest (S-1-5-21-2630856962-2882739809-239791393-501 - Limited - Disabled)
vineet (S-1-5-21-2630856962-2882739809-239791393-1001 - Administrator - Enabled) => C:\Users\vineet
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Akamai NetSession Interface (HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DirectConnect 2012 64-bit (HKLM\...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk MatchMover 2012 64-bit (HKLM\...\{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Maya 2012 64-bit (HKLM\...\Autodesk Maya 2012 64-bit) (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk T-Splines Plug-in for Rhino version 3.4 r8555 (64) (HKLM\...\{FCB0FFA0-6EB0-4D4C-8B71-8390E31B0AC9}) (Version: 3.4.8555 - Autodesk)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
BitTorrent (HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DesktopSearch (HKLM-x32\...\DesktopSearch) (Version: 3.0.80 - Unique Solutions)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo)
Energy Manager (x32 Version: 1.5.0.18 - Lenovo) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FotoSketcher 3.00 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google SketchUp 6 (x32 Version: 6.0.515 - Google) Hidden
Google SketchUp 6 Exporters (x32 Version: 6.0.515 - Google) Hidden
Google SketchUp LayOut 6 (x32 Version: 1.0.617 - Google) Hidden
Google SketchUp Pro 6 (HKLM-x32\...\{12E75B98-8463-4C1F-8DDA-F6CF31566A55}) (Version: 6.0.00408 - Google)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Host App Service (HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Pokki) (Version: 0.269.7.738 - Pokki)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{B2913DAE-3EBC-4C88-8245-0AA34B2E461D}) (Version: 17.1.1450.0402 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.60.37 - ClientConnect LTD) <==== ATTENTION
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.32.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.7 - Stoneware, Inc.)
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo Updates (x32 Version: 1.3.0.6 - Lenovo) Hidden
Lenovo Web Start (HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (HKLM\...\{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}) (Version: 2.60.0216.1828 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Podium (HKLM-x32\...\Podium_is1) (Version: - Cadalog Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Rhinoceros 5 (64-bit) (HKLM\...\{D7B0FC7F-827E-4664-9DC8-32AD32C875A7}) (Version: 5.5.30717.16015 - Robert McNeel & Associates)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION
Start Menu (HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Pokki_Start_Menu) (Version: 0.269.7.738 - Pokki)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Tata Photon+ (HKLM-x32\...\Tata Photon+) (Version: 11.030.01.18.628 - Huawei Technologies Co.,Ltd)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
V-Ray for SketchUp 6 (HKLM-x32\...\{8D7BD6EE-C597-4375-B07F-A91FC78991C7}) (Version: 1.00.0000 - ASGvis, LLC)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
14-08-2015 09:57:52 Windows Update
18-08-2015 11:21:56 Windows Modules Installer
24-08-2015 12:16:18 Installed DirectX
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0AA2D2B2-647E-46C7-857D-45C34A411D53} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {0C45EB53-CDC5-4ED9-A34A-190573725B08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {32195FD2-0B75-4404-B7A5-525DD624023A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {397ADD70-D3E5-41BC-9D16-6A2559D6B5C5} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe
Task: {3F4CC402-8F65-4F04-B427-60A6BFA07A02} - System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {49DF82F1-12EB-4324-A30A-0F32AF1C31A2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {51705565-8779-4B6D-94C4-83E2FCFE8314} - System32\Tasks\AmiUpdXp => C:\Users\vineet\AppData\Local\14877\Updater.exe [2015-08-24] () <==== ATTENTION
Task: {63539134-473C-44BF-8C5A-F5B9E26A2043} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {6A7B9FA9-1E31-48A4-9F71-763E09F1BC47} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {75E6AA35-8387-4415-9B33-F621599986FE} - System32\Tasks\yRYXdCg1yVyJmA => C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe [2015-04-20] () <==== ATTENTION
Task: {762F1798-EBF1-4400-B3F7-27ADB0B9E8AC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {87D1880A-5BC6-4A26-A262-5642510C28B9} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-11-21] ()
Task: {8B4B4C8F-5DF3-4A70-B6F5-3529CA5EF6FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {8C307AA8-4156-4B75-B431-911129BEB0DD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8C555ABE-A031-4A47-9BB4-70BC90250FA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {8CC5AB22-B687-44C4-9B9B-21BD00A0B100} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-15] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {B1DC49BC-CECF-4AED-9A70-0B3DE0E0CF61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B433CA6F-9151-423B-9B83-5EC11B9A60E9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B458698D-B3C2-4469-9318-9A19623378D6} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {B8032E26-0066-438F-B1BC-68C70D32FFFA} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-08-24] () <==== ATTENTION
Task: {BC65A603-0034-4926-8A34-5EFEE76D7ED1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C55AE608-299F-47D8-B313-DC14D81F60DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D9215A0B-7DDB-4449-80C2-4D0856D02F23} - System32\Tasks\AdobeAAMUpdater-1.0-Lenovo-PC-vineet => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {E09A056B-1464-406E-B6C7-7BA70ED18426} - System32\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {E72CB065-9368-4954-9770-C36460D2C816} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-14] (Synaptics Incorporated)
Task: {EB6E5588-DE2E-4FF9-983D-3A7A697C3DCC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-14] (Microsoft Corporation)
Task: {EDE6E884-7AE1-4CF7-BA1C-8F723D954537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EFB5E153-F6DB-46EC-BDB9-ECBCC3FE045D} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {F98385B2-7376-49D7-AE1F-D0DEE00BCDB8} - System32\Tasks\Ssiulaurxaf => C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe [2015-08-24] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\vineet\AppData\Local\14877\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job => C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-08-15 18:15 - 2015-07-15 07:34 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-10-07 15:00 - 2015-07-23 06:40 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 09:46 - 2015-08-11 14:44 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-15 18:16 - 2015-07-30 11:35 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2015-08-24 14:26 - 2015-08-24 14:26 - 00158208 _____ () C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe
2015-08-11 09:16 - 2015-08-11 09:21 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-08-11 09:16 - 2015-08-11 09:21 - 11284480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 18:47 - 2015-07-10 18:47 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-08-19 09:41 - 2015-08-19 09:42 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-08-19 09:41 - 2015-08-19 09:42 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-08-15 18:16 - 2015-07-30 11:35 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 16:29 - 2015-07-10 16:29 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-15 18:17 - 2015-08-03 06:41 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 16:30 - 2015-07-10 18:44 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 09:46 - 2015-08-11 14:28 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-15 18:16 - 2015-08-03 06:39 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-10-07 15:42 - 2014-10-07 15:42 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-10-07 15:09 - 2013-10-01 14:39 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-02-26 05:12 - 2014-02-26 05:12 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-02-26 05:12 - 2014-02-26 05:12 - 02689800 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2015-08-24 14:18 - 2015-05-12 16:31 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libglesv2.dll
2015-08-24 14:18 - 2015-05-12 16:31 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libegl.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00569856 _____ () C:\Users\vineet\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 01400846 _____ () C:\Users\vineet\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00151054 _____ () C:\Users\vineet\AppData\Local\Pokki\Engine\avutil-51.dll
2015-04-29 01:45 - 2015-04-29 01:45 - 00222734 _____ () C:\Users\vineet\AppData\Local\Pokki\Engine\avformat-54.dll
2015-08-24 10:38 - 2015-08-24 10:38 - 01333760 _____ () C:\Program Files\Common Files\ShopperPro\spbici32.dll
2015-08-22 15:36 - 2015-08-18 10:53 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 15:36 - 2015-08-18 10:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-22 15:36 - 2015-08-18 10:53 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll
2015-08-24 22:44 - 2015-08-24 22:44 - 00083208 _____ () C:\ProgramData\Browser\prompt.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vineet\Pictures\tiger.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{0B7AA4C2-F69A-4272-B5E1-CBEA69488F38}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{B75A3E90-93EA-4047-B621-7D27622A58C8}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{115A1174-399F-4696-A21C-371A66FCC9F3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{2A74758A-D319-46E8-AE59-34900FEDEE95}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3FCF6F6A-074E-408F-9857-A4E0381EB73A}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{01AC4AD3-106D-4832-B863-95544CCB30E7}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
FirewallRules: [{52D62C43-928C-46D7-B76E-2999A65EAEF7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{4F7FF01B-4089-40E3-8DFC-C44C4C779268}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{A68AADB8-9F3D-429A-8C1E-4976AB693D28}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{EFF0B4D4-0504-460D-A5FA-C9F3AA5E623E}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{BC3E6A1B-BD1B-4BCE-B182-9452EF0C7E91}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{F2CAE8D4-16F2-4BAB-AE95-2AAC1BD78A53}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{F9C93424-FBEE-43CD-BE00-F5C46E84099A}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{6DADD701-9163-464F-823C-1C5A07E0E109}] => (Allow) LPort=55100
FirewallRules: [{C95BA8CB-CF1B-4E24-AE7E-67C672BABE10}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{F068048E-3D8D-4136-AC64-E3F657A242CF}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{6C21B4E7-8A0A-4892-B521-253700CCC399}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{CE100554-E080-4653-A133-B680332D82A0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{151D283E-6910-479A-9BA4-382B350C70D6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{46864403-85EA-4B6C-9044-D9B171CB3C23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C7258F2-7A28-4DA0-938C-067773892A17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C369522D-969A-4BA5-840B-0D116FCA938E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3DC98A5A-7950-4A28-B595-4BBD1A741426}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EA7279F1-20EF-49F0-80CE-AD6B5D430ABF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{13060B78-C4A4-48DC-81DB-182CE102EA0B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A16F9E2E-92DE-439A-B27A-8D9781E3600C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EFBD6203-5BC7-423B-9D21-2E973CABE42D}] => (Allow) C:\Users\vineet\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{00AE8EC9-28D3-49D0-9EB3-2B63E962AD34}] => (Allow) C:\Users\vineet\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5B065429-D6C0-410F-813E-6C13A783DE08}] => (Allow) C:\Users\vineet\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{5FAA4BC8-4E93-4008-B7ED-2318E66855C3}] => (Allow) C:\Users\vineet\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{36FB3B97-C9D7-4DEC-BF6B-C095CABDFAD4}] => (Allow) C:\Users\vineet\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BB99DBA3-66E2-47A0-99B0-E329F977FC4D}] => (Allow) C:\Users\vineet\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C33C552F-B119-4DD5-BA39-B4DE9A2B9440}] => (Allow) LPort=50248
FirewallRules: [{D49CCE38-D3F7-4FF3-AAF1-9B0E1E82436F}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{844F16CB-1A7A-4E4B-B287-40B4C550179C}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/24/2015 10:57:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Activation of app E046963F.LenovoCompanion_k1h2ywk1493x8!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/24/2015 10:57:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f3b40
Faulting module name: Lenovo.Discovery.dll, version: 1.0.0.0, time stamp: 0x55cbd740
Exception code: 0x0003cac8
Fault offset: 0x00fb5720
Faulting process id: 0x13b4
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
Error: (08/24/2015 10:51:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Activation of app E046963F.LenovoCompanion_k1h2ywk1493x8!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/24/2015 10:51:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f3b40
Faulting module name: Lenovo.Discovery.dll, version: 1.0.0.0, time stamp: 0x55cbd740
Exception code: 0x0003cac8
Fault offset: 0x00fb5720
Faulting process id: 0x3c8
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
Error: (08/24/2015 10:47:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Activation of app E046963F.LenovoCompanion_k1h2ywk1493x8!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/24/2015 10:47:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f3b40
Faulting module name: Lenovo.Discovery.dll, version: 1.0.0.0, time stamp: 0x55cbd740
Exception code: 0x0003cac8
Fault offset: 0x00fb5720
Faulting process id: 0xc20
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
Error: (08/24/2015 10:47:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Activation of app E046963F.LenovoCompanion_k1h2ywk1493x8!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/24/2015 10:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f3b40
Faulting module name: Lenovo.Discovery.dll, version: 1.0.0.0, time stamp: 0x55cbd740
Exception code: 0x0003cac8
Fault offset: 0x00fb5720
Faulting process id: 0x9c8
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
Error: (08/24/2015 10:47:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: Activation of app E046963F.LenovoCompanion_k1h2ywk1493x8!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (08/24/2015 10:47:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.10240.16384, time stamp: 0x559f3b40
Faulting module name: Lenovo.Discovery.dll, version: 1.0.0.0, time stamp: 0x55cbd740
Exception code: 0x0003cac8
Fault offset: 0x00fb5720
Faulting process id: 0x22e0
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
System errors:
=============
Error: (08/24/2015 10:44:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ShopperPro Update service terminated unexpectedly. It has done this 1 time(s).
Error: (08/24/2015 09:39:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 8 0x0 0x0
Error: (08/24/2015 09:39:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 4 0x0 0x0
Error: (08/24/2015 09:39:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 1 0xc 0x6
Error: (08/24/2015 02:49:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel® Content Protection HECI Service service terminated with the following error:
%%2147942406
Error: (08/24/2015 02:42:20 PM) (Source: DCOM) (EventID: 10016) (User: Lenovo-PC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Lenovo-PCvineetS-1-5-21-2630856962-2882739809-239791393-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157
Error: (08/24/2015 02:42:16 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (08/24/2015 02:39:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Avira Service Host service terminated unexpectedly. It has done this 3 time(s).
Error: (08/24/2015 02:39:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/24/2015 02:39:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Microsoft Office:
=========================
Error: (08/24/2015 10:57:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2147023170
Error: (08/24/2015 10:57:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe10.0.10240.16384559f3b40Lenovo.Discovery.dll1.0.0.055cbd7400003cac800fb572013b401d0de922811883dC:\WINDOWS\syswow64\backgroundTaskHost.exeC:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8\Lenovo.Discovery.dllb44a3eb8-f753-48ba-bc22-655d74d00427E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8App
Error: (08/24/2015 10:51:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2147023170
Error: (08/24/2015 10:51:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe10.0.10240.16384559f3b40Lenovo.Discovery.dll1.0.0.055cbd7400003cac800fb57203c801d0de9142f3ad2eC:\WINDOWS\syswow64\backgroundTaskHost.exeC:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8\Lenovo.Discovery.dll89aeb37a-a67d-425d-a35b-0b582fcf1972E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8App
Error: (08/24/2015 10:47:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2147023170
Error: (08/24/2015 10:47:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe10.0.10240.16384559f3b40Lenovo.Discovery.dll1.0.0.055cbd7400003cac800fb5720c2001d0de90d207acdbC:\WINDOWS\syswow64\backgroundTaskHost.exeC:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8\Lenovo.Discovery.dll11d36158-af48-4399-a380-a26250271160E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8App
Error: (08/24/2015 10:47:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2147023170
Error: (08/24/2015 10:47:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe10.0.10240.16384559f3b40Lenovo.Discovery.dll1.0.0.055cbd7400003cac800fb57209c801d0de90cb00a510C:\WINDOWS\syswow64\backgroundTaskHost.exeC:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8\Lenovo.Discovery.dll0064f391-f3c0-4c52-8285-86bbc3c01036E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8App
Error: (08/24/2015 10:47:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lenovo-PC)
Description: E046963F.LenovoCompanion_k1h2ywk1493x8!App-2147023170
Error: (08/24/2015 10:47:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe10.0.10240.16384559f3b40Lenovo.Discovery.dll1.0.0.055cbd7400003cac800fb572022e001d0de90b520e227C:\WINDOWS\syswow64\backgroundTaskHost.exeC:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8\Lenovo.Discovery.dlla7d9d84a-2eb1-490c-bad8-381d344d6087E046963F.LenovoCompanion_3.0.20.0_x86__k1h2ywk1493x8App
CodeIntegrity:
===================================
Date: 2015-08-24 02:50:57.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-23 19:19:28.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-22 11:18:49.121
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 23%
Total physical RAM: 16296.27 MB
Available physical RAM: 12385.58 MB
Total Virtual: 18728.27 MB
Available Virtual: 13136.38 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:889 GB) (Free:789.84 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.18 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3D4C24C2)
Partition: GPT.
