Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I Think My PC Infected [Closed]

Started by Anuj007 , Aug 23 2015 12:43 AM
outboundtraffic norton popup

  • This topic is locked This topic is locked

#1
Anuj007
Posted 23 August 2015 - 12:43 AM

Anuj007

    New Member

  • Member
  • Pip
  • 1 posts

Whenever I just connect my PC with the Internet a pop appears that is by Norton saying that an Out Bound Traffic is Detected and recommends for NPE(Norton Power Eraser) to initiate but after scanning the PC with NPE the problem is not resolved and that pop is keep on coming.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015 03
Ran by Anuj (administrator) on DELL (23-08-2015 12:02:46)
Running from C:\Users\Anuj\Downloads
Loaded Profiles: Anuj (Available Profiles: Anuj)
Platform: Windows 8 Single Language (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
() C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\ouc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\ProgramData\Reliance Netconnect\OnlineUpdate\ouc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
(VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Facebook Inc.) C:\Users\Anuj\AppData\Local\Facebook\Update\FacebookUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-02-01] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-20] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-24] (CyberLink Corp.)
HKLM-x32\...\Run: [vmware-tray] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [103536 2011-08-22] (VMware, Inc.)
HKLM-x32\...\Run: [Yahoo Messenger] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [904824 2015-07-13] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NofolderOptions] 0
HKU\S-1-5-19\...\RunOnce: [] => [X]
HKU\S-1-5-20\...\RunOnce: [] => [X]
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [844360 2014-07-01] (Samsung)
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\Run: [GoogleChromeAutoLaunch_D299BCD2323217174AE7F491AA1430EB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\Run: [Facebook Update] => C:\Users\Anuj\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-29] (Facebook Inc.)
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [] => [X]
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.7.0.11
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.7.0.11
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.7.0.11
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.7.0.11
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKLM-x32 -> DefaultScope {C400F16B-3499-4CD5-86BC-A0BE1D81253D} URL = 
SearchScopes: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001 -> DefaultScope {77C3623A-9765-4AB0-B2C2-611D03207D76} URL = 
SearchScopes: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1AC8606C662726D9&affID=128493&tt=120814_new&tsp=5338
SearchScopes: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001 -> {77C3623A-9765-4AB0-B2C2-611D03207D76} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: surf and keep -> {93C4E64C-C62A-3C22-8627-5A3D4F13CCFB} -> C:\Program Files (x86)\surf and keep\Br7NRlBO.x64.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-10-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-25] (Oracle Corporation)
BHO-x32: surf and keep -> {93C4E64C-C62A-3C22-8627-5A3D4F13CCFB} -> C:\Program Files (x86)\surf and keep\Br7NRlBO.dll No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-10-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-25] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{25B80AB2-37D0-4685-81D8-9B74A83009EB}: [DhcpNameServer] 192.168.43.1
 
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-2392348220-2254442395-1911721444-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Anuj\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2392348220-2254442395-1911721444-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anuj\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-08-16]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-11]
CHR Extension: (Google Drive) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11]
CHR Extension: (Google Search) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11]
CHR Extension: (WasteNoTime) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\enebomhlllfaccbelnjhfgblnalofhch [2015-02-22]
CHR Extension: (Norton Identity Protection) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-11-11]
CHR Extension: (Google Wallet) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11]
CHR Extension: (Gmail) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11]
CHR Extension: (UaniiiDealse) - C:\ProgramData\ckodapadhkajnnmimaeclnbennikekbf\ []
CHR Profile: C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-24]
CHR Extension: (Google Drive) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-24]
CHR Extension: (YouTube) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-24]
CHR Extension: (Google Search) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-24]
CHR Extension: (Norton Identity Safe) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-03-31]
CHR Extension: (Norton Safe) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-24]
CHR Extension: (Gmail) - C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-24]
CHR Extension: (UaniiiDealse) - C:\ProgramData\ckodapadhkajnnmimaeclnbennikekbf\ []
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-23]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Anuj\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-26]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-23]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Anuj\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-26]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-07-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-07-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-07-13] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [331776 2012-07-26] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
S2 Photon Plus. RunOuc; C:\Program Files (x86)\Photon Plus\Huawei\UpdateDog\ouc.exe [655712 2014-01-14] ()
S2 Reliance Netconnect. RunOuc; C:\Program Files (x86)\Reliance Netconnect+\UpdateDog\ouc.exe [218624 2014-07-29] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-24] (Realtek Semiconductor)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915408 2013-10-10] (SoftThinks SAS)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-08-22] (VMware, Inc.) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11837440 2011-08-22] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20150810.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-07-13] (BlueStack Systems)
S3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [30720 2013-02-02] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20150821.001\IDSvia64.sys [692984 2015-07-11] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150822.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20150822.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 seehcri; C:\Windows\System32\drivers\seehcri.sys [34032 2014-07-29] (Sony Ericsson Mobile Communications)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28040 2012-12-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [32136 2012-12-21] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows ® Win 7 DDK provider)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows ® Win 7 DDK provider)
U4 sr; no ImagePath
U2 wuaserv; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-23 12:02 - 2015-08-23 12:03 - 00026925 _____ C:\Users\Anuj\Downloads\FRST.txt
2015-08-23 11:56 - 2015-08-23 12:02 - 00000000 ____D C:\FRST
2015-08-23 11:51 - 2015-08-23 11:52 - 02173952 _____ (Farbar) C:\Users\Anuj\Downloads\FRST64.exe
2015-08-16 11:15 - 2015-08-16 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-08-16 11:12 - 2015-08-16 11:12 - 00291216 _____ C:\Windows\Minidump\081615-50765-01.dmp
2015-08-08 17:47 - 2015-08-08 17:47 - 00001703 _____ C:\Users\Anuj\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-08-08 17:47 - 2015-08-08 17:47 - 00001679 _____ C:\Users\Anuj\Desktop\BlueStacks.lnk
2015-08-08 17:47 - 2015-08-08 17:47 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-08-08 17:45 - 2015-08-23 11:25 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-08-08 17:45 - 2015-08-08 18:18 - 00000000 ____D C:\ProgramData\BlueStacks
2015-08-08 17:42 - 2015-08-08 17:52 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-08-08 17:42 - 2015-08-08 17:42 - 00000000 ____D C:\Users\Anuj\AppData\Local\Bluestacks
2015-08-08 08:54 - 2015-08-08 08:55 - 00262144 _____ C:\Windows\Minidump\080815-72546-01.dmp
2015-08-08 08:54 - 2015-08-08 08:54 - 00439816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-29 07:41 - 2015-07-14 02:52 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-29 07:41 - 2015-07-14 02:52 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-28 17:34 - 2015-08-01 11:38 - 00000000 ____D C:\Users\Anuj\Desktop\TC
2015-07-28 17:04 - 2015-06-15 20:52 - 13771264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-28 17:04 - 2015-06-15 20:52 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 15415296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-28 17:04 - 2015-06-15 20:50 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-28 17:04 - 2015-06-15 20:49 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-28 17:04 - 2015-06-15 20:49 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-28 17:04 - 2015-05-28 07:34 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-28 17:04 - 2015-05-28 07:33 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-07-28 17:04 - 2015-05-28 07:33 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-07-28 17:04 - 2015-05-28 07:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-28 17:04 - 2015-05-28 07:31 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-28 17:04 - 2015-05-28 07:31 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-07-28 17:04 - 2015-05-28 07:31 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-28 17:04 - 2015-05-28 07:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-28 17:04 - 2015-05-28 07:31 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-28 17:04 - 2015-05-28 06:15 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-07-28 17:04 - 2015-05-28 06:14 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-28 17:04 - 2015-05-28 06:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-28 17:04 - 2015-05-28 06:13 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-07-28 17:04 - 2015-05-28 06:13 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-28 17:04 - 2015-05-28 06:13 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-28 17:04 - 2015-05-28 06:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-28 17:04 - 2015-05-28 05:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-28 17:04 - 2015-05-28 05:53 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-28 17:04 - 2015-05-28 05:52 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-07-28 17:04 - 2015-05-28 05:50 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-07-28 17:04 - 2015-05-28 05:30 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-28 17:04 - 2015-05-28 05:25 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-28 17:04 - 2015-05-28 03:44 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-07-28 16:58 - 2015-07-03 02:01 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-28 16:57 - 2015-07-03 00:45 - 14384640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-28 16:54 - 2015-06-29 21:48 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 16:54 - 2015-06-29 18:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 16:54 - 2015-06-29 18:57 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 16:54 - 2015-06-29 18:57 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 16:54 - 2015-06-29 18:57 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 16:54 - 2015-06-29 18:57 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 16:54 - 2015-06-29 18:57 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 