==================== End of log ============================
#19
Posted 25 August 2015 - 07:47 AM
Nevan
-
- Malware Removal
-
- 1,765 posts
Trusted Helper
Hello again, achint.
Let's take care of everything visible, but first...
P2P Warning
I've noticed that you have or have had a P2P (Peer-to-Peer) file sharing program on your machine:
Some of things to keep in mind when using P2P programs:
If you choose not to remove them, please refrain from using them until we are done on cleaning your computer.
I've noticed that you have Pokki Start Menu installed. Have you done it on purpose or is it something you don't want to have on your system?
Step #1
Uninstalling programs
Go to Start Menu>Control Panel>Programs>Uninstall a program (or Control Panel>Programs and Features if using icon view) and remove the following programs:
Step #2
FRST Fix
Things that should appear in your next post:
Let's take care of everything visible, but first...
P2P Warning
I've noticed that you have or have had a P2P (Peer-to-Peer) file sharing program on your machine:
- BitTorrent
Some of things to keep in mind when using P2P programs:
- Your computer is more likely to get infected with malware, which will result in coming back to our or other forums for help.
- You may have your important data stolen, including passwords, photos or personal information.
- You help to share pirated material, which may result in arrest, fines, or even jail time for illegal downloads of copyrighted material.
If you choose not to remove them, please refrain from using them until we are done on cleaning your computer.
I've noticed that you have Pokki Start Menu installed. Have you done it on purpose or is it something you don't want to have on your system?
Step #1
Uninstalling programsGo to Start Menu>Control Panel>Programs>Uninstall a program (or Control Panel>Programs and Features if using icon view) and remove the following programs:
- Crossbrowse
- DesktopSearch
- Lenovo Browser Guard
- Software Version Updater
Step #2
FRST Fix- Download attached fixlist.txt file to your desktop.
fixlist.txt 8.31KB
219 downloads
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system - Right click FRST64.exe on your desktop and click Run as administrator.
- Press the Fix button just once and wait.
NOTE: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work. - If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished, FRST will generate a log on the desktop (Fixlog.txt). Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Things that should appear in your next post:- Answer to my question about Pokki
- Please tell me if you have successfully uninstalled all the programs I've asked you to remove
- Fixlist.txt log content
- Do you notice any other problems with your computer at the moment?
#20
Posted 25 August 2015 - 12:40 PM
achint
- Topic Starter
-
- Member
-
- 12 posts
Member
Hey,
Thank you again for your assistance with this issue.
I have followed your instructions and below is my response to the points you raised.
- Answer to my question about Pokki. I have no idea where it came from. I assumed it was part of my recent upgrade to windows 10. I did not see the name of any publisher on the Control Panel>Programs and features section so I have uninstalled it.
- Please tell me if you have successfully uninstalled all the programs I've asked you to remove. I have uninstalled all the programs you pointed out.
- Fixlist.txt log content
Fix result of Farbar Recovery Scan Tool (x64) Version:25-08-2015
Ran by vineet (2015-08-25 23:49:51) Run:1
Running from C:\Users\vineet\Desktop
Loaded Profiles: vineet (Available Profiles: vineet)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
(Unique Solutions) C:\ProgramData\ZRPkKEesI\yXjrmwrcMEW.exe
() C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
() C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)
R2 yXjrmwrcMEW; C:\ProgramData\ZRPkKEesI\yXjrmwrcMEW.exe [2731488 2015-08-24] (Unique Solutions)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41632 2015-08-24] ()
2015-08-24 14:32 - 2015-08-24 14:41 - 00000370 _____ C:\WINDOWS\Tasks\AmiUpdXp.job
2015-08-24 14:32 - 2015-08-24 14:32 - 00003440 _____ C:\WINDOWS\System32\Tasks\AmiUpdXp
2015-08-24 14:32 - 2015-08-24 14:32 - 00000000 ____D C:\Users\vineet\AppData\Local\14877
2015-08-24 14:31 - 2015-08-24 14:31 - 00002537 _____ C:\Users\vineet\Desktop\Reimage2.lnk
2015-08-24 14:30 - 2015-08-24 22:34 - 00000000 ____D C:\Users\vineet\AppData\Local\DesktopSearch
2015-08-24 14:30 - 2015-08-24 14:30 - 00000000 ____D C:\DesktopSearch
2015-08-24 14:26 - 2015-08-24 22:44 - 00003542 _____ C:\WINDOWS\System32\Tasks\Ssiulaurxaf
2015-08-24 14:26 - 2015-08-24 14:26 - 00000000 ____D C:\ProgramData\Ssiulaurxaf
2015-08-24 14:21 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Search
2015-08-24 14:20 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\ZRPkKEesI
2015-08-24 14:20 - 2015-08-24 14:21 - 00000000 ____D C:\ProgramData\DesktopSearch
2015-08-24 14:18 - 2015-08-24 20:18 - 00001078 _____ C:\WINDOWS\Tasks\Crossbrowse.job
2015-08-24 14:18 - 2015-08-24 14:18 - 00004198 _____ C:\WINDOWS\System32\Tasks\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00001264 _____ C:\Users\vineet\Desktop\Continue Max Driver Updater Uninstaller.lnk
2015-08-24 14:18 - 2015-08-24 14:18 - 00000008 _____ C:\END
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\Users\vineet\AppData\Local\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
2015-08-24 14:16 - 2015-08-24 14:39 - 00001024 _____ C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job
2015-08-24 14:16 - 2015-08-24 14:16 - 00004158 _____ C:\WINDOWS\System32\Tasks\yRYXdCg1yVyJmA
2015-08-24 14:14 - 2015-08-24 20:19 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-24 14:14 - 2015-08-24 14:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-24 14:14 - 2015-08-24 14:14 - 00000000 ____D C:\Users\vineet\AppData\Local\globalUpdate
2015-08-24 14:13 - 2015-08-24 22:44 - 00000000 ____D C:\Program Files\Common Files\ShopperPro
2015-08-24 14:13 - 2015-08-24 14:18 - 00000000 ____D C:\Program Files (x86)\MaxDrivrUpdater
2015-08-24 14:13 - 2015-08-24 14:15 - 00000000 ____D C:\Users\vineet\AppData\Local\BrowserHelper
2015-08-24 14:13 - 2015-08-24 14:13 - 00004412 _____ C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841
2015-08-24 14:13 - 2015-08-24 14:13 - 00000000 ____D C:\Users\Public\Documents\ShopperPro
2015-08-24 14:13 - 2015-08-24 14:13 - 00000000 ____D C:\ProgramData\ShopperPro
2015-08-24 14:12 - 2015-08-24 14:13 - 00000000 ____D C:\Program Files (x86)\ShopperPro
2015-08-24 14:12 - 2015-08-24 14:12 - 00003680 _____ C:\WINDOWS\System32\Tasks\ShopperProJSUpd
2015-08-24 14:28 - 2014-11-06 07:27 - 00000000 __SHD C:\Users\vineet\AppData\Local\EmieUserList
2015-08-24 14:28 - 2014-11-06 07:27 - 00000000 __SHD C:\Users\vineet\AppData\Local\EmieSiteList
2015-04-19 17:50 - 2015-04-19 17:50 - 0005872 _____ () C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA
2015-04-20 19:35 - 2015-04-20 19:35 - 1579520 _____ () C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION
DesktopSearch (HKLM-x32\...\DesktopSearch) (Version: 3.0.80 - Unique Solutions)
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.60.37 - ClientConnect LTD) <==== ATTENTION
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION
Task: {0C45EB53-CDC5-4ED9-A34A-190573725B08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {32195FD2-0B75-4404-B7A5-525DD624023A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3F4CC402-8F65-4F04-B427-60A6BFA07A02} - System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {49DF82F1-12EB-4324-A30A-0F32AF1C31A2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {51705565-8779-4B6D-94C4-83E2FCFE8314} - System32\Tasks\AmiUpdXp => C:\Users\vineet\AppData\Local\14877\Updater.exe [2015-08-24] () <==== ATTENTION
Task: {6A7B9FA9-1E31-48A4-9F71-763E09F1BC47} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {75E6AA35-8387-4415-9B33-F621599986FE} - System32\Tasks\yRYXdCg1yVyJmA => C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe [2015-04-20] () <==== ATTENTION
Task: {8C307AA8-4156-4B75-B431-911129BEB0DD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8CC5AB22-B687-44C4-9B9B-21BD00A0B100} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B1DC49BC-CECF-4AED-9A70-0B3DE0E0CF61} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B433CA6F-9151-423B-9B83-5EC11B9A60E9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B8032E26-0066-438F-B1BC-68C70D32FFFA} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [2015-08-24] () <==== ATTENTION
Task: {BC65A603-0034-4926-8A34-5EFEE76D7ED1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C55AE608-299F-47D8-B313-DC14D81F60DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EDE6E884-7AE1-4CF7-BA1C-8F723D954537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EFB5E153-F6DB-46EC-BDB9-ECBCC3FE045D} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {F98385B2-7376-49D7-AE1F-D0DEE00BCDB8} - System32\Tasks\Ssiulaurxaf => C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe [2015-08-24] ()
Task: C:\WINDOWS\Tasks\AmiUpdXp.job => C:\Users\vineet\AppData\Local\14877\Updater.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job => C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe <==== ATTENTION
2015-08-24 22:44 - 2015-08-24 22:44 - 00083208 _____ () C:\ProgramData\Browser\prompt.exe
FirewallRules: [{D49CCE38-D3F7-4FF3-AAF1-9B0E1E82436F}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe
FirewallRules: [{844F16CB-1A7A-4E4B-B287-40B4C550179C}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
*****************
Processes closed successfully.
Restore point was successfully created.
C:\ProgramData\ZRPkKEesI\yXjrmwrcMEW.exe => No running process found
C:\Program Files\Common Files\ShopperPro\spbiu.exe => No running process found
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe => No running process found
C:\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Windows\CurrentVersion\Run\\YTDownloader => value removed successfully
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe not found.
yXjrmwrcMEW => service not found.
SPBIUpdd => service removed successfully
"C:\WINDOWS\Tasks\AmiUpdXp.job" => File/Folder not found.
"C:\WINDOWS\System32\Tasks\AmiUpdXp" => File/Folder not found.
"C:\Users\vineet\AppData\Local\14877" => File/Folder not found.
"C:\Users\vineet\Desktop\Reimage2.lnk" => File/Folder not found.
"C:\Users\vineet\AppData\Local\DesktopSearch" => File/Folder not found.
C:\DesktopSearch => moved successfully
C:\WINDOWS\System32\Tasks\Ssiulaurxaf => moved successfully
C:\ProgramData\Ssiulaurxaf => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Search" => File/Folder not found.
"C:\ProgramData\ZRPkKEesI" => File/Folder not found.
"C:\ProgramData\DesktopSearch" => File/Folder not found.
"C:\WINDOWS\Tasks\Crossbrowse.job" => File/Folder not found.
"C:\WINDOWS\System32\Tasks\Crossbrowse" => File/Folder not found.
"C:\Users\vineet\Desktop\Continue Max Driver Updater Uninstaller.lnk" => File/Folder not found.
C:\END => moved successfully
"C:\Users\vineet\AppData\Local\Crossbrowse" => File/Folder not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse" => File/Folder not found.
"C:\Program Files (x86)\Crossbrowse" => File/Folder not found.
C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job => moved successfully
C:\WINDOWS\System32\Tasks\yRYXdCg1yVyJmA => moved successfully
C:\Program Files (x86)\globalUpdate => moved successfully
C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully
C:\Users\vineet\AppData\Local\globalUpdate => moved successfully
C:\Program Files\Common Files\ShopperPro => moved successfully
C:\Program Files (x86)\MaxDrivrUpdater => moved successfully
C:\Users\vineet\AppData\Local\BrowserHelper => moved successfully
C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841 => moved successfully
C:\Users\Public\Documents\ShopperPro => moved successfully
C:\ProgramData\ShopperPro => moved successfully
C:\Program Files (x86)\ShopperPro => moved successfully
C:\WINDOWS\System32\Tasks\ShopperProJSUpd => moved successfully
C:\Users\vineet\AppData\Local\EmieUserList => moved successfully
C:\Users\vineet\AppData\Local\EmieSiteList => moved successfully
C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA => moved successfully
C:\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe => moved successfully
Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION => Error: No automatic fix found for this entry.
DesktopSearch (HKLM-x32\...\DesktopSearch) (Version: 3.0.80 - Unique Solutions) => Error: No automatic fix found for this entry.
Lenovo Browser Guard (HKLM-x32\...\LenovoBrowserGuard) (Version: 2.16.60.37 - ClientConnect LTD) <==== ATTENTION => Error: No automatic fix found for this entry.
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C45EB53-CDC5-4ED9-A34A-190573725B08}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C45EB53-CDC5-4ED9-A34A-190573725B08}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32195FD2-0B75-4404-B7A5-525DD624023A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32195FD2-0B75-4404-B7A5-525DD624023A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F4CC402-8F65-4F04-B427-60A6BFA07A02}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F4CC402-8F65-4F04-B427-60A6BFA07A02}" => key removed successfully
C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841 not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313535333139343236322d50372d5a456c37325a347841" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49DF82F1-12EB-4324-A30A-0F32AF1C31A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49DF82F1-12EB-4324-A30A-0F32AF1C31A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51705565-8779-4B6D-94C4-83E2FCFE8314} => key not found.