16:54 - 2015-06-27 22:06 - 00171352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-28 16:54 - 2015-06-27 19:26 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-07-28 16:54 - 2015-06-27 19:25 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-28 16:54 - 2015-06-27 19:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-28 16:54 - 2015-06-27 19:16 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-28 16:54 - 2015-06-27 19:16 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-28 16:54 - 2015-06-27 19:16 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-07-28 16:54 - 2015-06-27 19:16 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-28 16:54 - 2015-06-27 18:53 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-28 16:54 - 2015-06-26 18:37 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 16:54 - 2015-06-25 23:59 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-28 16:54 - 2015-06-25 23:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-28 16:54 - 2015-05-23 02:14 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-28 16:54 - 2015-03-17 12:30 - 06971712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-28 16:54 - 2015-03-17 12:22 - 01822696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-28 16:54 - 2015-03-17 10:15 - 01409496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-07-28 16:54 - 2015-01-07 09:55 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-28 16:53 - 2015-05-02 11:58 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-28 16:53 - 2015-05-02 09:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-28 16:53 - 2015-05-02 09:06 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-28 16:53 - 2015-04-14 03:39 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-07-28 16:53 - 2015-01-15 17:14 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-07-28 16:53 - 2015-01-15 17:13 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-28 16:53 - 2015-01-15 15:30 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-07-28 16:53 - 2015-01-15 15:08 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-28 16:53 - 2015-01-15 14:39 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-28 16:52 - 2015-06-27 19:25 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-28 16:52 - 2015-06-27 19:16 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-28 16:52 - 2015-06-25 07:24 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-28 16:52 - 2015-04-13 11:00 - 01839616 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-28 16:52 - 2015-04-13 11:00 - 01280512 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-28 16:52 - 2015-04-13 09:35 - 01416192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-07-28 16:51 - 2015-07-15 01:41 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-28 16:51 - 2015-07-15 01:39 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-28 16:51 - 2015-07-15 01:13 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-28 16:51 - 2015-07-15 01:13 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-28 16:51 - 2015-06-12 01:59 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-28 16:51 - 2015-06-11 21:57 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-28 16:51 - 2015-04-30 19:14 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
2015-07-28 16:51 - 2015-04-30 19:14 - 00478296 _____ C:\Windows\system32\locale.nls
2015-07-28 16:51 - 2015-04-21 19:23 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-28 16:51 - 2015-03-12 11:01 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-07-28 16:51 - 2015-03-04 12:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-28 16:51 - 2015-03-04 12:09 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-28 16:51 - 2015-03-04 12:09 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-28 16:51 - 2015-03-04 10:23 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-28 16:51 - 2015-03-04 10:22 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-07-28 16:51 - 2015-02-24 13:28 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-28 16:51 - 2015-02-18 13:09 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-28 16:51 - 2015-02-18 13:08 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-07-28 16:51 - 2015-01-31 19:18 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-07-28 16:51 - 2015-01-31 11:25 - 00275712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-07-28 16:51 - 2015-01-29 13:35 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-07-28 16:51 - 2015-01-29 11:49 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-07-28 16:51 - 2015-01-24 12:12 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-07-28 16:51 - 2015-01-24 10:30 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-07-28 16:51 - 2014-12-06 13:23 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-07-28 16:51 - 2014-12-06 13:23 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-07-28 16:51 - 2014-12-06 13:21 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-07-28 16:51 - 2014-12-06 13:21 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-07-28 16:51 - 2014-12-06 13:20 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-28 16:51 - 2014-12-06 11:40 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-07-28 16:51 - 2014-12-06 11:40 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-07-28 16:51 - 2014-12-06 11:39 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-07-28 16:50 - 2015-06-17 19:43 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-28 16:50 - 2015-06-17 19:14 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-28 16:50 - 2015-05-07 18:35 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-28 16:50 - 2015-04-25 09:11 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-28 16:50 - 2015-04-25 04:43 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-28 16:50 - 2015-04-13 11:02 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-28 16:50 - 2015-03-27 13:37 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2015-07-28 16:50 - 2015-03-12 11:01 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-28 16:50 - 2015-03-12 11:01 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-07-28 16:50 - 2015-03-12 09:22 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-28 16:50 - 2015-03-04 12:59 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-07-28 16:50 - 2015-03-04 12:56 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-07-28 16:50 - 2015-03-04 12:56 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-07-28 16:50 - 2015-03-04 12:56 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
2015-07-28 16:50 - 2015-03-04 12:11 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-28 16:50 - 2015-03-04 12:11 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-28 16:50 - 2015-03-04 12:09 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-28 16:50 - 2015-03-04 10:23 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-28 16:50 - 2015-03-04 10:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-28 16:50 - 2015-03-04 10:22 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-07-28 16:50 - 2015-01-24 12:13 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-28 16:50 - 2015-01-24 10:30 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-28 16:50 - 2014-12-19 10:05 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-07-28 16:50 - 2014-12-18 14:21 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-07-28 16:50 - 2014-12-18 12:22 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-07-28 16:50 - 2014-12-18 12:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-07-28 16:50 - 2014-12-18 12:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-07-28 16:50 - 2014-12-18 11:50 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-07-28 16:50 - 2014-12-11 12:21 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-28 16:50 - 2014-11-26 12:13 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-28 16:50 - 2014-11-26 10:20 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-28 16:49 - 2015-02-17 12:24 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-28 16:49 - 2015-02-17 10:43 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-28 16:42 - 2014-12-19 12:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-28 16:29 - 2015-04-06 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-07-28 16:29 - 2015-04-06 09:38 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-07-26 14:35 - 2015-08-01 11:38 - 00000000 ____D C:\Users\Anuj\Desktop\Calculator
2015-07-26 13:32 - 2015-07-29 07:35 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-26 13:31 - 2015-07-27 07:31 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
2015-07-26 13:22 - 2015-07-26 13:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-26 12:22 - 2014-10-09 09:30 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-07-26 12:22 - 2014-10-09 09:30 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-07-26 12:22 - 2014-10-09 09:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-07-26 12:22 - 2014-10-09 09:29 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-07-26 12:22 - 2014-10-09 09:29 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-07-26 12:18 - 2014-11-05 12:10 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-26 12:18 - 2014-11-05 12:09 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-07-26 12:18 - 2014-10-29 19:51 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-07-26 12:17 - 2014-11-15 11:36 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-26 12:17 - 2014-11-15 10:43 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-26 12:17 - 2014-11-15 10:43 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-26 12:17 - 2014-11-15 10:43 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-26 12:17 - 2014-11-15 10:43 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-26 12:17 - 2014-11-15 10:43 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-26 12:17 - 2014-11-15 10:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-26 12:17 - 2014-11-15 10:43 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-26 12:17 - 2014-11-15 10:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-07-26 12:17 - 2014-11-15 09:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-26 12:17 - 2014-11-15 09:23 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-26 12:17 - 2014-11-15 09:23 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-26 12:17 - 2014-11-15 09:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-26 12:15 - 2014-10-09 09:29 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-26 12:15 - 2014-10-09 09:29 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-07-26 12:15 - 2014-10-09 09:28 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-26 12:15 - 2014-09-22 11:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-07-26 12:15 - 2014-09-22 09:26 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-07-26 12:13 - 2014-10-11 13:15 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-07-26 12:13 - 2014-10-11 13:14 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-26 12:13 - 2014-10-11 13:14 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-26 12:13 - 2014-10-11 13:13 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-26 12:13 - 2014-10-11 11:28 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-07-26 12:13 - 2014-10-11 11:27 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-26 12:13 - 2014-10-11 11:27 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-26 12:13 - 2014-10-11 11:26 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-26 12:11 - 2014-10-22 06:31 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-07-26 12:11 - 2014-10-22 06:30 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-26 12:08 - 2014-10-30 12:50 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-26 12:08 - 2014-10-30 10:52 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-25 23:58 - 2015-07-26 11:53 - 00000673 _____ C:\Users\Anuj\Desktop\eclipse.exe.lnk
2015-07-25 13:06 - 2015-07-25 13:06 - 00000000 ____D C:\Users\Anuj\Documents\h
2015-07-25 13:04 - 2015-07-25 13:04 - 00000000 ____D C:\Users\Anuj\Documents\j
2015-07-25 13:02 - 2015-07-25 13:02 - 00000000 ____D C:\Users\Anuj\Documents\jprogram1
2015-07-25 13:02 - 2015-07-25 13:02 - 00000000 ____D C:\Users\Anuj\Documents\javaprogram1
2015-07-25 13:00 - 2015-07-25 13:00 - 00000000 ____D C:\Users\Anuj\Documents\javaprog1
2015-07-25 12:48 - 2015-07-25 13:25 - 282386003 _____ C:\Users\Anuj\Downloads\eclipse-jee-mars-R-win32.zip
2015-07-25 12:43 - 2015-08-12 10:00 - 00000000 ____D C:\Users\Anuj\.p2
2015-07-25 12:43 - 2015-07-25 14:03 - 00000000 ____D C:\Users\Anuj\.eclipse
2015-07-25 08:25 - 2015-07-25 08:25 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-25 08:25 - 2015-07-25 08:25 - 00000000 ____D C:\ProgramData\Oracle
2015-07-25 08:25 - 2015-07-25 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-25 08:25 - 2015-07-25 08:25 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-25 07:55 - 2015-07-25 07:55 - 00563296 _____ (Oracle Corporation) C:\Users\Anuj\Downloads\chromeinstall-8u51.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-23 11:37 - 2013-11-11 00:14 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-23 11:29 - 2013-11-11 00:50 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2392348220-2254442395-1911721444-1001
2015-08-23 11:25 - 2015-06-10 22:00 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2015-08-23 11:21 - 2014-07-29 11:16 - 00000934 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392348220-2254442395-1911721444-1001UA.job
2015-08-23 11:21 - 2014-07-29 11:16 - 00000912 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392348220-2254442395-1911721444-1001Core.job
2015-08-23 11:14 - 2013-11-11 09:36 - 00000000 ____D C:\Users\Anuj\AppData\Local\CrashDumps
2015-08-23 10:39 - 2013-04-21 07:07 - 01810898 _____ C:\Windows\WindowsUpdate.log
2015-08-23 08:11 - 2013-11-11 00:59 - 00000000 ____D C:\Users\Anuj\AppData\Roaming\vlc
2015-08-23 07:25 - 2013-11-11 00:14 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-20 19:30 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\system32\sru
2015-08-16 11:15 - 2013-04-21 07:43 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-08-16 11:13 - 2014-12-20 20:23 - 00000000 ____D C:\ProgramData\VMware
2015-08-16 11:13 - 2012-07-26 10:56 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-08-16 11:12 - 2014-07-29 12:07 - 753372854 _____ C:\Windows\MEMORY.DMP
2015-08-16 11:12 - 2014-03-22 19:48 - 00000000 ____D C:\Windows\Minidump
2015-08-16 11:12 - 2013-04-21 06:55 - 00907176 _____ C:\Windows\PFRO.log
2015-08-16 11:12 - 2012-07-26 12:52 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 10:00 - 2015-07-07 10:21 - 00000000 ____D C:\Users\Anuj\AppData\Local\Eclipse
2015-08-10 20:04 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\system32\NDF
2015-08-10 19:52 - 2013-11-11 00:52 - 00000000 ____D C:\Users\Anuj\AppData\Local\NPE
2015-08-08 19:07 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-08 17:46 - 2012-07-26 13:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-08 15:45 - 2013-11-10 08:09 - 00000000 ____D C:\Users\Anuj\AppData\Local\Packages
2015-08-04 20:20 - 2012-07-26 12:58 - 00854258 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-02 07:39 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\AppCompat
2015-08-01 11:24 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\rescache
2015-07-30 05:29 - 2012-07-26 13:29 - 00000000 ____D C:\Windows\CbsTemp
2015-07-29 07:38 - 2012-07-26 10:56 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-29 07:36 - 2012-07-26 11:08 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-29 07:35 - 2014-07-18 21:25 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 07:35 - 2012-07-26 13:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-29 07:35 - 2012-07-26 13:42 - 00000000 ____D C:\Program Files\Windows Defender
2015-07-29 07:35 - 2012-07-26 13:42 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-07-28 20:07 - 2012-07-26 13:42 - 00000000 ____D C:\Windows\WinStore
2015-07-28 19:29 - 2014-11-30 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-28 19:28 - 2014-03-03 19:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-28 19:12 - 2013-12-08 10:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-28 19:12 - 2013-12-08 10:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-28 19:10 - 2012-07-26 13:42 - 00000000 ___RD C:\Windows\ToastData
2015-07-28 19:08 - 2013-11-11 03:56 - 00000000 ____D C:\Windows\system32\MRT
2015-07-28 18:57 - 2013-12-08 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-26 13:30 - 2012-07-26 10:56 - 00000199 _____ C:\Windows\win.ini
2015-07-25 23:44 - 2014-08-13 17:14 - 00000000 ____D C:\Users\Anuj\.android
2015-07-25 13:06 - 2015-07-07 10:21 - 00000000 ____D C:\Users\Anuj\Documents\.metadata
2015-07-25 12:43 - 2013-11-10 08:09 - 00000000 ____D C:\Users\Anuj
 