C:\WINDOWS\System32\Tasks\AmiUpdXp not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A7B9FA9-1E31-48A4-9F71-763E09F1BC47}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A7B9FA9-1E31-48A4-9F71-763E09F1BC47}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75E6AA35-8387-4415-9B33-F621599986FE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75E6AA35-8387-4415-9B33-F621599986FE}" => key removed successfully
C:\WINDOWS\System32\Tasks\yRYXdCg1yVyJmA not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\yRYXdCg1yVyJmA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C307AA8-4156-4B75-B431-911129BEB0DD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C307AA8-4156-4B75-B431-911129BEB0DD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CC5AB22-B687-44C4-9B9B-21BD00A0B100}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CC5AB22-B687-44C4-9B9B-21BD00A0B100}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1DC49BC-CECF-4AED-9A70-0B3DE0E0CF61}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1DC49BC-CECF-4AED-9A70-0B3DE0E0CF61}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B433CA6F-9151-423B-9B83-5EC11B9A60E9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B433CA6F-9151-423B-9B83-5EC11B9A60E9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8032E26-0066-438F-B1BC-68C70D32FFFA} => key not found.
C:\WINDOWS\System32\Tasks\Crossbrowse not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC65A603-0034-4926-8A34-5EFEE76D7ED1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC65A603-0034-4926-8A34-5EFEE76D7ED1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C55AE608-299F-47D8-B313-DC14D81F60DE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C55AE608-299F-47D8-B313-DC14D81F60DE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDE6E884-7AE1-4CF7-BA1C-8F723D954537}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDE6E884-7AE1-4CF7-BA1C-8F723D954537}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EFB5E153-F6DB-46EC-BDB9-ECBCC3FE045D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFB5E153-F6DB-46EC-BDB9-ECBCC3FE045D}" => key removed successfully
C:\WINDOWS\System32\Tasks\ShopperProJSUpd not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F98385B2-7376-49D7-AE1F-D0DEE00BCDB8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F98385B2-7376-49D7-AE1F-D0DEE00BCDB8}" => key removed successfully
C:\WINDOWS\System32\Tasks\Ssiulaurxaf not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ssiulaurxaf" => key removed successfully
C:\WINDOWS\Tasks\AmiUpdXp.job not found.
C:\WINDOWS\Tasks\Crossbrowse.job not found.
C:\WINDOWS\Tasks\yRYXdCg1yVyJmA.job not found.
C:\ProgramData\Browser\prompt.exe => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D49CCE38-D3F7-4FF3-AAF1-9B0E1E82436F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{844F16CB-1A7A-4E4B-B287-40B4C550179C} => value not found.
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to cancel {E3C64379-E63E-43D5-B3BA-AE82AB19275F}.
Unable to cancel {D31ADDC5-2609-4418-A203-18B07DCE8A43}.
Unable to cancel {93E2DAB5-1985-430E-8FB0-4455BBA51E2A}.
Unable to cancel {110EADEE-DEA6-4FBB-A030-B0E239B3325F}.
Unable to cancel {F153A9B4-BFC2-493D-AA2D-A050B167AA05}.
Unable to cancel {16A93D94-B152-4989-AD3C-FAC0F2B8E45B}.
Unable to cancel {AFA4595F-294B-4C72-B91D-947A42A19B42}.
Unable to cancel {57A9E33B-F6D0-4DDC-BFBA-FDB8934A30EC}.
Unable to cancel {6CFBB496-8413-4660-AD01-4C9314284572}.
Unable to cancel {89F605F4-4828-43D4-89F8-6E30A5A99360}.
Unable to cancel {57B7F2A3-CF3C-4600-8F86-82F7B018E98A}.
Unable to cancel {44D18A9E-E753-4FAE-9C7C-659A18FD4B60}.
Unable to cancel {B7317503-F5A1-4EA3-8DD3-554265754BC5}.
Unable to cancel {036FD9B4-B682-4822-B4D2-71582FB478B2}.
{0D26606D-3093-4DBD-93CB-F209F7FC4FAD} canceled.
{1805F5E7-D8A3-4FC6-B041-0490CBD23117} canceled.
{8F6BF1CE-3FC3-4C42-B66E-8ADE8633DD00} canceled.
3 out of 17 jobs canceled.
========= End of CMD: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state on =========
Ok.
========= End of CMD: =========
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F =========
ERROR: The system was unable to find the specified registry key or value.
========= End of Reg: =========
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F =========
The operation completed successfully.
========= End of Reg: =========
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
ERROR: The system was unable to find the specified registry key or value.
========= End of Reg: =========
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
The operation completed successfully.
========= End of Reg: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Ok.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
========= netsh winsock reset catalog =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
========= netsh int ip reset c:\resetlog.txt =========
Resetting Global, OK!
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
========= ipconfig /release =========
Windows IP Configuration
No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Local Area Connection* 4 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Local Area Connection* 3:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Local Area Connection* 4:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::1c24:fd0c:1cfc:7ad4%2
Default Gateway . . . . . . . . . : fe80::1%2
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
========= End of CMD: =========
========= ipconfig /renew =========
Windows IP Configuration
No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 3 while it has its media disconnected.
No operation can be performed on Local Area Connection* 4 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Local Area Connection* 3:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Local Area Connection* 4:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::1c24:fd0c:1cfc:7ad4%2
IPv4 Address. . . . . . . . . . . : 192.168.1.35
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : fe80::1%2
192.168.1.1
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter isatap.{084A06EB-6985-49D5-8C85-96565E4AD3FD}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:81c:370d:c449:408d
Link-local IPv6 Address . . . . . : fe80::81c:370d:c449:408d%7
Default Gateway . . . . . . . . . : ::
========= End of CMD: =========
========= netsh int ipv4 reset =========
Resetting Interface, OK!
Resetting , failed.
Access is denied.
Restart the computer to complete this action.
========= End of CMD: =========
========= netsh int ipv6 reset =========
Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
========= End of CMD: =========
EmptyTemp: => 448.8 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 23:53:31 ====
- Do you notice any other problems with your computer at the moment? Sometimes my chrome opens unwanted links or redirects the link to another page. This doesn't happen everytime though.
Hope this helps in understanding the cause for this infection.
#21
Posted 25 August 2015 - 01:15 PM
Nevan
-
- Malware Removal
-
- 1,765 posts
Trusted Helper
Hello again, achint.
You say that you sometimes get redirected when using Chrome. Does that happen with other browsers as well?
Also, please perform the following instructions.
Step #1
Junkware Removal Tool
Step #2
AdwCleaner
Things that should appear in your next post:
You say that you sometimes get redirected when using Chrome. Does that happen with other browsers as well?
Also, please perform the following instructions.
Step #1
Junkware Removal Tool- Download Junkware Removal Tool to your Desktop
- Close any open windows
- Disable your Antivirus program (click here if you don't know how to do this)
- Double click JRT.exe on your desktop to run it
- Click any button to start the scan
- Wait for Junkware Removal Tool to finish the scan
- When the scan is finished, JRT.txt will be saved to your desktop and it will automatically open
- Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Step #2
AdwCleaner- Download AdwCleaner to your Desktop.
- Close any open windows
- Double click AdwCleaner.exe on your desktop to run it
- Click the
button - Wait for AdwCleaner to finish the scan
- When the scan is finished, there will be "Pending. Please uncheck elements you don't want to remove" message. Leave everything as it is and click
button. - When the cleaning is finished, the program will ask you to reboot the system. Please do so.
- Once your machine has rebooted, a Notepad window will be opened. If it won't, you can find it in C:\AdwCleaner. The report will be saved as AdwCleaner[C1].txt.
- Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Things that should appear in your next post:- Answer to my question about redirections
- JRT.txt log content
- AdwCleaner log content
#22
Posted 26 August 2015 - 12:20 AM
achint
- Topic Starter
-
- Member
-
- 12 posts
Member
Hey,
I have downloaded and run the tools as per your instructions. Just one issue. I tried several times to open the Avira antivirus window to disable it. However, the Avira window did not open. So I went into the task manager and ended the Avira task for the time that I ran the tools.
I wanted to mention one more thing. My broadand usage for this month has been shockingly high for the usage that I have currently. I have topped up my current plan to take me through the rest of the month, however I would like to monitor my usage to see how this is happening. Is there a tool/program that you could recommend which would allow me to monitor my usage without being invasive?
- Answer to my question about redirections. No. The other browser (Microsoft Edge) is not showing any redirections so far.
- JRT.txt log content
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 10 Home x64
Ran by vineet on Wed 08/26/2015 at 11:07:28.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\browser
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\Users\vineet\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\vineet\Appdata\Local\installer
~~~ Chrome
[C:\Users\vineet\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\vineet\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\vineet\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\vineet\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 08/26/2015 at 11:13:21.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- AdwCleaner log content
# AdwCleaner v5.003 - Logfile created 26/08/2015 at 11:34:18
# Updated 20/08/2015 by Xplode
# Database : 2015-08-20.1 [Local]
# Operating system : Windows 10 Home (x64)
# Username : vineet - LENOVO-PC
# Running from : C:\Users\vineet\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\vineet\AppData\Roaming\RPEng
***** [ Files ] *****
[-] File Deleted : C:\WINDOWS\Sysnative\VisualDiscoveryOff.ini
[-] File Deleted : C:\WINDOWS\SysWOW64\VisualDiscovery.ini
[-] File Deleted : C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\and
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKCU\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[-] Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
[-] Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4415 bytes] ##########
Hope this helps.
#23
Posted 26 August 2015 - 10:35 AM
Nevan
-
- Malware Removal
-
- 1,765 posts
Trusted Helper
Hello again, achint.
However, the high usage you've been having recently was most likely caused by the adware you had on your system, so it shouldn't be a problem anymore.
Let's move forward.
Step #1
Malwarebytes Anti-Malware
Step #2
ESET Online Scanner
Step #3
FRST Scan
Things that should appear in your next post:
Unfortunately not. I've never had to track my broadband usage, and I wouldn't want to recommend anything that I haven't used before.Is there a tool/program that you could recommend which would allow me to monitor my usage without being invasive?
However, the high usage you've been having recently was most likely caused by the adware you had on your system, so it shouldn't be a problem anymore.
Let's move forward.
Step #1
Malwarebytes Anti-Malware- Download Malwarebytes Anti-Malware to your Desktop
- Double click the file to open it. Install the program.
- Before you click Finish, make sure that:
- Enable free trial of Malwarebytes Anti-Malware Premium is unchecked
- Launch Malwarebytes Anti-Malware is checked
- In Database version section, click Update Now
- Once the update is done, click Settings>Detection and Protection
- Make sure that all three boxes under Detection Options are checked
- Go back to Dashboard and click the big, green Scan Now button.
- Wait for Malwarebytes Anti-Malware to finish the scan
- If the program will detect anything, click Remove Selected. The program might want to reboot the system. Allow it it wants to.
- Once the deletion is done (or after reboot), go to History, select Application Logs and click the latest Scan Log.
- Click Export, then click Copy to Clipboard.
- Paste (CTRL+V) the log into your next reply.
Step #2
ESET Online Scanner- Note: This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox
- Disable your Antivirus program (click here if you don't know how to do this).
- Visit ESET site
- Click
- When using:
- Internet Explorer:
- Accept the Terms of Use and click Start
- Allow the running of add-on
- Other browsers:
- Download esetsmartinstaller_enu.exe that you'll be given link to
- Double click esetsmartinstaller_enu.exe
- Allow the Terms of Use and click Start
- Internet Explorer:
- Make sure that the options are set as the example below:
- Click Start
- The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
- When completed, the program will begin to scan. This may take several hours. Please, be patient.
- Do not do anything on your machine as it may interrupt the scan
- When the scan is done, click Finish
- A log.txt file will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
- Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Step #3
FRST Scan- Right click FRST64.exe on your Desktop and click Run as administrator. When the tool opens click Yes to disclaimer.
- Make sure that Addition.txt is checked and press the Scan button.
- It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
- Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.
Things that should appear in your next post:- Malwarebytes Anti-Malware log content
- ESET Online Scanner log content
- FRST.txt log content
- Addition.txt log content
#24
Posted 27 August 2015 - 11:55 PM
achint
- Topic Starter
-
- Member
-
- 12 posts
Member
Hi,
I have downloaded and run the scans following your instructions are below are the results.
Just wanted to mention that the redirects are also happening in our phone chrome browser. I am assuming this is because the wifi is infected. Is there a way to simultaneously fix that so that we do not have this problem resurfacing later.?