==================== Files in the root of some directories =======
 
2012-07-26 07:36 - 2015-07-23 17:33 - 0000000 ___SH () C:\ProgramData\mssrdb.exe
2013-04-21 07:40 - 2013-04-21 07:41 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-04-21 07:36 - 2013-04-21 07:37 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-04-21 07:37 - 2013-04-21 07:38 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-04-21 07:35 - 2013-04-21 07:36 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-04-21 07:39 - 2013-04-21 07:40 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
 
Files to move or delete:
====================
C:\ProgramData\mssrdb.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-09 14:14
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-08-2015 03
Ran by Anuj (2015-08-23 12:03:58)
Running from C:\Users\Anuj\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2392348220-2254442395-1911721444-500 - Administrator - Disabled)
Anuj (S-1-5-21-2392348220-2254442395-1911721444-1001 - Administrator - Enabled) => C:\Users\Anuj
Guest (S-1-5-21-2392348220-2254442395-1911721444-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 Premier (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Premier (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 Premier (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AMD Catalyst Install Manager (HKLM\...\{B9C542F2-31A8-8EC1-B349-28C74D2A865C}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
BlueStacks App Player (HKLM-x32\...\{CCFDC6A9-4455-4117-BB1F-5FC580349DDB}) (Version: 1.1.8.162 - BlueStack Systems, Inc.)
Company of Heroes (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 1.0.0.78 - THQ Inc.)
CutterMaker (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{a9cff455}) (Version:  - CutterMaker) <==== ATTENTION
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.1.1 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.1.1 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.3.7.0 - Synaptics Incorporated)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.7.1 - Bloodshed Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{F13921D6-AE6D-41BF-807A-17BD99C0A4FD}) (Version: 15.5.5.0480 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Need For Speed The Run (HKLM-x32\...\Need For Speed The Run_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Norton 360 Premier (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Photon Plus (HKLM-x32\...\Huawei Photon Plus) (Version: 21.005.22.23.628 - Huawei Technologies Co.,Ltd)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Prince of Persia - The Forgotten Sands (HKLM-x32\...\Prince of Persia - The Forgotten Sands_is1) (Version:  - R.G. Mechanics, pashtet)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.017 - Dell Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Reliance Netconnect+ (HKLM-x32\...\Reliance Netconnect+) (Version: 21.005.11.04.114 - Huawei Technologies Co.,Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
surf and keep (HKLM-x32\...\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}) (Version: 2.3.0.1281 - surf. and, keep) <==== ATTENTION
TurboC++ for Windows 3.7.7.7m_r (HKLM-x32\...\TurboC++ for Windows) (Version: 3.7.7.7m_r - NvSTECH)
Unity Web Player (HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VmciSockets (Version: 9.1.54.1 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 8.0.0.18997 - VMware, Inc)
VMware Workstation (x32 Version: 8.0.0.18997 - VMware, Inc.) Hidden
WasteNoTime (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Winning Eleven 8 INTERNATIONAL (HKLM-x32\...\Winning Eleven 8 INTERNATIONAL_is1) (Version:  - duskymagus)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
youtubeadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2392348220-2254442395-1911721444-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Anuj\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 10:56 - 2012-07-26 10:56 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {13519643-68B0-4C1F-984F-E19289AE84D0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {2562B5E1-1A73-4FC8-AD98-22E161128DDE} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {29D9B65D-1EA2-428B-B740-7C02F8AF2B4F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4E0C5249-39C7-4368-B285-4285293100E0} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-12-21] (Synaptics Incorporated)
Task: {5E5A9236-6D79-4AB4-872F-FCF14620D670} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {695111D6-7731-4063-973D-D7EA170BD8BA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392348220-2254442395-1911721444-1001UA => C:\Users\Anuj\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-29] (Facebook Inc.)
Task: {79FD33E8-7116-4039-8DDF-02BE94D8744A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {7BF12819-B50A-47D5-8102-2545EF1EBA4F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {7C98B9C3-2EE6-445F-933C-A9AF47DDC33D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {7F712507-D74F-4614-8480-BE28C3B8F4DC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2392348220-2254442395-1911721444-1001Core => C:\Users\Anuj\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-29] (Facebook Inc.)
Task: {8897AD19-7643-43D6-96AF-3CC2EA1BF130} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {8FAFCD42-36F6-47A5-9D50-289756574718} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {9A80DA7A-9C44-492C-B7EF-4808BCDD498E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {A071D4A6-C317-49F3-84F5-384627F0C7BC} - System32\Tasks\PCDoctorBackgroundMonitorTask-Delay => C:\Program Files\My Dell\uaclauncher.exe [2014-01-11] (PC-Doctor, Inc.)
Task: {D1C8B841-6938-4F64-9941-61C3BF28A80D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-11] (PC-Doctor, Inc.)
Task: {D367476B-C837-4615-BDE2-CAEA4BCEB708} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-11] (PC-Doctor, Inc.)
Task: {D9A48880-6DA8-4168-B699-C74548C9FA04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {ED14EE47-C3B9-41D0-B647-7CF96F63AE66} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392348220-2254442395-1911721444-1001Core.job => C:\Users\Anuj\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2392348220-2254442395-1911721444-1001UA.job => C:\Users\Anuj\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-03-14 20:57 - 2011-03-14 20:57 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-01-14 13:20 - 2014-01-14 13:19 - 00655712 _____ () C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\ouc.exe
2014-07-29 10:34 - 2014-07-29 10:33 - 00218624 _____ () C:\ProgramData\Reliance Netconnect\OnlineUpdate\ouc.exe
2013-04-21 07:38 - 2012-04-25 08:13 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-08-22 16:34 - 2011-08-22 16:34 - 11837440 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2013-11-11 05:06 - 2013-11-11 05:07 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-04-21 07:02 - 2012-10-16 16:08 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-01-14 13:20 - 2014-01-14 13:19 - 00011362 _____ () C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\mingwm10.dll
2014-01-14 13:20 - 2014-01-14 13:19 - 00043008 _____ () C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\libgcc_s_dw2-1.dll
2014-01-14 13:20 - 2014-01-14 13:19 - 02415104 _____ () C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\QtCore4.dll
2014-01-14 13:20 - 2014-01-14 13:19 - 01148416 _____ () C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\QtNetwork4.dll
2014-01-14 13:20 - 2014-01-14 13:19 - 00835072 _____ () C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\QueryStrategy.dll
2014-01-14 13:20 - 2014-01-14 13:19 - 00398336 _____ () C:\ProgramData\Photon Plus\Huawei\OnlineUpdate\QtXml4.dll
2014-07-29 10:34 - 2014-07-29 10:33 - 00011362 _____ () C:\ProgramData\Reliance Netconnect\OnlineUpdate\mingwm10.dll
2014-07-29 10:34 - 2014-07-29 10:33 - 00043008 _____ () C:\ProgramData\Reliance Netconnect\OnlineUpdate\libgcc_s_dw2-1.dll
2014-07-29 10:34 - 2014-07-29 10:33 - 02415104 _____ () C:\ProgramData\Reliance Netconnect\OnlineUpdate\QtCore4.dll
2014-07-29 10:34 - 2014-07-29 10:33 - 01148416 _____ () C:\ProgramData\Reliance Netconnect\OnlineUpdate\QtNetwork4.dll
2011-08-22 16:23 - 2011-08-22 16:23 - 01222656 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-10-30 07:22 - 2014-10-30 07:22 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\bc1268291a87d654f75339c42e9bea4b\PSIClient.ni.dll
2013-04-21 07:22 - 2012-06-26 00:11 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-12-08 18:33 - 2012-11-20 16:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
2013-12-08 18:33 - 2013-11-12 09:57 - 00098304 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dll
2013-04-21 07:37 - 2012-06-08 09:04 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-09 00:04 - 2012-06-09 00:04 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-11 00:45 - 2014-12-06 07:20 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2015-01-11 00:45 - 2014-12-06 07:20 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2015-01-11 00:45 - 2014-12-06 07:20 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2015-01-11 00:45 - 2014-12-06 07:20 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2015-07-23 17:02 - 2015-07-13 10:14 - 16307888 _____ () C:\Users\Anuj\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anuj\Downloads\jason_todd_red_hood_batman_arkham_knight-1920x1080.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\StartupApproved\StartupFolder: => "interstellar-ell-6053401.lnk"
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\StartupApproved\Run: => ""
HKU\S-1-5-21-2392348220-2254442395-1911721444-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D299BCD2323217174AE7F491AA1430EB"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{482E3236-AD21-4CC6-9D88-04DE385724D6}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{01B9F863-2185-40AD-9030-1467C0C7A699}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B48F9D22-33E8-4EA7-868D-BF89F3E58AB4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{C12CF164-1398-4B63-ABF0-1FFFA029BB47}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{06B98F62-B3B9-4D42-BEA8-011585FD7B7D}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{099987E9-6C01-4271-8F57-A2DEDFD92E0F}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{525E9547-6503-4CFF-A726-0E5890B8137B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AB6FDCDB-5305-49BA-A9E9-3939928F2915}] => (Allow) LPort=2869
FirewallRules: [{EEF71133-0C55-4144-940A-D4C9FFECB7D4}] => (Allow) LPort=1900
FirewallRules: [{7AA6D028-EEE9-4E0E-A99D-98CE0DA2725E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4DE0A129-2B05-4FD4-B5D5-32D97A308627}] => (Allow) C:\Users\Anuj\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{F5568610-24FB-403E-8B6E-F7E0EC2C0A06}] => (Allow) C:\Users\Anuj\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{EF973043-0E70-4E6E-A418-502F834194C2}] => (Allow) C:\Program Files (x86)\WandouLabs\Wandoujia2.exe
FirewallRules: [{4C96FD42-C045-48CE-AB71-67491345243E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C9DD2961-2E15-47E2-A213-D389B98B9466}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EA87E743-07BC-4FEC-92D0-789B52DE4EF7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8AB3C025-DC16-406F-AFE8-276692B8BF51}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{827AD1E4-11FF-4507-BF6D-86653B530F19}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{9564B206-F376-4D92-9E96-F752581764AE}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{ECD73A57-CB88-4A28-B932-85FC19D21D4B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{BCCE3518-7D0B-4B0D-AAD0-61AE7C849416}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{A6446F0D-D66F-4ED2-8BA2-D6382276977B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/23/2015 11:21:06 AM) (Source: Google Update) (EventID: 20) (User: DELL)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (08/23/2015 11:14:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program BugReport.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: e04
 