- Malwarebytes Anti-Malware log content
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/27/2015
Scan Time: 6:58 PM
Logfile: Scan Log.txt
Administrator: Yes
Version: 2.1.8.1057
Malware Database: v2015.08.27.03
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 10
CPU: x64
File System: NTFS
User: vineet
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 405492
Time Elapsed: 26 min, 3 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 3
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-2630856962-2882739809-239791393-1001\SOFTWARE\Cinema_Plus_3.1rV24.08-nv-ie, Quarantined, [14bbf815a8e377bfbac3bc730bf829d7],
PUP.Optional.iWebar.A, HKU\S-1-5-21-2630856962-2882739809-239791393-1001\SOFTWARE\iWebar-nv-ie, Quarantined, [4e812de01477d066ffbd56dc06fd7d83],
PUP.Optional.ObjectBrowser.A, HKU\S-1-5-21-2630856962-2882739809-239791393-1001\SOFTWARE\Object Browser-nv-ie, Quarantined, [1ab5f31aa1ea1c1a6c76d6577093b54b],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
- ESET Online Scanner log content
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dc172838459c7243bcfc1be891c8885c
# end=init
# utc_time=2015-08-27 02:49:54
# local_time=2015-08-27 08:19:54 (+0530, India Standard Time)
# country="United States"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25478
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=dc172838459c7243bcfc1be891c8885c
# end=updated
# utc_time=2015-08-27 02:54:44
# local_time=2015-08-27 08:24:44 (+0530, India Standard Time)
# country="United States"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=dc172838459c7243bcfc1be891c8885c
# engine=25478
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-08-27 07:18:03
# local_time=2015-08-28 12:48:03 (+0530, India Standard Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18973 4178895 0 0
# scanned=431243
# found=29
# cleaned=0
# scan_time=15798
sh=B40B48F253EED540C8ED5A8BBCE116B208FB0C62 ft=1 fh=99ea92606bc48b1e vn="a variant of Win32/Wajam.W potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\vineet\AppData\Roaming\RPEng\DABBCBD9214B434DA8EB392699AD4DD1\WWE_1.49.5.13.exe.vir"
sh=79AE254A2002B0332A35969E530D43D360BB7B4B ft=1 fh=94917f4b89fa7b70 vn="a variant of Win32/SBWatchman.H potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\Common Files\ShopperPro\spbici32.dll"
sh=BDBC788D05285DB1014BADF88734F6F3C07EF0E2 ft=1 fh=3f9ecff600eddb41 vn="a variant of Win64/SBWatchman.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\Common Files\ShopperPro\spbici64.dll"
sh=F4ECEBC8C4BC3FDA02BDDBB16A41F2B947DB4385 ft=1 fh=cc5f7e3a157612ff vn="a variant of Win32/SBWatchman.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\Common Files\ShopperPro\spbii32.exe"
sh=18EF35781BBFA0D208392B32BE604A2C8D08D2E0 ft=1 fh=8274220871757e12 vn="a variant of MSIL/SBWatchman.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Program Files\Common Files\ShopperPro\spbii64.exe"
sh=016298D75D5C6C70D1D5F3B1BAF881FA983E2A82 ft=1 fh=3fd836e281beacbf vn="a variant of MSIL/Adware.PullUpdate.L.gen application" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Browser\prompt.exe.xBAD"
sh=523720E54B85ACCBEDDA6605E9F96F5EAF5C3EC2 ft=1 fh=768ef2247176ccaf vn="a variant of MSIL/Adware.PullUpdate.P application" ac=I fn="C:\FRST\Quarantine\C\ProgramData\Ssiulaurxaf\1.0.4.1\jufoocre.exe"
sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="a variant of Win32/Toolbar.CrossRider.CB potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.exe.xBAD"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I potentially unwanted application" ac=I fn="C:\FRST\Quarantine\C\Users\vineet\AppData\Roaming\yRYXdCg1yVyJmA.xBAD"
sh=C61FC45DE5B649D71F0FBBE49E02E84029A28AD6 ft=1 fh=a9bad844fbd5d8b3 vn="a variant of Win32/OutBrowse.BU potentially unwanted application" ac=I fn="C:\Users\vineet\AppData\Local\Microsoft\Windows\INetCache\IE\1G74RGEH\Reimage[1].exe"
sh=F8A1FCF86AD8B4FC84DC9D54763B5C97786A0985 ft=1 fh=c37ea0c048f1c5f3 vn="Win32/Adware.Agent.NOS application" ac=I fn="C:\Users\vineet\AppData\Local\Microsoft\Windows\INetCache\IE\VP68U8DP\XPVistaChecker[1].exe"
sh=2C04767C4DC7778F8B9CE16359EE3D687FE54E4B ft=1 fh=27646bdbe06902ab vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\vineet\AppData\Local\Temp\7zS7002\Optional\HP_IPG_Toolbar_installer.exe"
sh=26E0909BE77724BA846A7F4E9B8992CED8219774 ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Patcher.T potentially unsafe application" ac=I fn="C:\Users\vineet\Documents\Software Setups\Rhinoceros v5.5 Corporate Edition 64-bit\t splines 3.4\TSplines_34_Rhino_x64.rar"
sh=8F6D3E7168630F3BE653E86250FFA56DEBF37082 ft=0 fh=0000000000000000 vn="a variant of Win32/Amonetize.DW potentially unwanted application" ac=I fn="C:\Users\vineet\Downloads\Vray+For+Rhino+5+v2.00.24184+(x64).rar.rar"
sh=A340F5A8CC1C8D0335A3347A132C701A8CA892FC ft=0 fh=0000000000000000 vn="a variant of Win32/Amonetize.HG potentially unwanted application" ac=I fn="C:\Users\vineet\Downloads\VrayForRhino5v20024184x64.rar"
sh=BC7F6756E76FAF672ED4C176B2DFC2CEDE7DC8CA ft=1 fh=894a45bc0255cd5b vn="a variant of Win32/Keygen.HA potentially unsafe application" ac=I fn="C:\Users\vineet\Downloads\Autocad 64 bit 2014\xf-adsk64.exe"
sh=8647A17BE1ACA68E66547BA4CCE49B770DBD487B ft=1 fh=277f09d3bac621f1 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\vineet\Downloads\HP Downloads\HP Deskjet Ink Advantage 3540 e-All-in-One Printer series Full Feature Software and Drivers - DJ3540_188.exe"
sh=F5BEC8C3537DF1079CF1B1DA7F3F8B0CD0BE2E71 ft=1 fh=e995c13aab2070f9 vn="a variant of Win32/Toolbar.CrossRider.BX potentially unwanted application" ac=I fn="C:\Users\vineet\Downloads\VrayForRhino5v20024184x64\1309a3.exe"
sh=28ACBBCDF9F73D061FE7BA3F838F275EEF1FB781 ft=1 fh=e995c13aab2070f9 vn="a variant of Win32/Toolbar.CrossRider.BX potentially unwanted application" ac=I fn="C:\Users\vineet\Downloads\VrayForRhino5v20024184x64\6c7a37.exe"
sh=AC3812DB4CFAEC2CC885071E0C6C344516A1CCE4 ft=1 fh=49e75250c513fb49 vn="a variant of Win32/Amonetize.HG potentially unwanted application" ac=I fn="C:\Users\vineet\Downloads\VrayForRhino5v20024184x64\VrayForRhino5v20024184x64__11652_il42251.exe"
sh=BA74F32719AA524845F0858E1ED603863873B304 ft=1 fh=ba7b9b70a0dd35f5 vn="a variant of Win32/Adware.SuperFish.A application" ac=I fn="C:\Windows.old\Program Files (x86)\Lenovo\VisualDiscovery\Run.exe"
sh=EDE269E495845B824738B21E97E34ED8552B838E ft=1 fh=b1f546208637d3c4 vn="a variant of Win32/Adware.SuperFish.A application" ac=I fn="C:\Windows.old\Program Files (x86)\Lenovo\VisualDiscovery\SuperfishCert.dll"
sh=B5D68FE790F0FD30198F7F6C19FA190F561F301E ft=1 fh=dc1f28ed7d578e66 vn="a variant of Win32/Adware.SuperFish.A application" ac=I fn="C:\Windows.old\Program Files (x86)\Lenovo\VisualDiscovery\VDWFPInstaller.exe"
sh=99AF9CFC7AB47F847103B5497B746407DC566963 ft=1 fh=9a7c9a17b7ad767f vn="a variant of Win32/Adware.SuperFish.A application" ac=I fn="C:\Windows.old\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe"
sh=0CD1112ACC14BCD1EE2A2EBB03CEB4E77C354326 ft=1 fh=177992a259dc47c5 vn="a variant of Win32/ClientConnect.A potentially unwanted application" ac=I fn="C:\Windows.old\Users\vineet\AppData\Local\Temp\SPSetup.exe"
sh=EC5CFA77AE242D6C8F043EF9F126FBACDD4A81C5 ft=1 fh=0be5fbd9e329bdd1 vn="Win32/Conduit.SearchProtect.R potentially unwanted application" ac=I fn="C:\Windows.old\windows\Temp\nsm30A2.exe"
sh=EC5CFA77AE242D6C8F043EF9F126FBACDD4A81C5 ft=1 fh=0be5fbd9e329bdd1 vn="Win32/Conduit.SearchProtect.R potentially unwanted application" ac=I fn="C:\Windows.old\windows\Temp\nsm8F70.exe"
sh=EC5CFA77AE242D6C8F043EF9F126FBACDD4A81C5 ft=1 fh=0be5fbd9e329bdd1 vn="Win32/Conduit.SearchProtect.R potentially unwanted application" ac=I fn="C:\Windows.old\windows\Temp\nsq3B03.exe"
sh=EC5CFA77AE242D6C8F043EF9F126FBACDD4A81C5 ft=1 fh=0be5fbd9e329bdd1 vn="Win32/Conduit.SearchProtect.R potentially unwanted application" ac=I fn="C:\Windows.old\windows\Temp\nsvA3E4.exe"
- FRST.txt log content
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015
Ran by vineet (administrator) on LENOVO-PC (28-08-2015 11:17:11)
Running from C:\Users\vineet\Desktop
Loaded Profiles: vineet (Available Profiles: vineet)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.12391.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.820.12440.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\vineet\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\vineet\AppData\Local\Akamai\netsession_win.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-08-12] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-10-07] (Lenovo)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-12-02] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10843120 2014-12-02] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-08-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [Akamai NetSession Interface] => C:\Users\vineet\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31090272 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [OneDrive] => C:\Users\vineet\AppData\Local\Microsoft\OneDrive\OneDrive.exe [402632 2015-08-12] (Microsoft Corporation)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [GoogleChromeAutoLaunch_027BCCBA8979079B2A6FEB85E00D38D7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130848794342571126&GUID=1B9C8361-68B0-4D6F-9396-FD2448084845
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://home.lenovo.com
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.lenovo.com
SearchScopes: HKU\S-1-5-21-2630856962-2882739809-239791393-1001 -> DefaultScope {0D0BF34B-F642-11E4-8299-D07E350FEA64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2630856962-2882739809-239791393-1001 -> {0D0BF34B-F642-11E4-8299-D07E350FEA64} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-27] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{084a06eb-6985-49d5-8c85-96565e4ad3fd}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1c8031dd-aa1d-451f-9e72-5cdba9beff01}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\vineet\AppData\Roaming\Mozilla\Firefox\Profiles\TFwFauIl.default
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-27] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-13] (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-07] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Extension: Avira Browser Safety - C:\Users\vineet\AppData\Roaming\Mozilla\Firefox\Profiles\TFwFauIl.default\Extensions\[email protected] [2014-12-02]
Chrome:
=======
CHR Profile: C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Profile: C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Google Drive) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-11]
CHR Extension: (YouTube) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-11]
CHR Extension: (Google Search) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-11]
CHR Extension: (Avira Browser Safety) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-11]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-08-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\vineet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-07-22] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-07-22] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-12-12] (Intel Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-11] (Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-08-14] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-11-21] (LENOVO INCORPORATED.)
S2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-10-07] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-07] (Lenovo(beijing) Limited)
S3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2002-02-02] (Robert McNeel & Associates) [File not signed]
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-13] (Nitro PDF Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session6; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-10-07] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-10-07] (Lenovo)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session6; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [996352 2015-08-11] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-07-12] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-10-07] (Lenovo)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-07-24] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-07-24] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session6; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session6; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session6; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-08-12] (Intel Corporation)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-12] (Realtek )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-08-12] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-08-14] (Synaptics Incorporated)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-07-14] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-28 11:17 - 2015-08-28 11:17 - 00029570 _____ C:\Users\vineet\Desktop\FRST.txt
2015-08-28 11:14 - 2015-08-28 11:14 - 00016148 _____ C:\WINDOWS\system32\LENOVO-PC_vineet_HistoryPrediction.bin
2015-08-27 20:19 - 2015-08-27 20:19 - 02870984 _____ (ESET) C:\Users\vineet\Downloads\esetsmartinstaller_enu.exe
2015-08-27 20:19 - 2015-08-27 20:19 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-27 18:45 - 2015-08-27 20:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-27 18:45 - 2015-08-27 18:45 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-27 18:45 - 2015-08-27 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-27 18:45 - 2015-08-27 18:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-27 18:45 - 2015-08-27 18:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-27 18:45 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-27 18:45 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-27 18:45 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-27 14:35 - 2015-08-27 14:52 - 00011763 _____ C:\Users\vineet\Documents\Wedding Invite and Contact List.xlsx
2015-08-27 13:27 - 2015-08-27 13:27 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-08-27 13:26 - 2015-08-27 13:26 - 00003760 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 3540 series
2015-08-27 13:26 - 2015-08-27 13:26 - 00000000 ____D C:\Users\vineet\AppData\Roaming\HpUpdate
2015-08-27 13:26 - 2015-08-27 13:26 - 00000000 ____D C:\ProgramData\Visan
2015-08-27 13:26 - 2015-08-27 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-27 13:26 - 2015-08-27 13:26 - 00000000 ____D C:\ProgramData\HP Photo Creations
2015-08-27 13:26 - 2015-08-27 13:26 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2015-08-27 13:26 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC711.dll
2015-08-27 13:25 - 2015-08-27 13:26 - 00000000 ____D C:\Program Files (x86)\HP
2015-08-27 13:25 - 2015-08-27 13:25 - 00000057 _____ C:\ProgramData\Ament.ini
2015-08-27 13:25 - 2015-08-27 13:25 - 00000000 ____D C:\ProgramData\HP
2015-08-27 13:25 - 2015-08-27 13:25 - 00000000 ____D C:\Program Files\HP
2015-08-27 13:24 - 2015-08-27 13:26 - 00000000 ____D C:\Users\vineet\AppData\Local\HP
2015-08-27 12:51 - 2015-08-27 18:44 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\vineet\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-27 11:35 - 2015-08-27 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-27 11:34 - 2015-08-27 20:18 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-27 11:33 - 2015-08-27 11:34 - 01102520 _____ (Microsoft Corporation) C:\Users\vineet\Downloads\Setup.X86.en-US_O365HomePremRetail_393486c4-89b1-488e-a576-b72b9956b3f0_TX_SG_.exe
2015-08-27 11:28 - 2015-08-27 12:08 - 00383571 _____ C:\Users\vineet\Downloads\Bank Account details.xlsm
2015-08-27 11:04 - 2015-08-27 11:04 - 00000000 ____D C:\Users\vineet\AppData\Local\Hewlett-Packard
2015-08-27 11:03 - 2015-08-27 13:26 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-27 10:59 - 2015-08-27 11:02 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\vineet\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
2015-08-27 10:52 - 2015-08-27 10:53 - 01521640 _____ C:\WINDOWS\Minidump\082715-24406-01.dmp
2015-08-26 12:10 - 2015-08-26 12:10 - 00000000 ____D C:\Users\vineet\Desktop\New folder (2)
2015-08-26 11:26 - 2015-08-26 11:34 - 00000000 ____D C:\AdwCleaner
2015-08-26 10:11 - 2015-08-26 11:26 - 01605632 _____ C:\Users\vineet\Desktop\AdwCleaner.exe
2015-08-26 10:07 - 2015-08-26 10:47 - 01798576 _____ (Malwarebytes Corporation) C:\Users\vineet\Desktop\JRT.exe
2015-08-25 23:48 - 2015-08-25 23:48 - 00000000 ____D C:\Users\vineet\Desktop\FRST-OlderVersion
2015-08-25 19:48 - 2015-08-25 19:48 - 00045568 _____ C:\Users\vineet\Downloads\TM_Dialling_No.xls
2015-08-25 14:42 - 2015-08-25 14:42 - 00000204 ____H C:\Users\vineet\Downloads\Anagha residence.dwl2
2015-08-25 14:42 - 2015-08-25 14:42 - 00000054 ____H C:\Users\vineet\Downloads\Anagha residence.dwl
2015-08-25 14:40 - 2015-08-25 14:40 - 00330979 _____ C:\Users\vineet\Downloads\Anagha residence.dwg
2015-08-24 22:42 - 2015-08-28 11:17 - 00000000 ____D C:\FRST
2015-08-24 22:40 - 2015-08-25 23:48 - 02186752 _____ (Farbar) C:\Users\vineet\Desktop\FRST64.exe
2015-08-24 22:34 - 2015-08-24 22:39 - 02173952 _____ (Farbar) C:\Users\vineet\Downloads\FRST64.exe
2015-08-24 14:12 - 2015-08-24 14:28 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Opera Software
2015-08-24 14:12 - 2015-08-24 14:28 - 00000000 ____D C:\Users\vineet\AppData\Local\Opera Software
2015-08-24 14:10 - 2015-08-24 14:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-24 14:08 - 2015-08-24 14:13 - 00000000 ____D C:\Users\vineet\Downloads\VrayForRhino5v20024184x64
2015-08-24 14:08 - 2015-08-24 14:08 - 00578819 _____ C:\Users\vineet\Downloads\VrayForRhino5v20024184x64.rar
2015-08-24 13:43 - 2015-08-24 13:43 - 00712940 _____ C:\Users\vineet\Downloads\VRayforRhino52.00.24184(x64.rar
2015-08-24 13:43 - 2015-08-24 13:43 - 00000000 ____D C:\Users\vineet\Downloads\VRayforRhino52.00.24184(x64
2015-08-24 13:38 - 2015-08-24 13:40 - 00000000 ____D C:\Program Files\T-Splines for Rhino
2015-08-24 13:38 - 2015-08-24 13:38 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\T-Splines for Rhino (64)
2015-08-24 13:38 - 2015-08-24 13:38 - 00000000 ____D C:\ProgramData\TSplines
2015-08-24 12:28 - 2015-08-24 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2015-08-24 12:28 - 2015-08-24 12:28 - 00000000 ____D C:\ProgramData\FARO
2015-08-24 12:25 - 2015-08-24 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2014 - English
2015-08-24 12:23 - 2015-08-24 12:23 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2015-08-24 02:36 - 2015-08-24 02:36 - 00003533 _____ C:\Users\vineet\Downloads\v-ray-for-rhino-5-v20024184-wi-n64.torrent
2015-08-24 02:35 - 2015-08-24 02:35 - 00000903 _____ C:\Users\vineet\Downloads\rhinoceros-5-sr7-v-ray-20-for-rhino-win64-full-software-by-milebb.torrent
2015-08-24 02:29 - 2015-08-24 02:29 - 01550409 _____ C:\Users\vineet\Downloads\Vray+For+Rhino+5+v2.00.24184+(x64).rar.rar
2015-08-24 02:21 - 2015-08-24 13:06 - 00000000 ____D C:\Users\vineet\Downloads\Autocad 64 bit 2014
2015-08-24 02:20 - 2015-08-24 02:20 - 00015997 _____ C:\Users\vineet\Downloads\[kickass-torrents.ytsre.net]autocad.2014.64.bit.xforce.keygen.instructions.torrent
2015-08-24 02:11 - 2015-08-24 14:32 - 00000000 ____D C:\Users\vineet\AppData\Roaming\BitTorrent
2015-08-24 02:10 - 2015-08-24 02:11 - 01701992 _____ (BitTorrent Inc.) C:\Users\vineet\Downloads\BitTorrent.exe
2015-08-24 02:07 - 2015-08-27 10:52 - 799796733 _____ C:\WINDOWS\MEMORY.DMP
2015-08-24 02:07 - 2015-08-27 10:52 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-24 02:07 - 2015-08-24 02:08 - 01052264 _____ C:\WINDOWS\Minidump\082415-15734-01.dmp
2015-08-22 18:21 - 2015-08-22 18:25 - 00000000 ____D C:\Users\vineet\Desktop\New folder
2015-08-22 17:49 - 2015-08-22 12:19 - 00533574 _____ C:\Users\vineet\Desktop\Shivlani Staircase Meeting 2_3 .obj
2015-08-22 17:36 - 2015-08-22 11:55 - 00558140 _____ C:\Users\vineet\Desktop\Shivlani Staircase Meeting 2_2 .obj
2015-08-22 17:14 - 2015-08-22 11:49 - 00658620 _____ C:\Users\vineet\Desktop\Shivlani Staircase Meeting 2 .obj
2015-08-22 11:05 - 2015-08-08 21:08 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-22 11:05 - 2015-08-08 21:08 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-20 17:42 - 2015-08-20 17:43 - 00196558 _____ C:\Users\vineet\Downloads\Anagha residence_Juhu_Interiors.dwg
2015-08-19 10:38 - 2015-08-19 10:38 - 00123120 _____ C:\Users\vineet\Downloads\110311_startingpointrectengular.ghx
2015-08-19 10:38 - 2015-08-19 10:38 - 00076649 _____ C:\Users\vineet\Downloads\110121_NewStartPtonClosedCrv_01.ghx
2015-08-19 10:38 - 2015-08-19 10:38 - 00056585 _____ C:\Users\vineet\Downloads\ChangeClosedCurveSeam.ghx
2015-08-19 09:47 - 2015-08-13 10:03 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 09:47 - 2015-08-11 14:52 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-19 09:46 - 2015-08-13 09:53 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-19 09:46 - 2015-08-13 09:52 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-19 09:46 - 2015-08-13 09:50 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-19 09:46 - 2015-08-13 09:47 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-19 09:46 - 2015-08-13 09:37 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 09:46 - 2015-08-13 09:23 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-19 09:46 - 2015-08-11 15:34 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-19 09:46 - 2015-08-11 15:34 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-19 09:46 - 2015-08-11 15:34 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-19 09:46 - 2015-08-11 15:33 - 08021840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-19 09:46 - 2015-08-11 15:33 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-19 09:46 - 2015-08-11 15:32 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-19 09:46 - 2015-08-11 15:32 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-19 09:46 - 2015-08-11 15:32 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-19 09:46 - 2015-08-11 15:27 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-19 09:46 - 2015-08-11 15:22 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-19 09:46 - 2015-08-11 15:20 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-19 09:46 - 2015-08-11 15:10 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-19 09:46 - 2015-08-11 15:10 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-19 09:46 - 2015-08-11 15:10 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-19 09:46 - 2015-08-11 15:08 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-19 09:46 - 2015-08-11 15:07 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-19 09:46 - 2015-08-11 15:01 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-19 09:46 - 2015-08-11 14:56 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-19 09:46 - 2015-08-11 14:53 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-19 09:46 - 2015-08-11 14:51 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-19 09:46 - 2015-08-11 14:51 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-19 09:46 - 2015-08-11 14:50 - 02224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-19 09:46 - 2015-08-11 14:50 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-19 09:46 - 2015-08-11 14:49 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-19 09:46 - 2015-08-11 14:48 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-19 09:46 - 2015-08-11 14:46 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-19 09:46 - 2015-08-11 14:44 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-19 09:46 - 2015-08-11 14:43 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-19 09:46 - 2015-08-11 14:41 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-19 09:46 - 2015-08-11 14:41 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-19 09:46 - 2015-08-11 14:40 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-19 09:46 - 2015-08-11 14:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 09:46 - 2015-08-11 14:40 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-19 09:46 - 2015-08-11 14:39 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-19 09:46 - 2015-08-11 14:38 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-19 09:46 - 2015-08-11 14:38 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-19 09:46 - 2015-08-11 14:37 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-19 09:46 - 2015-08-11 14:37 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-19 09:46 - 2015-08-11 14:37 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-19 09:46 - 2015-08-11 14:36 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-19 09:46 - 2015-08-11 14:36 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-19 09:46 - 2015-08-11 14:35 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-19 09:46 - 2015-08-11 14:33 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-19 09:46 - 2015-08-11 14:32 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-19 09:46 - 2015-08-11 14:32 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-19 09:46 - 2015-08-11 14:32 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-19 09:46 - 2015-08-11 14:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-19 09:46 - 2015-08-11 14:31 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-19 09:46 - 2015-08-11 14:30 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-19 09:46 - 2015-08-11 14:30 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-19 09:46 - 2015-08-11 14:29 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-19 09:46 - 2015-08-11 14:28 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-19 09:46 - 2015-08-11 14:27 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-19 09:46 - 2015-08-11 14:27 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-19 09:46 - 2015-08-11 14:21 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-19 09:46 - 2015-08-11 14:21 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-19 09:46 - 2015-08-11 14:20 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-19 09:46 - 2015-08-11 14:20 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-19 09:46 - 2015-08-11 14:20 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-19 09:46 - 2015-08-11 14:19 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-19 09:46 - 2015-08-11 14:19 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-19 09:46 - 2015-08-11 14:18 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-19 09:46 - 2015-08-11 14:17 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-19 09:46 - 2015-08-11 14:15 - 18805760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-19 09:46 - 2015-08-11 14:15 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-19 09:46 - 2015-08-11 14:13 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-19 09:46 - 2015-08-11 14:12 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-19 09:46 - 2015-08-11 14:10 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-19 09:46 - 2015-08-11 14:10 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-19 09:46 - 2015-08-11 14:10 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-19 09:46 - 2015-08-11 14:09 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-19 09:46 - 2015-08-11 14:08 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-18 11:22 - 2015-08-18 11:22 - 00009007 _____ C:\Users\vineet\Downloads\Trial11_re.gh
2015-08-18 11:21 - 2015-08-18 11:22 - 04622811 _____ C:\Users\vineet\Downloads\Trial011_re.3dm
2015-08-17 21:12 - 2015-08-17 21:12 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-08-17 21:11 - 2015-08-17 21:11 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-08-17 18:51 - 2015-08-17 18:58 - 04445374 _____ C:\Users\vineet\Desktop\Trial 011.3dm
2015-08-17 18:51 - 2015-08-17 18:55 - 04446807 _____ C:\Users\vineet\Desktop\Trial 011.3dmbak
2015-08-17 13:08 - 2015-08-17 13:08 - 00018621 _____ C:\Users\vineet\Downloads\Trial010_re.gh
2015-08-17 10:41 - 2015-08-17 10:41 - 00691102 _____ C:\Users\vineet\Downloads\agave.skp
2015-08-17 10:41 - 2015-08-17 10:41 - 00508376 _____ C:\Users\vineet\Downloads\Hydrangea macrophylla.skp
2015-08-17 10:41 - 2015-08-17 10:41 - 00231743 _____ C:\Users\vineet\Downloads\ilalang.skp
2015-08-17 10:39 - 2015-08-17 10:39 - 00730391 _____ C:\Users\vineet\Downloads\Calotropis giganthea.skp
2015-08-17 10:38 - 2015-08-17 10:39 - 00588439 _____ C:\Users\vineet\Downloads\ruellia simplex.skp
2015-08-17 10:38 - 2015-08-17 10:38 - 00502448 _____ C:\Users\vineet\Downloads\butterfly ginger.skp
2015-08-17 10:38 - 2015-08-17 10:38 - 00487165 _____ C:\Users\vineet\Downloads\pandanus amarylifolius.skp
2015-08-17 10:35 - 2015-08-17 10:35 - 00142888 _____ C:\Users\vineet\Downloads\Plants_CALATHEA LUTEA.skp
2015-08-17 10:33 - 2015-08-17 10:33 - 00576992 _____ C:\Users\vineet\Downloads\Watercolor_Plant.skp
2015-08-17 10:32 - 2015-08-17 10:33 - 01211653 _____ C:\Users\vineet\Downloads\crinum asiaticum.skp
2015-08-17 09:26 - 2015-08-17 14:48 - 04176338 _____ C:\Users\vineet\Desktop\Trial 010.3dm
2015-08-17 09:26 - 2015-08-17 14:48 - 00011689 _____ C:\Users\vineet\Desktop\Trial 010.gh
2015-08-17 09:26 - 2015-08-17 09:33 - 04183135 _____ C:\Users\vineet\Desktop\Trial 010.3dmbak
2015-08-17 09:18 - 2015-08-17 09:18 - 00009167 _____ C:\Users\vineet\Desktop\Staircase 010.gh
2015-08-17 09:16 - 2015-08-17 09:16 - 24653320 _____ C:\Users\vineet\Desktop\2015-08-08_Staircase Development_01 009.3dm
2015-08-16 17:41 - 2015-08-16 17:41 - 00186161 _____ C:\Users\vineet\Downloads\reordermeshfaces.ghx
2015-08-16 15:16 - 2015-08-16 15:16 - 00045528 _____ C:\Users\vineet\Downloads\Sphagetti.gh
2015-08-15 21:43 - 2015-08-15 21:43 - 00081662 _____ C:\Users\vineet\Downloads\startingpointchanging.ghx
2015-08-15 21:38 - 2015-08-15 21:38 - 00077757 _____ C:\Users\vineet\Desktop\110121_NewStartPtonClosedCrv_01.ghx
2015-08-15 18:17 - 2015-08-03 07:48 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-15 18:17 - 2015-08-03 07:43 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-15 18:17 - 2015-08-03 07:26 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-15 18:17 - 2015-08-03 07:20 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-15 18:17 - 2015-08-03 06:48 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-15 18:17 - 2015-08-03 06:48 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-15 18:17 - 2015-08-03 06:31 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-15 18:17 - 2015-07-30 09:19 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-15 18:17 - 2015-07-30 08:45 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-15 18:17 - 2015-07-26 10:43 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-15 18:17 - 2015-07-26 09:58 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-15 18:17 - 2015-07-22 09:24 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-15 18:17 - 2015-07-22 08:41 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-15 18:17 - 2015-07-15 08:11 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-15 18:17 - 2015-07-11 06:47 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-15 18:17 - 2015-07-11 06:21 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-15 18:16 - 2015-08-08 12:59 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-15 18:16 - 2015-08-08 12:49 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-15 18:16 - 2015-08-08 12:31 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-15 18:16 - 2015-08-08 12:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-15 18:16 - 2015-08-08 12:10 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-15 18:16 - 2015-08-08 11:54 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-15 18:16 - 2015-08-08 11:54 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-15 18:16 - 2015-08-08 11:45 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-15 18:16 - 2015-08-08 11:30 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-15 18:16 - 2015-08-06 08:47 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-15 18:16 - 2015-08-06 08:47 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-15 18:16 - 2015-08-06 07:52 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-15 18:16 - 2015-08-05 10:19 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-15 18:16 - 2015-08-05 09:59 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-15 18:16 - 2015-08-05 09:30 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-15 18:16 - 2015-08-05 09:24 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-15 18:16 - 2015-08-05 09:17 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-15 18:16 - 2015-08-05 09:09 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-15 18:16 - 2015-08-04 09:37 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-15 18:16 - 2015-08-04 09:36 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-15 18:16 - 2015-08-04 08:53 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-15 18:16 - 2015-08-04 08:29 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-15 18:16 - 2015-08-04 08:17 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-15 18:16 - 2015-08-03 08:02 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-15 18:16 - 2015-08-03 07:58 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-15 18:16 - 2015-08-03 07:49 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-15 18:16 - 2015-08-03 07:49 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-15 18:16 - 2015-08-03 07:48 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-15 18:16 - 2015-08-03 07:48 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-15 18:16 - 2015-08-03 07:47 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-15 18:16 - 2015-08-03 07:42 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-15 18:16 - 2015-08-03 07:19 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-15 18:16 - 2015-08-03 07:01 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-15 18:16 - 2015-08-03 07:00 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-15 18:16 - 2015-08-03 06:54 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-15 18:16 - 2015-08-03 06:54 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-15 18:16 - 2015-08-03 06:54 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-15 18:16 - 2015-08-03 06:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-15 18:16 - 2015-08-03 06:52 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-15 18:16 - 2015-08-03 06:52 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-15 18:16 - 2015-08-03 06:52 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-15 18:16 - 2015-08-03 06:51 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-15 18:16 - 2015-08-03 06:49 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-15 18:16 - 2015-08-03 06:49 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-15 18:16 - 2015-08-03 06:48 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-15 18:16 - 2015-08-03 06:48 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-15 18:16 - 2015-08-03 06:45 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-15 18:16 - 2015-08-03 06:44 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-15 18:16 - 2015-08-03 06:44 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-15 18:16 - 2015-08-03 06:42 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-15 18:16 - 2015-08-03 06:42 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-15 18:16 - 2015-08-03 06:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-15 18:16 - 2015-08-03 06:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-15 18:16 - 2015-08-03 06:36 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-15 18:16 - 2015-08-03 06:33 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-15 18:16 - 2015-08-03 06:32 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-15 18:16 - 2015-08-03 06:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-15 18:16 - 2015-08-03 06:29 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-15 18:16 - 2015-07-30 11:54 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-15 18:16 - 2015-07-30 11:53 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-15 18:16 - 2015-07-30 11:51 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-15 18:16 - 2015-07-30 11:47 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-15 18:16 - 2015-07-30 11:47 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 11:46 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-15 18:16 - 2015-07-30 11:44 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-15 18:16 - 2015-07-30 11:39 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-15 18:16 - 2015-07-30 11:36 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-15 18:16 - 2015-07-30 11:35 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-15 18:16 - 2015-07-30 11:35 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-15 18:16 - 2015-07-30 11:34 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-15 18:16 - 2015-07-30 11:33 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-15 18:16 - 2015-07-30 10:54 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-15 18:16 - 2015-07-30 09:59 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-15 18:16 - 2015-07-30 09:56 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-15 18:16 - 2015-07-30 09:56 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:55 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-15 18:16 - 2015-07-30 09:55 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-15 18:16 - 2015-07-30 09:54 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-15 18:16 - 2015-07-30 09:52 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:51 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-15 18:16 - 2015-07-30 09:42 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-15 18:16 - 2015-07-30 09:42 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-15 18:16 - 2015-07-30 09:38 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-15 18:16 - 2015-07-30 09:38 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-15 18:16 - 2015-07-30 09:38 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-15 18:16 - 2015-07-30 09:29 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-15 18:16 - 2015-07-30 09:22 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-15 18:16 - 2015-07-30 09:22 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-15 18:16 - 2015-07-30 09:22 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-15 18:16 - 2015-07-30 09:16 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-15 18:16 - 2015-07-30 09:16 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 09:16 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-15 18:16 - 2015-07-30 09:15 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-15 18:16 - 2015-07-30 09:14 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-15 18:16 - 2015-07-30 09:14 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-15 18:16 - 2015-07-30 09:12 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-15 18:16 - 2015-07-30 09:11 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-15 18:16 - 2015-07-30 09:10 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-15 18:16 - 2015-07-30 09:08 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-15 18:16 - 2015-07-30 09:08 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-15 18:16 - 2015-07-30 09:04 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-15 18:16 - 2015-07-30 08:59 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-15 18:16 - 2015-07-30 08:37 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-15 18:16 - 2015-07-30 08:36 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-15 18:16 - 2015-07-30 08:34 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-15 18:16 - 2015-07-30 08:34 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-15 18:16 - 2015-07-30 08:29 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-15 18:16 - 2015-07-30 08:28 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-15 18:16 - 2015-07-26 10:46 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-15 18:16 - 2015-07-26 10:46 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-15 18:16 - 2015-07-26 10:44 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-15 18:16 - 2015-07-26 10:44 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-15 18:16 - 2015-07-26 10:36 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-15 18:16 - 2015-07-26 09:19 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-15 18:16 - 2015-07-26 09:19 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-15 18:16 - 2015-07-26 09:17 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-15 18:16 - 2015-07-26 09:10 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-15 18:16 - 2015-07-26 09:10 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-15 18:16 - 2015-07-26 09:09 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-15 18:16 - 2015-07-26 09:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-15 18:16 - 2015-07-26 09:08 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-15 18:16 - 2015-07-26 09:05 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-15 18:16 - 2015-07-26 09:04 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-15 18:16 - 2015-07-26 09:00 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-15 18:16 - 2015-07-26 09:00 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-15 18:16 - 2015-07-26 08:59 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-15 18:16 - 2015-07-24 09:00 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-15 18:16 - 2015-07-24 08:48 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-15 18:16 - 2015-07-24 08:47 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-15 18:16 - 2015-07-24 08:42 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-15 18:16 - 2015-07-24 08:25 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-15 18:16 - 2015-07-24 08:22 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-15 18:16 - 2015-07-24 08:16 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-15 18:16 - 2015-07-24 08:14 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-15 18:16 - 2015-07-24 08:10 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-15 18:16 - 2015-07-24 08:09 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-15 18:16 - 2015-07-24 08:04 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-15 18:16 - 2015-07-24 07:55 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-15 18:16 - 2015-07-24 07:54 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-15 18:16 - 2015-07-24 07:54 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-15 18:16 - 2015-07-24 07:54 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-15 18:16 - 2015-07-22 10:48 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-15 18:16 - 2015-07-22 10:32 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-15 18:16 - 2015-07-22 09:43 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-15 18:16 - 2015-07-22 09:32 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-15 18:16 - 2015-07-22 09:30 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-15 18:16 - 2015-07-22 09:30 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-15 18:16 - 2015-07-22 09:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-15 18:16 - 2015-07-22 09:29 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-15 18:16 - 2015-07-22 09:25 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-15 18:16 - 2015-07-22 09:25 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-15 18:16 - 2015-07-22 09:23 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-15 18:16 - 2015-07-22 09:16 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-15 18:16 - 2015-07-22 08:51 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-15 18:16 - 2015-07-22 08:43 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-15 18:16 - 2015-07-22 08:43 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-15 18:16 - 2015-07-22 08:40 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-15 18:16 - 2015-07-22 08:37 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-15 18:16 - 2015-07-22 08:33 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-15 18:16 - 2015-07-22 08:20 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-15 18:16 - 2015-07-19 09:34 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-15 18:16 - 2015-07-19 09:24 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-15 18:16 - 2015-07-19 08:53 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-15 18:16 - 2015-07-19 08:48 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-15 18:16 - 2015-07-19 08:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-15 18:16 - 2015-07-19 08:09 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-15 18:16 - 2015-07-18 13:13 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-15 18:16 - 2015-07-18 13:07 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-15 18:16 - 2015-07-18 12:59 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-15 18:16 - 2015-07-18 10:32 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-15 18:16 - 2015-07-18 09:36 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-15 18:16 - 2015-07-18 09:29 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-15 18:16 - 2015-07-18 09:29 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-15 18:16 - 2015-07-18 09:22 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-15 18:16 - 2015-07-18 09:19 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-15 18:16 - 2015-07-18 09:18 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-15 18:16 - 2015-07-17 09:53 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-15 18:16 - 2015-07-17 09:37 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-15 18:16 - 2015-07-17 08:09 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-15 18:16 - 2015-07-17 08:06 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-15 18:16 - 2015-07-17 08:03 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-15 18:16 - 2015-07-17 08:02 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-15 18:16 - 2015-07-17 08:01 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-15 18:16 - 2015-07-17 07:56 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-15 18:16 - 2015-07-17 07:54 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-15 18:16 - 2015-07-17 07:49 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-15 18:16 - 2015-07-17 07:48 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-15 18:16 - 2015-07-17 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-15 18:16 - 2015-07-17 07:26 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-15 18:16 - 2015-07-17 07:23 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-15 18:16 - 2015-07-17 07:21 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-15 18:16 - 2015-07-17 07:20 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-15 18:16 - 2015-07-17 07:14 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-15 18:16 - 2015-07-16 11:09 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-15 18:16 - 2015-07-16 09:39 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-15 18:16 - 2015-07-16 09:34 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-15 18:16 - 2015-07-16 09:33 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-15 18:16 - 2015-07-16 09:31 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-15 18:16 - 2015-07-16 09:17 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-15 18:16 - 2015-07-16 09:15 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-15 18:16 - 2015-07-16 09:14 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-15 18:16 - 2015-07-16 09:13 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-15 18:16 - 2015-07-16 09:11 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-15 18:16 - 2015-07-16 09:10 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-15 18:16 - 2015-07-16 09:06 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-15 18:16 - 2015-07-16 09:05 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-15 18:16 - 2015-07-16 09:03 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-15 18:16 - 2015-07-16 09:02 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-15 18:16 - 2015-07-16 08:59 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-15 18:16 - 2015-07-16 08:57 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-15 18:16 - 2015-07-16 08:49 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-15 18:16 - 2015-07-15 08:51 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-15 18:16 - 2015-07-15 08:19 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-15 18:16 - 2015-07-15 08:19 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-15 18:16 - 2015-07-15 07:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-15 18:16 - 2015-07-15 07:46 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-15 18:16 - 2015-07-15 07:27 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-15 18:16 - 2015-07-15 07:17 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-15 18:16 - 2015-07-15 07:11 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-15 18:16 - 2015-07-15 07:07 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-15 18:16 - 2015-07-15 07:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-15 18:16 - 2015-07-14 08:30 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-15 18:16 - 2015-07-14 08:07 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-15 18:16 - 2015-07-14 07:34 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-15 18:16 - 2015-07-14 07:21 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-15 18:16 - 2015-07-14 07:19 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-15 18:16 - 2015-07-14 07:08 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-15 18:16 - 2015-07-14 06:50 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-15 18:16 - 2015-07-13 05:31 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-15 18:16 - 2015-07-13 05:00 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-15 18:16 - 2015-07-12 06:08 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-15 18:16 - 2015-07-12 05:55 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-15 18:16 - 2015-07-12 05:48 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-15 18:16 - 2015-07-12 05:16 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-15 18:16 - 2015-07-11 06:58 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-15 18:16 - 2015-07-11 06:37 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-15 18:16 - 2015-07-11 06:35 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-15 18:16 - 2015-07-11 06:34 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-15 18:16 - 2015-07-11 06:33 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-15 18:16 - 2015-07-11 06:33 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-15 18:16 - 2015-07-11 06:32 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-15 18:16 - 2015-07-11 06:27 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-15 18:16 - 2015-07-11 06:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-15 18:16 - 2015-07-11 06:12 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-15 18:16 - 2015-07-11 06:11 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-15 18:16 - 2015-07-11 06:10 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-15 18:16 - 2015-07-11 06:04 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-15 18:16 - 2015-07-10 21:21 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-15 18:16 - 2015-07-10 21:17 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-15 18:16 - 2015-07-10 20:30 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-15 18:16 - 2015-07-10 20:22 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-15 18:16 - 2015-07-10 16:29 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-15 18:16 - 2015-07-10 15:35 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-15 18:16 - 2015-07-10 15:23 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-15 18:16 - 2015-07-10 15:05 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-15 18:16 - 2015-07-10 15:01 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-15 18:16 - 2015-07-10 14:59 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-15 18:15 - 2015-08-04 09:36 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-15 18:15 - 2015-08-03 07:48 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-15 18:15 - 2015-08-03 07:47 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-15 18:15 - 2015-07-30 11:45 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-15 18:15 - 2015-07-30 09:52 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-15 18:15 - 2015-07-30 09:39 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-15 18:15 - 2015-07-30 09:15 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-15 18:15 - 2015-07-30 09:14 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-15 18:15 - 2015-07-30 09:14 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-15 18:15 - 2015-07-30 09:14 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-15 18:15 - 2015-07-30 09:11 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-15 18:15 - 2015-07-30 08:36 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-15 18:15 - 2015-07-30 08:36 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-15 18:15 - 2015-07-24 08:47 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-15 18:15 - 2015-07-24 08:00 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-15 18:15 - 2015-07-24 07:59 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-15 18:15 - 2015-07-24 07:54 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-15 18:15 - 2015-07-22 10:45 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-15 18:15 - 2015-07-22 08:39 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-15 18:15 - 2015-07-18 14:17 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-15 18:15 - 2015-07-18 12:58 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-15 18:15 - 2015-07-18 12:58 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-15 18:15 - 2015-07-18 12:56 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-15 18:15 - 2015-07-18 10:47 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-15 18:15 - 2015-07-18 09:20 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-15 18:15 - 2015-07-18 09:20 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-15 18:15 - 2015-07-18 09:19 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-15 18:15 - 2015-07-18 09:19 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-15 18:15 - 2015-07-18 09:18 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-15 18:15 - 2015-07-18 09:17 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-15 18:15 - 2015-07-17 09:43 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-15 18:15 - 2015-07-17 09:42 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-15 18:15 - 2015-07-17 08:09 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-15 18:15 - 2015-07-17 08:03 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-15 18:15 - 2015-07-17 07:56 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-15 18:15 - 2015-07-17 07:49 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-15 18:15 - 2015-07-17 07:35 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-15 18:15 - 2015-07-16 09:24 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-15 18:15 - 2015-07-15 07:34 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-15 18:15 - 2015-07-15 06:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-15 18:15 - 2015-07-11 06:31 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-15 18:15 - 2015-07-11 06:10 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-15 18:15 - 2015-07-11 06:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-15 18:15 - 2015-07-10 16:12 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-15 18:15 - 2015-07-10 15:40 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-14 23:41 - 2015-07-23 06:14 - 00572048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-08-14 23:39 - 2015-08-14 23:39 - 42730312 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 37749064 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 30518928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 22973584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 18376584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 16160440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 16011680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 15754192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 14511608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 13274904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 12973680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 11843384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 11142984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-14 23:39 - 2015-08-14 23:39 - 03351864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 02963208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 02360976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 02164040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01898128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435362.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435362.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01061008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 01053000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00983368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00976528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00787384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00632664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00408208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00384464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00364360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00314936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00155280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-14 23:39 - 2015-08-14 23:39 - 00031976 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-14 11:49 - 2015-08-14 11:49 - 00000000 ____D C:\Users\vineet\AppData\Local\MicrosoftEdge
2015-08-14 10:01 - 2015-08-14 10:01 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-08-14 09:59 - 2015-08-14 09:59 - 36681912 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 35768808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 30404056 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 29613040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 29084160 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 19844096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 13727296 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 12880160 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 11384832 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 11276968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 10528136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 08507392 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 06741482 _____ C:\WINDOWS\system32\igdclbif.bin
2015-08-14 09:59 - 2015-08-14 09:59 - 06389688 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-08-14 09:59 - 2015-08-14 09:59 - 06305696 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05467648 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05245440 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05121136 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 05092320 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 04841488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 04443136 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 03873280 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 03801600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-08-14 09:59 - 2015-08-14 09:59 - 02028032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01858632 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01767992 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01765408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01565696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01456408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01216000 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01156608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 01008016 _____ C:\WINDOWS\system32\igfxSDK.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00970752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00927120 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00923536 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00803113 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-08-14 09:59 - 2015-08-14 09:59 - 00723456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-08-14 09:59 - 2015-08-14 09:59 - 00624128 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00589712 _____ C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00519056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00511260 _____ C:\WINDOWS\system32\cp_resources.bin
2015-08-14 09:59 - 2015-08-14 09:59 - 00448912 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00425472 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-08-14 09:59 - 2015-08-14 09:59 - 00397824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00396688 _____ C:\WINDOWS\system32\igfxTray.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00386048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-08-14 09:59 - 2015-08-14 09:59 - 00373248 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00353280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00351120 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00331808 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00328080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00313888 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00300032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00284280 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00283024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00269360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-08-14 09:59 - 2015-08-14 09:59 - 00249232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00243200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00220432 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00219024 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00214416 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00213904 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00206848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4256.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00200856 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00184352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00172032 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00163776 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00162752 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00160680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00157072 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-08-14 09:59 - 2015-08-14 09:59 - 00153600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00143904 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00141080 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00140056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00090112 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00086016 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00082944 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00073728 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00064512 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00011264 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00004682 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-08-14 09:59 - 2015-08-14 09:59 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-08-14 09:58 - 2015-08-14 09:58 - 00419528 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2015-08-14 09:58 - 2015-08-14 09:58 - 00255176 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo29.dll
2015-08-14 09:58 - 2015-08-14 09:58 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-08-14 09:58 - 2015-08-14 09:58 - 00042184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-08-12 21:50 - 2015-08-12 21:50 - 00000000 ____D C:\Users\vineet\Downloads\Home
2015-08-12 16:52 - 2015-08-12 16:54 - 09989794 _____ C:\Users\vineet\Downloads\Home.zip
2015-08-12 14:54 - 2015-08-12 14:54 - 00000206 ____H C:\Users\vineet\Desktop\RCC LAYOUT AT TYPICAL SLAB LEVEL (23.12.2013)-1.dwl2
2015-08-12 14:54 - 2015-08-12 14:54 - 00000056 ____H C:\Users\vineet\Desktop\RCC LAYOUT AT TYPICAL SLAB LEVEL (23.12.2013)-1.dwl
2015-08-12 14:53 - 2015-08-12 14:51 - 00124064 ____N C:\Users\vineet\Desktop\RCC LAYOUT AT TYPICAL SLAB LEVEL (23.12.2013)-1.dwg
2015-08-12 14:51 - 2015-08-12 14:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-08-12 12:52 - 2015-08-12 12:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-12 12:46 - 2015-08-12 12:46 - 00263952 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2015-08-12 12:46 - 2015-08-12 12:46 - 00242448 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2015-08-12 12:45 - 2015-08-12 12:45 - 02636032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtCamU64.exe
2015-08-12 12:45 - 2015-08-12 12:45 - 01980672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsDecode.dll
2015-08-12 12:45 - 2015-08-12 12:45 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2015-08-12 12:45 - 2015-08-12 12:45 - 00495872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamX.dll
2015-08-12 12:45 - 2015-08-12 12:45 - 00100000 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-08-11 23:18 - 2015-08-11 23:18 - 00000205 ____H C:\Users\vineet\Downloads\Typical Floor Plan.dwl2
2015-08-11 23:18 - 2015-08-11 23:18 - 00000055 ____H C:\Users\vineet\Downloads\Typical Floor Plan.dwl
2015-08-11 21:21 - 2015-08-11 21:21 - 01506425 _____ C:\Users\vineet\Downloads\Nasik facade_R2.skp
2015-08-11 13:07 - 2015-08-11 00:10 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-11 13:04 - 2015-08-11 13:04 - 00000000 ____D C:\Windows.old
2015-08-11 13:03 - 2015-08-11 13:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files\MSBuild
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-11 13:02 - 2015-08-11 13:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-11 13:01 - 2015-06-18 07:40 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-11 13:01 - 2015-06-18 07:40 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 13:01 - 2015-06-18 07:40 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-11 13:01 - 2015-05-30 10:37 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-11 13:01 - 2015-05-30 10:37 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 13:01 - 2015-05-30 10:37 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-11 11:49 - 2015-08-11 11:49 - 00103215 _____ C:\Users\vineet\Downloads\Typical Floor Plan.dwg
2015-08-11 06:13 - 2015-08-11 06:13 - 00000000 ____D C:\Users\vineet\AppData\Local\NetworkTiles
2015-08-11 00:13 - 2015-08-12 12:44 - 00002348 _____ C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-11 00:13 - 2015-08-12 12:44 - 00000000 ___RD C:\Users\vineet\OneDrive
2015-08-11 00:12 - 2015-08-11 00:12 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-08-11 00:10 - 2015-08-11 00:10 - 00000000 ____D C:\Users\vineet\AppData\Local\Publishers
2015-08-11 00:09 - 2015-08-14 11:46 - 00000000 ____D C:\Users\vineet\AppData\Local\Comms
2015-08-11 00:09 - 2015-08-11 00:09 - 00000020 ___SH C:\Users\vineet\ntuser.ini
2015-08-11 00:09 - 2015-08-11 00:09 - 00000000 ____D C:\Users\vineet\AppData\Local\TileDataLayer
2015-08-11 00:04 - 2015-08-11 00:04 - 00000000 __SHD C:\Recovery
2015-08-11 00:02 - 2015-08-27 23:20 - 00887678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-11 00:02 - 2015-08-11 00:02 - 00023356 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-10 23:51 - 2015-08-10 23:51 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-10 23:45 - 2015-08-10 23:53 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-10 23:43 - 2015-08-27 00:38 - 00000000 ____D C:\Users\vineet
2015-08-10 23:43 - 2015-08-11 00:09 - 00000000 ___RD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 __RSD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-10 23:43 - 2015-07-10 16:34 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-10 23:41 - 2015-07-10 16:29 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-10 23:40 - 2015-08-10 23:40 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____D C:\Program Files\Synaptics
2015-08-10 23:40 - 2015-08-10 23:40 - 00000000 ____D C:\Program Files\Realtek
2015-08-10 23:38 - 2015-08-27 19:52 - 00012006 _____ C:\WINDOWS\PFRO.log
2015-08-10 23:38 - 2015-08-10 23:39 - 00036241 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-10 23:21 - 2015-08-11 00:04 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-08-10 23:21 - 2015-08-11 00:04 - 00009528 _____ C:\WINDOWS\diagerr.xml
2015-08-10 23:21 - 2015-08-11 00:03 - 00006551 _____ C:\WINDOWS\comsetup.log
2015-08-10 14:15 - 2015-08-10 14:15 - 00122856 _____ C:\Users\vineet\Downloads\Our Bedroom_17.dwg
2015-08-08 10:59 - 2015-08-08 10:59 - 00016329 _____ C:\Users\vineet\Downloads\ExtrudeTapered.gh
2015-08-08 10:46 - 2015-08-08 10:46 - 00019141 _____ C:\Users\vineet\Downloads\FilletPolyline.gh
2015-08-07 19:38 - 2015-08-08 02:03 - 00154961 _____ C:\Users\vineet\Downloads\Staircase.ghx
2015-08-07 19:37 - 2015-08-07 19:37 - 00041094 _____ C:\Users\vineet\Downloads\ParabolaPlanePoint_PSG.gh
2015-08-07 19:35 - 2015-08-07 19:35 - 00143376 _____ C:\Users\vineet\Downloads\parabola.ghx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-28 11:08 - 2015-07-10 17:52 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-28 11:06 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-28 10:50 - 2014-11-28 10:29 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3.job
2015-08-28 10:34 - 2014-11-06 23:57 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 08:55 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-28 08:06 - 2014-12-16 08:52 - 00000000 ____D C:\Users\vineet\AppData\Local\Akamai
2015-08-28 06:10 - 2014-11-06 07:27 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AB3C39AC-1E49-4DF1-B6F9-391C1D055603}
2015-08-28 02:00 - 2014-11-11 15:42 - 00000000 ____D C:\Users\vineet\AppData\Local\Adobe
2015-08-27 23:16 - 2015-07-10 17:50 - 00027506 _____ C:\WINDOWS\setupact.log
2015-08-27 19:54 - 2014-10-07 15:46 - 00000000 ____D C:\ProgramData\Energy Manager
2015-08-27 19:53 - 2015-07-10 17:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-27 19:53 - 2014-11-06 23:57 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-27 19:53 - 2014-10-31 16:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-27 19:53 - 2014-10-07 15:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-27 19:52 - 2015-07-10 17:50 - 05086000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-27 19:52 - 2015-07-10 14:35 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-27 12:04 - 2015-02-03 00:14 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Nitro PDF
2015-08-27 12:04 - 2014-10-31 16:17 - 00000000 ____D C:\Users\vineet\AppData\Local\Packages
2015-08-27 11:35 - 2014-10-31 16:17 - 00000000 ____D C:\Users\vineet\AppData\Local\VirtualStore
2015-08-27 00:02 - 2015-07-10 16:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-25 14:41 - 2014-11-11 15:30 - 00000000 ____D C:\ProgramData\FLEXnet
2015-08-25 14:37 - 2014-11-07 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-24 21:40 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-24 14:29 - 2014-11-11 15:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-24 14:24 - 2015-07-10 16:34 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-24 14:22 - 2014-10-07 15:00 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-08-24 13:08 - 2014-11-11 15:36 - 00000000 ____D C:\Users\vineet\AppData\Local\cache
2015-08-24 13:03 - 2014-11-11 15:01 - 00000000 ____D C:\Users\vineet\AppData\Local\Autodesk
2015-08-24 13:03 - 2014-11-11 14:53 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Autodesk
2015-08-24 13:03 - 2014-11-11 14:53 - 00000000 ____D C:\ProgramData\Autodesk
2015-08-24 12:28 - 2014-11-11 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-08-24 12:28 - 2014-11-11 15:01 - 00000000 ____D C:\Program Files\Autodesk
2015-08-24 12:26 - 2014-11-11 15:01 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-08-24 12:20 - 2014-11-11 14:58 - 00000000 ____D C:\Program Files (x86)\Autodesk
2015-08-24 12:17 - 2014-11-11 14:57 - 00011750 _____ C:\WINDOWS\DirectX.log
2015-08-24 12:08 - 2014-11-11 14:46 - 00000000 ____D C:\Autodesk
2015-08-24 03:49 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\rescache
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-22 10:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-22 10:57 - 2015-07-10 14:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-22 10:57 - 2015-07-10 14:35 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-16 09:21 - 2014-11-11 15:49 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-14 23:42 - 2014-10-07 14:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-14 23:41 - 2014-10-07 15:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-14 23:40 - 2014-10-07 14:59 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-14 23:29 - 2014-10-07 14:55 - 00000000 ___HD C:\Intel
2015-08-14 23:29 - 2014-10-07 14:41 - 00041866 _____ C:\WINDOWS\DPINST.LOG
2015-08-14 10:04 - 2014-11-11 15:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 10:02 - 2014-11-11 15:17 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-14 09:59 - 2014-10-07 14:56 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-14 09:59 - 2014-10-07 14:56 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-14 09:58 - 2014-07-26 13:24 - 01804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2015-08-14 09:58 - 2014-07-26 13:24 - 00764616 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2015-08-14 09:58 - 2014-07-26 13:24 - 00613576 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2015-08-14 09:58 - 2014-07-26 13:24 - 00267976 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2015-08-14 09:58 - 2014-07-26 13:24 - 00042696 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2015-08-14 09:57 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-13 10:54 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-12 12:45 - 2014-10-07 15:02 - 05060864 _____ (Realtek semiconductor) C:\WINDOWS\RTFTrack.exe
2015-08-12 12:45 - 2014-10-07 15:02 - 03068160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2015-08-12 12:45 - 2014-10-07 15:02 - 00557824 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamX64.dll
2015-08-11 21:48 - 2014-10-07 15:50 - 00000000 ____D C:\ProgramData\LU
2015-08-11 13:07 - 2015-07-10 16:34 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-11 05:10 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-11 00:10 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-11 00:10 - 2015-07-10 16:34 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-11 00:07 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-11 00:03 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\Registration
2015-08-11 00:02 - 2014-11-28 10:29 - 00004008 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3
2015-08-11 00:02 - 2014-11-11 15:50 - 00003616 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Lenovo-PC-vineet
2015-08-11 00:02 - 2014-11-06 23:57 - 00004008 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-11 00:02 - 2014-11-06 23:57 - 00003772 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-11 00:02 - 2014-10-31 16:50 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2630856962-2882739809-239791393-1001
2015-08-11 00:02 - 2014-10-07 15:11 - 00003382 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-08-11 00:02 - 2014-10-07 15:07 - 00003100 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2015-08-11 00:02 - 2014-10-07 14:55 - 00004046 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d
2015-08-11 00:02 - 2014-10-07 14:55 - 00003800 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon
2015-08-10 23:59 - 2015-07-10 16:34 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-10 23:53 - 2015-07-10 14:35 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-10 23:53 - 2015-06-22 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FotoSketcher
2015-08-10 23:53 - 2014-12-20 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-10 23:53 - 2014-12-17 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Podium
2015-08-10 23:53 - 2014-12-17 03:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 6
2015-08-10 23:53 - 2014-11-13 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
2015-08-10 23:53 - 2014-11-12 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5
2015-08-10 23:53 - 2014-11-11 15:14 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-10 23:53 - 2014-11-11 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-10 23:53 - 2014-10-07 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2015-08-10 23:53 - 2014-10-07 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Reach
2015-08-10 23:53 - 2014-10-07 15:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2015-08-10 23:53 - 2014-10-07 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-10 23:53 - 2014-10-07 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-08-10 23:53 - 2014-10-07 15:11 - 00000000 ____D C:\Program Files\Dolby Digital Plus
2015-08-10 23:53 - 2014-10-07 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-10 23:51 - 2015-07-10 16:35 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-10 23:51 - 2015-07-10 14:35 - 00000000 __RHD C:\Users\Default
2015-08-10 23:51 - 2013-08-22 19:06 - 00000000 ____D C:\Users\Default.migrated
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-08-10 23:47 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-08-10 23:47 - 2014-10-07 15:02 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-10 23:47 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-10 23:47 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-10 23:46 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-08-10 23:46 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-08-10 23:46 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\WINDOWS\Help
2015-08-10 23:45 - 2015-07-10 16:34 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-10 23:45 - 2015-06-20 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-10 23:45 - 2014-11-14 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tata Photon+
2015-08-10 23:45 - 2014-10-07 15:39 - 00000000 ____D C:\Program Files\Lenovo
2015-08-10 23:45 - 2014-10-07 15:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2015-08-10 23:45 - 2014-10-07 15:35 - 00000000 ____D C:\ProgramData\Lenovo
2015-08-10 23:45 - 2014-10-07 15:35 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-08-10 23:45 - 2014-10-07 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-08-10 23:45 - 2014-10-07 14:53 - 00000000 ____D C:\Program Files\Intel
2015-08-10 23:45 - 2014-10-07 14:52 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-10 23:45 - 2013-08-22 21:06 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-10 23:44 - 2014-12-02 12:08 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-08-10 23:42 - 2015-07-10 14:35 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-10 23:24 - 2014-10-07 15:39 - 00004608 _____ C:\WINDOWS\system32\VfService.trf
2015-08-10 23:24 - 2014-10-07 14:41 - 01999386 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-10 23:21 - 2015-07-10 19:09 - 00000000 ___HD C:\$Windows.~BT
2015-08-10 12:23 - 2014-10-07 15:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-08-08 02:05 - 2013-08-22 21:06 - 00000000 ___RD C:\WINDOWS\ToastData
2015-08-08 02:03 - 2014-11-13 00:12 - 00000000 ____D C:\Users\vineet\AppData\Roaming\Grasshopper
==================== Files in the root of some directories =======
2015-06-22 12:14 - 2015-06-22 12:14 - 0000259 _____ () C:\Users\vineet\AppData\Roaming\FotoSketcher.ini
2015-08-27 13:25 - 2015-08-27 13:25 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-10 23:40 - 2015-08-10 23:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-11 15:02 - 2014-11-11 15:02 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\vineet\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-21 11:47
==================== End of FRST.txt ============================
- Addition.txt log content
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-08-2015
Ran by vineet (2015-08-28 11:19:11)
Running from C:\Users\vineet\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2630856962-2882739809-239791393-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2630856962-2882739809-239791393-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-2630856962-2882739809-239791393-503 - Limited - Disabled)
Guest (S-1-5-21-2630856962-2882739809-239791393-501 - Limited - Disabled)
vineet (S-1-5-21-2630856962-2882739809-239791393-1001 - Administrator - Enabled) => C:\Users\vineet
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Akamai NetSession Interface (HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk DirectConnect 2012 64-bit (HKLM\...\Autodesk DirectConnect 2012 64-bit) (Version: 6.0.443.0 - Autodesk)
Autodesk DirectConnect 2012 64-bit (Version: 6.0.443.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk MatchMover 2012 64-bit (HKLM\...\{4529F749-C362-4119-AFA0-0A3F1CA924AB}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Maya 2012 64-bit (HKLM\...\Autodesk Maya 2012 64-bit) (Version: 14.0.0.0 - Autodesk)
Autodesk Maya 2012 64-bit (Version: 14.0.0.0 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk T-Splines Plug-in for Rhino version 3.4 r8555 (64) (HKLM\...\{FCB0FFA0-6EB0-4D4C-8B71-8390E31B0AC9}) (Version: 3.4.8555 - Autodesk)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
BitTorrent (HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.32.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo)
Energy Manager (x32 Version: 1.5.0.18 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FotoSketcher 3.00 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google SketchUp 6 (x32 Version: 6.0.515 - Google) Hidden
Google SketchUp 6 Exporters (x32 Version: 6.0.515 - Google) Hidden
Google SketchUp LayOut 6 (x32 Version: 1.0.617 - Google) Hidden
Google SketchUp Pro 6 (HKLM-x32\...\{12E75B98-8463-4C1F-8DDA-F6CF31566A55}) (Version: 6.0.00408 - Google)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HP Deskjet 3540 series Basic Device Software (HKLM\...\{60D33935-59B4-4ACE-8FAE-EBC60DE40A9C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 3540 series Help (HKLM-x32\...\{1D456349-7D00-479E-A2A9-C846CE390FE5}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{B2913DAE-3EBC-4C88-8245-0AA34B2E461D}) (Version: 17.1.1450.0402 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.32.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Reach (HKLM-x32\...\{3245D8C8-7FE0-4FD4-B04B-2720A333D592}) (Version: 1.1.3.7 - Stoneware, Inc.)
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo Updates (x32 Version: 1.3.0.6 - Lenovo) Hidden
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{70B831B7-A8EE-4C5F-8F34-F383D24B3A04}) (Version: 9.0.5.9 - Nitro)
NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit (HKLM\...\{FC4AD39F-9DCE-4BD0-B7D0-7C81CEB9F04B}) (Version: 2.60.0216.1828 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Podium (HKLM-x32\...\Podium_is1) (Version: - Cadalog Inc)
Product Improvement Study for HP Deskjet 3540 series (HKLM\...\{8E8FABC1-F28A-40DF-932F-1076A63CE701}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Rhinoceros 5 (64-bit) (HKLM\...\{D7B0FC7F-827E-4664-9DC8-32AD32C875A7}) (Version: 5.5.30717.16015 - Robert McNeel & Associates)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Tata Photon+ (HKLM-x32\...\Tata Photon+) (Version: 11.030.01.18.628 - Huawei Technologies Co.,Ltd)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
V-Ray for SketchUp 6 (HKLM-x32\...\{8D7BD6EE-C597-4375-B07F-A91FC78991C7}) (Version: 1.00.0000 - ASGvis, LLC)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe No File
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2630856962-2882739809-239791393-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\vineet\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
24-08-2015 12:16:18 Installed DirectX
25-08-2015 23:49:57 Restore Point Created by FRST
27-08-2015 11:03:17 Installed HP Support Solutions Framework
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 18:55 - 2013-08-22 18:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {0A26F4DC-4293-4C0E-83D9-A20E8A62C190} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-08-27] (Microsoft Corporation)
Task: {0AA2D2B2-647E-46C7-857D-45C34A411D53} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {3144FD6C-C14E-47C5-AB54-889E06BB1D4C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {63539134-473C-44BF-8C5A-F5B9E26A2043} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {762F1798-EBF1-4400-B3F7-27ADB0B9E8AC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
Task: {78A3A00A-1A09-4DB8-B792-629563C33950} - System32\Tasks\HPCustParticipation HP Deskjet 3540 series => C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {87D1880A-5BC6-4A26-A262-5642510C28B9} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-11-21] ()
Task: {8B4B4C8F-5DF3-4A70-B6F5-3529CA5EF6FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {8C555ABE-A031-4A47-9BB4-70BC90250FA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-15] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {B458698D-B3C2-4469-9318-9A19623378D6} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {B5571A85-7B38-4359-A0E5-62C58D50A55C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D9215A0B-7DDB-4449-80C2-4D0856D02F23} - System32\Tasks\AdobeAAMUpdater-1.0-Lenovo-PC-vineet => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {DA5B69A1-F167-4976-80F4-FBF69E82E5AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-14] (Microsoft Corporation)
Task: {E09A056B-1464-406E-B6C7-7BA70ED18426} - System32\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-06] (Google Inc.)
Task: {E72CB065-9368-4954-9770-C36460D2C816} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-08-14] (Synaptics Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d00ac8dc006e3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2015-08-15 18:15 - 2015-07-15 07:34 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-10-07 15:00 - 2015-07-23 06:40 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 09:46 - 2015-08-11 14:44 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-15 18:16 - 2015-07-30 11:35 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-14 09:59 - 2015-08-14 09:59 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2014-10-07 15:09 - 2013-10-01 14:39 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-02-05 00:21 - 2013-02-05 00:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-05 00:21 - 2013-02-05 00:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2015-08-27 11:34 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-10-07 15:42 - 2014-10-07 15:42 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-08-15 18:16 - 2015-07-30 11:35 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-27 20:14 - 2015-08-27 20:14 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-07-10 16:29 - 2015-07-10 16:29 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 16:29 - 2015-07-10 16:29 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-15 18:17 - 2015-08-03 06:41 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 16:30 - 2015-07-10 18:44 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 09:46 - 2015-08-11 14:28 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-15 18:16 - 2015-08-03 06:39 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 16:30 - 2015-07-10 18:44 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-26 11:51 - 2015-08-26 11:55 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.820.12440.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-08-26 11:51 - 2015-08-26 11:55 - 11603456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.820.12440.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-07-10 18:47 - 2015-07-10 18:47 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2014-02-26 05:12 - 2014-02-26 05:12 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-02-26 05:12 - 2014-02-26 05:12 - 02689800 _____ () C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterFilter.ax
2015-08-22 15:36 - 2015-08-18 10:53 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 15:36 - 2015-08-18 10:53 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vineet\Pictures\tiger.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run32: => "YTDownloader"
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B3D164C090B1212EA3E9FB4FFC53CFA6"
HKU\S-1-5-21-2630856962-2882739809-239791393-1001\...\StartupApproved\Run: => "YTDownloader"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{5FD401AE-7AB5-45B1-87DF-FD6B4DFFE0D8}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7081FD9A-F532-474E-80B7-ECAEC99FB508}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
FirewallRules: [{9D4B91ED-3EFD-4341-96DE-13E25A9E35DD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{41EB5348-DD0A-440B-86A2-309B1E15C86F}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe
FirewallRules: [{69D6A4E9-952F-421C-BBF5-3BDDE51B1FC1}] => (Allow) LPort=5357
FirewallRules: [{C586DB86-E10F-4104-9D94-05D9E635C776}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{3EFAE61C-44CD-41F5-B066-37A84AD8CA9A}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{05D96888-8AD3-4804-BCFE-D81673DA93FD}C:\users\vineet\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vineet\appdata\local\akamai\netsession_win.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/28/2015 11:15:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (08/28/2015 08:06:04 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.
Error: (08/28/2015 08:05:38 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.
Error: (08/28/2015 04:05:31 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.
Error: (08/28/2015 04:05:06 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.
Error: (08/27/2015 11:56:21 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.
Error: (08/27/2015 11:55:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.
Error: (08/27/2015 11:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.10240.16431, time stamp: 0x55c9bd76
Faulting module name: QtCore_Ad_SyncNs_4.dll_unloaded, version: 4.8.2.0, time stamp: 0x50d3fca7
Exception code: 0xc0000005
Fault offset: 0x00000000000265fe
Faulting process id: 0xfc4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
Error: (08/27/2015 11:17:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (08/27/2015 08:19:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
System errors:
=============
Error: (08/27/2015 08:24:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275
Error: (08/27/2015 08:24:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\vineet\AppData\Local\Temp\ehdrv.sys
Error: (08/27/2015 08:24:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275
Error: (08/27/2015 08:24:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\vineet\AppData\Local\Temp\ehdrv.sys
Error: (08/27/2015 08:24:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275
Error: (08/27/2015 08:24:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\vineet\AppData\Local\Temp\ehdrv.sys
Error: (08/27/2015 08:20:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275
Error: (08/27/2015 08:20:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\vineet\AppData\Local\Temp\ehdrv.sys
Error: (08/27/2015 08:20:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275
Error: (08/27/2015 08:20:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\vineet\AppData\Local\Temp\ehdrv.sys
Microsoft Office:
=========================
Error: (08/28/2015 11:15:35 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (08/28/2015 08:06:04 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/28/2015 08:05:38 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/28/2015 04:05:31 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/28/2015 04:05:06 AM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/27/2015 11:56:21 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/27/2015 11:55:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Lenovo-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\vineet\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/27/2015 11:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE10.0.10240.1643155c9bd76QtCore_Ad_SyncNs_4.dll_unloaded4.8.2.050d3fca7c000000500000000000265fefc401d0e0d3ebb8fd09C:\WINDOWS\Explorer.EXEQtCore_Ad_SyncNs_4.dllfd037ad8-66b5-40cd-bdb3-31ff0c58b0cc
Error: (08/27/2015 11:17:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\vineet\Downloads\esetsmartinstaller_enu.exe
Error: (08/27/2015 08:19:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifestC:\Users\vineet\Downloads\esetsmartinstaller_enu.exe
CodeIntegrity:
===================================
Date: 2015-08-27 11:46:10.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-26 11:02:49.409
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-25 13:43:33.388
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-24 02:50:57.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-23 19:19:28.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-22 11:18:49.121
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core™ i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 20%
Total physical RAM: 16296.27 MB
Available physical RAM: 12875.01 MB
Total Virtual: 18728.27 MB
Available Virtual: 15089.54 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:889 GB) (Free:796.8 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.18 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3D4C24C2)
Partition: GPT.
==================== End of Addition.txt ============================
Thank you.
#25
Posted 28 August 2015 - 11:21 AM
Nevan
-
- Malware Removal
-
- 1,765 posts
Trusted Helper
Hello again, achint.
Follow the instructions below.
Step #1
FRST Fix
Step #2
Security Check
Download Security Check from here or here.
Things that should appear in your next post:
Yes, that might be the case. This is the new router you've purchased, right? If that's right, then it might have become infected by this system. As we've cleaned it, you should now be able to reset it without worrying about it getting infected again.Just wanted to mention that the redirects are also happening in our phone chrome browser. I am assuming this is because the wifi is infected. Is there a way to simultaneously fix that so that we do not have this problem resurfacing later.?
Follow the instructions below.
Step #1
FRST Fix- Download attached fixlist.txt file to your desktop.
fixlist.txt 1.49KB
247 downloads
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system - Right click FRST64.exe on your desktop and click Run as administrator.
- Press the Fix button just once and wait.
NOTE: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work. - If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished, FRST will generate a log on the desktop (Fixlog.txt). Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Step #2
Security CheckDownload Security Check from here or here.
- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things that should appear in your next post:- Fixlog.txt log content
- Checkup.txt log content
- Tell me if you have successfully reset your router and if so, if you're still getting redirected
#26
Posted 01 September 2015 - 11:17 AM
Essexboy
-
- Retired Staff
-
- 69,964 posts
GeekU Moderator
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