Start Time: 01d0dd667acf5044
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\THQ\Company of Heroes\BugReport\BugReport.exe
 
Report Id: 0f1c6e94-495a-11e5-bf00-606c662726d9
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/23/2015 11:14:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BugReport.exe, version: 0.0.0.0, time stamp: 0x44dcf386
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16864, time stamp: 0x531d2be6
Exception code: 0x406d1388
Fault offset: 0x00010f22
Faulting process id: 0xe04
Faulting application start time: 0xBugReport.exe0
Faulting application path: BugReport.exe1
Faulting module path: BugReport.exe2
Report Id: BugReport.exe3
Faulting package full name: BugReport.exe4
Faulting package-relative application ID: BugReport.exe5
 
Error: (08/23/2015 11:12:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RelicCOH.exe, version: 1.0.0.10332, time stamp: 0x44e015ed
Faulting module name: EasyHook32.dll, version: 0.0.0.0, time stamp: 0x49b2707b
Exception code: 0xc0000005
Fault offset: 0x0000cc2f
Faulting process id: 0x1140
Faulting application start time: 0xRelicCOH.exe0
Faulting application path: RelicCOH.exe1
Faulting module path: RelicCOH.exe2
Report Id: RelicCOH.exe3
Faulting package full name: RelicCOH.exe4
Faulting package-relative application ID: RelicCOH.exe5
 
Error: (08/23/2015 10:25:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: main.exe, version: 4.1.59.0, time stamp: 0x52948372
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16864, time stamp: 0x531d2be6
Exception code: 0xe0434352
Fault offset: 0x00010f22
Faulting process id: 0x18ec
Faulting application start time: 0xmain.exe0
Faulting application path: main.exe1
Faulting module path: main.exe2
Report Id: main.exe3
Faulting package full name: main.exe4
Faulting package-relative application ID: main.exe5
 
Error: (08/23/2015 10:25:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: main.exe, version: 4.1.59.0, time stamp: 0x52948372
Faulting module name: KERNELBASE.dll, version: 6.2.9200.16864, time stamp: 0x531d2be6
Exception code: 0xe0434352
Fault offset: 0x00010f22
Faulting process id: 0x1f00
Faulting application start time: 0xmain.exe0
Faulting application path: main.exe1
Faulting module path: main.exe2
Report Id: main.exe3
Faulting package full name: main.exe4
Faulting package-relative application ID: main.exe5
 
Error: (08/23/2015 10:25:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: main.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Microsoft.VisualBasic.ApplicationServices.CantStartSingleInstanceException
Stack:
   at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
   at Razer.Kel.GUI.Startup.Main(System.String[])
 
Error: (08/23/2015 10:25:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: main.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Microsoft.VisualBasic.ApplicationServices.CantStartSingleInstanceException
Stack:
   at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
   at Razer.Kel.GUI.Startup.Main(System.String[])
 
Error: (08/23/2015 10:22:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.2.9200.16628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b10
 
Start Time: 01d0dd46ce33cc1d
 
Termination Time: 3422
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 9148002d-4952-11e5-bf00-606c662726d9
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/23/2015 08:21:11 AM) (Source: Google Update) (EventID: 20) (User: DELL)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
 
System errors:
=============
Error: (08/23/2015 11:56:24 AM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/23/2015 11:56:18 AM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/23/2015 11:40:37 AM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/23/2015 11:40:37 AM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/21/2015 08:41:21 PM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/21/2015 08:40:54 PM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/21/2015 08:40:47 PM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/21/2015 08:40:39 PM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/21/2015 08:40:39 PM) (Source: DCOM) (EventID: 10016) (User: DELL)
Description: application-specificLocalLaunch{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}DELLAnujS-1-5-21-2392348220-2254442395-1911721444-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/17/2015 11:14:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
 
 
Microsoft Office:
=========================
Error: (08/23/2015 11:21:06 AM) (Source: Google Update) (EventID: 20) (User: DELL)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (08/23/2015 11:14:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: BugReport.exe0.0.0.0e0401d0dd667acf50440C:\Program Files (x86)\THQ\Company of Heroes\BugReport\BugReport.exe0f1c6e94-495a-11e5-bf00-606c662726d9
 
Error: (08/23/2015 11:14:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: BugReport.exe0.0.0.044dcf386KERNELBASE.dll6.2.9200.16864531d2be6406d138800010f22e0401d0dd667acf5044C:\Program Files (x86)\THQ\Company of Heroes\BugReport\BugReport.exeC:\Windows\SYSTEM32\KERNELBASE.dll1451417e-495a-11e5-bf00-606c662726d9
 
Error: (08/23/2015 11:12:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RelicCOH.exe1.0.0.1033244e015edEasyHook32.dll0.0.0.049b2707bc00000050000cc2f114001d0dd5ff69b9a4dC:\Program Files (x86)\THQ\Company of Heroes\RelicCOH.exeC:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dllb9573766-4959-11e5-bf00-606c662726d9
 
Error: (08/23/2015 10:25:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: main.exe4.1.59.052948372KERNELBASE.dll6.2.9200.16864531d2be6e043435200010f2218ec01d0dd5fd5bb4397C:\Program Files (x86)\Razer\Razer Game Booster\main.exeC:\Windows\SYSTEM32\KERNELBASE.dll25b2ba34-4953-11e5-bf00-606c662726d9
 
Error: (08/23/2015 10:25:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: main.exe4.1.59.052948372KERNELBASE.dll6.2.9200.16864531d2be6e043435200010f221f0001d0dd5fd0971f70C:\Program Files (x86)\Razer\Razer Game Booster\main.exeC:\Windows\SYSTEM32\KERNELBASE.dll2494c303-4953-11e5-bf00-606c662726d9
 
Error: (08/23/2015 10:25:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: main.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Microsoft.VisualBasic.ApplicationServices.CantStartSingleInstanceException
Stack:
   at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
   at Razer.Kel.GUI.Startup.Main(System.String[])
 
Error: (08/23/2015 10:25:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: main.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Microsoft.VisualBasic.ApplicationServices.CantStartSingleInstanceException
Stack:
   at Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
   at Razer.Kel.GUI.Startup.Main(System.String[])
 
Error: (08/23/2015 10:22:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.2.9200.166281b1001d0dd46ce33cc1d3422C:\Windows\Explorer.EXE9148002d-4952-11e5-bf00-606c662726d9
 
Error: (08/23/2015 08:21:11 AM) (Source: Google Update) (EventID: 20) (User: DELL)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 53%
Total physical RAM: 3969.27 MB
Available physical RAM: 1831 MB
Total Virtual: 8065.27 MB
Available Virtual: 5224.69 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:519.41 GB) (Free:339.73 GB) NTFS
Drive e: (ND1) (Fixed) (Total:100.19 GB) (Free:60.87 GB) NTFS
Drive f: (ND2) (Fixed) (Total:201 GB) (Free:78.37 GB) NTFS
Drive g: (ND3) (Fixed) (Total:100.19 GB) (Free:56.66 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1244B0FB)
 
Partition: GPT.
 
==================== End of log ============================
 

  • 0

Advertisements

#2
Nevan
Posted 23 August 2015 - 02:21 AM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, Anuj007. Welcome to Geeks to Go! My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:
  • Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
  • If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
  • Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
  • You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
  • Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
  • The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
  • I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
  • Your time to reply is limited. If you don't reply within 3 days, your topic will be closed and you will have to request it to be reopened by contacting one of Moderator group members with the link to this topic.
  • Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
  • Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
  • Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.
Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.

 
I'll check the log provided and be back with appropriate instructions once they are approved by my teacher.

Stay calm :)
  • 0

#3
Nevan
Posted 23 August 2015 - 04:00 AM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, Anuj007.

Let's remove every visible tracks of infections :)

Step #1
Reinstalling Google Chrome

As your Google Chrome is now in development build, which leaves you vulnerable to further infections, we have to reinstall it. To do that:
  • Make sure that you save your bookmarks by exporting them. Here's how to do it.
  • Sign into your account at Google Sync, then scroll down until you see "Stop and Clear" button then click it. Click "OK" when the prompt appears.
  • Now uninstall Google Chrome. Make sure that you delete all data and settings when asked about it.
  • Restart the computer and download the latest version of Google Chrome from here.
  • Import your bookmarks into Google Chrome and sign back to the browser so that your bookmarks sync with your account.
 
Step #2
4lSuPAR.pngUninstalling programs

Go to Start Menu>Control Panel>Programs>Uninstall a program (or Control Panel>Programs and Features if using icon view) and remove the following programs:
  • CutterMaker
  • RegClean-Pro
  • surf and keep
  • WasteNoTime
  • youtubeadblocker
 
Step #3
4rr98tz.png FRST Fix

I've noticed that you ran FRST64.exe from the Downloads folder. Please move it to your Desktop. You can do it by right-clicking FRST64.exe, click Cut, then move to Desktop, right-click any free space and click Paste.
  • Download attached fixlist.txt file to your desktop.
    Attached File  fixlist.txt   2.42KB   207 downloads
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Right click FRST64.exe on your desktop and click Run as administrator.
  • Press the Fix button just once and wait.
    NOTE: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished, FRST will generate a log on the desktop (Fixlog.txt). Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
 
EOEdyWG.png Things that should appear in your next post:
  • Please tell me if you have successfully reinstalled Google Chrome
  • Please tell me if you have successfully uninstalled all the programs I've asked you to remove
  • Fixlog.txt log content

  • 0

#4
Essexboy
Posted 27 August 2015 - 02:04 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: outboundtraffic, norton, popup

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP