Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

no recent startup programs + high cpu usage


  • Please log in to reply

#1
sayan.dg

sayan.dg

    Member

  • Member
  • PipPip
  • 73 posts

the list of most used programmes in startups is missing in start menu options and computer is running slow.

There was a free vpn software which i uninstalled

 

the logs

 

FRST.txt

**************************

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-10-2015
Ran by User (administrator) on SAYANLAPTOP-PC (31-10-2015 02:20:00)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & Guest)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Hewlett-Packard Company) C:\WINDOWS\System32\hpservice.exe
(Validity Sensors, Inc.) C:\WINDOWS\System32\vfsFPService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(WebEx Communications, Inc.) C:\WINDOWS\System32\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.5.4.24\nis.exe
(PC Tools) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.5.4.24\nis.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\WINDOWS\SMINST\BLService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(WordWeb Software) C:\Program Files\WordWeb\wweb32.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
() C:\Program Files\Jagannatha Hora\bin\jhora.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-16] (Intel Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-03-14] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288 2007-11-02] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [DpAgent] => C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-09-29] (DigitalPersona, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2009-03-10] (CyberLink Corp.)
HKLM\...\Run: [nmctxth] => C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112 2014-01-17] (Symantec Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\realplayer\update\realsched.exe [295512 2013-11-16] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-13] (Macrovision Corporation)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [80000 2014-07-05] (WordWeb Software)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [] => [X]
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Policies\Explorer: [NoInstrumentation] 1
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 121.242.190.180 192.168.12.25 192.168.12.112 8.8.8.8
Tcpip\..\Interfaces\{57A952AE-881C-4F89-9627-1D4EA5C788B9}: [DhcpNameServer] 121.242.190.180 8.8.8.8
Tcpip\..\Interfaces\{BDFC752B-05BB-48CC-966A-EE8C9707297C}: [DhcpNameServer] 121.242.190.180 192.168.12.25 192.168.12.112 8.8.8.8
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> DefaultScope {40E0921F-0FE4-4836-B12F-0565D580B1FD} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> {2BA04D11-8564-403A-B344-68B2683997B9} URL = hxxp://in.search.yahoo.com/search?ei=UTF-8&fr=cb-chennaionline&p={searchTerms}&Submit1=Search
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> {40E0921F-0FE4-4836-B12F-0565D580B1FD} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-09-29] (DigitalPersona, Inc.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll [2009-07-14] (Cisco Systems, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-26] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-11-16] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-11-16] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-01-22] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2014-02-06] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3273286156-3480778537-3055062599-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3273286156-3480778537-3055062599-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-3273286156-3480778537-3055062599-1003: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2009-10-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn [2015-10-30]
FF HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files\WordWeb\WCaptureMoz [2014-10-09] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-04-29] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (TV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2015-03-26] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (The Economist) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebjgjhbjedcomcajgpodjgfjgkepgpl [2015-03-26] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (RealDownloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-07-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (My Chrome Theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-27]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-24]
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-24]
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-11-22]
CHR Extension: (TubeStop) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kckaiklmbnheffnnfoneanfbjjjodecj [2015-05-03] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk [2012-08-24] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT2504091&extensionData=\u003Cextension_data\u003E] <==== ATTENTION
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-24]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-23]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR StartupUrls: "hxxp://www.mystartsearch.com/?type=hp&ts=1430640960&from=wpc&uid=TOSHIBAXMK2552GSX_X8ENT434TXXX8ENT434T"
OPR Extension: (My IP Address) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\abehbenniobcbnjalhggdpkepkdeefao [2015-08-31]
OPR Extension: (Gismeteo weather forecast in speed-dial) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\kibhjejfdbbjhlhmhdcjcnjpiobjgkak [2015-08-31]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 DiskDoctorService; C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150592 2014-01-17] (Symantec Corporation)
R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-09-29] (DigitalPersona, Inc.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.5.4.24\NIS.exe [282016 2015-09-24] (Symantec Corporation)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2009-07-07] (Cisco Systems, Inc.)
R2 NU16StartManagerSvc; C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795776 2014-01-17] (PC Tools)
S4 OracleJobSchedulerDATABASE1; c:\app\user\product\11.2.0\dbhome_1\Bin\extjob.exe [49152 2010-04-02] () [File not signed]
S3 OracleMTSRecoveryService; C:\app\User\product\11.2.0\dbhome_1\bin\omtsreco.exe [69632 2010-04-01] (Oracle Corporation) [File not signed]
S3 OracleOraDb11g_home1ClrAgent; C:\app\User\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe [38400 2010-02-28] (Oracle Corporation) [File not signed]
S3 OracleServiceDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\ORACLE.EXE [106487808 2010-04-02] (Oracle Corporation) [File not signed]
S3 OracleVssWriterDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\OraVSSW.exe [159744 2010-04-02] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2009-01-12] ()
S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2009-01-12] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-27] ()
R2 ScrybeUpdater; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [189536 2004-09-10] (SafeNet, Inc)
S3 SpeedDiskService; C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163904 2014-01-17] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [221266 2009-07-21] (IDT, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 OracleOraDb11g_home1TNSListener; C:\app\User\product\11.2.0\dbhome_1\BIN\TNSLSNR  [X]
S2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20151022.001\BHDrvx86.sys [1193032 2015-10-09] (Symantec Corporation)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [50688 2009-10-01] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1605040.018\ccSetx86.sys [137456 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [122192 2015-08-27] (Symantec Corporation)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20151029.001\IDSvix86.sys [580344 2015-10-20] (Symantec Corporation)
S3 iscFlash; C:\SwSetup\sp42557\iscflash.sys [11520 2008-08-05] (Insyde Software) [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-10-24] (Malwarebytes)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151030.006\NAVENG.SYS [104440 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151030.006\NAVEX15.SYS [1647216 2015-10-27] (Symantec Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [26672 2009-07-07] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [27696 2009-07-07] (Cisco Systems, Inc.)
R2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [84064 2004-09-10] (Rainbow Technologies, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-01-10] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1605040.018\SRTSP.SYS [713960 2015-09-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1605040.018\SRTSPX.SYS [44792 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NIS\1605040.018\SYMEFASI.SYS [1286896 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [103152 2015-08-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1605040.018\Ironx86.SYS [234744 2015-07-11] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1605040.018\SYMTDIV.SYS [358104 2015-09-24] (Symantec Corporation)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 u302bus; C:\Windows\System32\DRIVERS\u302bus.sys [119112 2010-07-30] (MCCI Corporation)
S3 u302mdfl; C:\Windows\System32\DRIVERS\u302mdfl.sys [14920 2010-07-30] (MCCI Corporation)
S3 u302mdm; C:\Windows\System32\DRIVERS\u302mdm.sys [135880 2010-07-30] (MCCI Corporation)
S3 u302mgmt; C:\Windows\System32\DRIVERS\u302mgmt.sys [129992 2010-07-30] (MCCI Corporation)
R3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X]
U1 eabfiltr; no ImagePath
S3 eapihdrv; \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys [X]
S3 EraserUtilDrv11411; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11411.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-19] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-31 02:20 - 2015-10-31 02:21 - 00033385 _____ C:\Users\User\Desktop\FRST.txt
2015-10-31 02:18 - 2015-10-31 02:20 - 00000000 ____D C:\FRST
2015-10-31 02:18 - 2015-10-31 02:17 - 01701888 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2015-10-31 02:16 - 2015-10-31 02:17 - 01701888 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2015-10-30 23:27 - 2015-10-30 23:37 - 00000037 _____ C:\Users\User\Desktop\New Text Document.txt
2015-10-30 22:46 - 2015-10-30 22:46 - 00142968 _____ C:\Windows\Minidump\Mini103015-01.dmp
2015-10-30 22:03 - 2015-10-30 22:06 - 00000000 ____D C:\Users\User\Desktop\New Folder (2)
2015-10-30 01:32 - 2015-10-30 01:32 - 00000000 ____D C:\ProgramData\Hotspot Shield
2015-10-29 22:16 - 2015-10-30 08:46 - 00000000 ____D C:\Users\User\Desktop\New Folder
2015-10-26 02:01 - 2015-10-26 02:02 - 05134526 _____ C:\Users\User\Desktop\68666.mp4
2015-10-21 01:04 - 2015-10-21 01:04 - 00000000 ____D C:\Windows\system32\Hotspot Shield
2015-10-20 20:31 - 2015-10-20 20:31 - 00000000 ____D C:\Users\User\Downloads\Z for Zachariah (2015)
2015-10-20 20:30 - 2015-10-20 20:41 - 00000000 ____D C:\Users\User\Downloads\The Stereo Love Show
2015-10-20 11:11 - 2015-10-20 11:11 - 00000000 ____H C:\Users\User\AppData\Local\BIT1.tmp
2015-10-20 11:10 - 2015-10-20 11:10 - 00000000 _____ C:\Users\User\AppData\Local\{0A4A5BE8-FB61-4B68-9E43-DA3F49F2F3C2}
2015-10-20 01:14 - 2015-10-20 01:14 - 00008354 _____ C:\Users\User\Downloads\Z For Zachariah (2015) [720p] YIFY - YTS.torrent
2015-10-19 22:37 - 2015-10-20 00:47 - 00000000 ____D C:\Users\User\Downloads\Demi Lovato - Confident [Deluxe Edition] [2015] [MP3-320KBPS] [H4CKUS] [GloDLS]
2015-10-19 02:48 - 2015-10-19 02:48 - 00000000 ____D C:\Users\User\AppData\Local\CrashRpt
2015-10-19 02:39 - 2015-10-19 02:39 - 00000455 _____ C:\Windows\certutil.log
2015-10-19 02:31 - 2015-10-19 02:36 - 13697176 _____ C:\Users\User\Downloads\HSS-5.0.2-install-plain-773-plain.exe
2015-10-19 01:30 - 2015-10-19 01:30 - 00011838 _____ C:\Users\User\Downloads\[kat.cr]demi.lovato.confident.deluxe.edition.2015.mp3.320kbps.h4ckus.glodls.torrent
2015-10-16 12:34 - 2015-10-16 12:34 - 00000260 _____ C:\Users\User\Downloads\debug.log
2015-10-16 09:53 - 2015-09-11 12:51 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-16 09:53 - 2015-09-11 12:49 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-16 09:53 - 2015-09-11 12:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-16 09:53 - 2015-09-11 12:45 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-16 09:52 - 2015-09-11 12:52 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-16 09:52 - 2015-09-11 12:47 - 09751552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-16 09:52 - 2015-09-11 12:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-16 09:52 - 2015-09-11 12:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-16 09:52 - 2015-09-11 12:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-16 09:52 - 2015-09-11 12:44 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-16 09:52 - 2015-09-11 12:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-16 09:52 - 2015-09-11 12:44 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-15 11:57 - 2015-10-15 11:57 - 00000000 ____D C:\9852493a8095665029
2015-10-15 11:46 - 2015-07-18 18:44 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 11:43 - 2015-09-28 22:47 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-15 11:43 - 2015-09-26 21:39 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-15 11:43 - 2015-09-26 21:39 - 03554240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-15 11:41 - 2015-07-29 06:16 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-12 19:14 - 2015-10-12 19:15 - 00142968 _____ C:\Windows\Minidump\Mini101215-01.dmp
2015-10-12 05:49 - 2015-10-12 05:49 - 00012261 _____ C:\Users\User\Downloads\[kat.cr]edward.maya.the.stereo.love.show.2013.album.torrent
2015-10-10 20:25 - 2015-10-10 20:25 - 00008778 _____ C:\Users\User\Downloads\[kat.cr]z.for.zachariah.2015.720p.brrip.x264.yify.torrent
2015-10-02 23:29 - 2015-10-02 23:29 - 00075770 _____ C:\Users\User\Downloads\D120.tmp
2015-10-02 19:52 - 2015-10-02 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-02 19:49 - 2015-10-02 19:52 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-10-02 19:49 - 2015-10-02 19:52 - 00000000 ____D C:\Program Files\iTunes
2015-10-02 19:49 - 2015-10-02 19:49 - 00000000 ____D C:\Program Files\iPod
2015-10-02 19:35 - 2015-10-02 19:35 - 00000000 ____D C:\Program Files\Apple Software Update
2015-10-02 19:24 - 2015-10-02 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-10-02 19:23 - 2015-10-02 19:24 - 00000000 ____D C:\Program Files\QuickTime
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-31 01:56 - 2013-05-27 14:23 - 00000336 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-10-31 01:43 - 2011-10-02 11:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-10-31 01:39 - 2012-05-03 09:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-31 01:39 - 2009-06-30 10:53 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2015-10-31 01:31 - 2009-01-08 00:34 - 01300346 _____ C:\Windows\WindowsUpdate.log
2015-10-31 01:25 - 2012-05-18 23:30 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-31 00:46 - 2009-07-03 00:27 - 00000000 ____D C:\ProgramData\Skype
2015-10-31 00:46 - 2006-11-02 18:15 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-31 00:46 - 2006-11-02 18:15 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-31 00:25 - 2012-05-18 23:30 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-30 23:48 - 2012-12-27 14:43 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2015-10-30 23:00 - 2009-02-27 22:38 - 00000000 ____D C:\Program Files\Opera
2015-10-30 22:50 - 2009-12-20 02:54 - 00000286 _____ C:\ProgramData\hpqp.ini
2015-10-30 22:48 - 2014-02-25 12:39 - 00000274 _____ C:\Windows\Tasks\NUAutoUpdate.job
2015-10-30 22:48 - 2009-01-07 06:20 - 00000000 ____D C:\ProgramData\TEMP
2015-10-30 22:47 - 2006-11-02 18:28 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-30 22:46 - 2015-08-15 04:16 - 279702263 _____ C:\Windows\MEMORY.DMP
2015-10-30 22:46 - 2010-12-01 12:30 - 00000000 ____D C:\Windows\Minidump
2015-10-30 18:39 - 2009-06-30 10:53 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2015-10-30 08:42 - 2012-07-04 11:39 - 01210124 _____ C:\Windows\PFRO.log
2015-10-30 03:18 - 2009-01-08 00:36 - 00003204 _____ C:\Windows\bthservsdp.dat
2015-10-30 03:18 - 2006-11-02 18:28 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-30 03:16 - 2013-08-25 21:15 - 00000000 ____D C:\Users\User\AppData\Local\NPE
2015-10-29 18:09 - 2012-12-27 14:43 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2015-10-26 22:26 - 2015-04-17 14:04 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2015-10-26 19:35 - 2014-02-25 12:39 - 00000266 _____ C:\Windows\Tasks\NUSchedule.job
2015-10-26 19:06 - 2012-10-21 19:00 - 00000394 _____ C:\Windows\system32\AppLog.log
2015-10-26 19:00 - 2014-02-25 19:11 - 00000000 ____D C:\Users\User\AppData\Roaming\Norton Utilities 16
2015-10-26 10:04 - 2012-05-03 09:57 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-26 10:04 - 2011-05-14 01:02 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-25 05:38 - 2015-03-26 13:26 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-10-24 22:25 - 2015-05-03 17:23 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-24 22:17 - 2015-05-03 17:22 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-24 09:55 - 2009-01-17 19:46 - 00006756 _____ C:\Users\User\AppData\Local\d3d9caps.dat
2015-10-24 07:30 - 2009-12-20 02:58 - 00000021 _____ C:\ProgramData\hpqp.txt
2015-10-22 16:43 - 2013-05-04 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-20 22:44 - 2015-02-06 22:00 - 00000000 ____D C:\Users\User\AppData\Roaming\BitTorrent
2015-10-18 17:58 - 2014-07-16 14:06 - 00000000 ____D C:\Users\User\Desktop\MTNL
2015-10-17 21:41 - 2009-01-07 06:21 - 00133120 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-17 11:16 - 2006-11-02 16:03 - 00830468 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 11:08 - 2006-11-02 16:48 - 00000000 ____D C:\Windows\rescache
2015-10-17 09:38 - 2014-11-27 19:02 - 00016985 _____ C:\Windows\setupact.log
2015-10-17 06:34 - 2008-07-03 11:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-16 09:23 - 2009-02-28 02:40 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-10-15 11:57 - 2013-08-07 20:56 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 11:57 - 2006-11-02 15:54 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-10-13 07:35 - 2015-08-02 14:18 - 00000000 ____D C:\Users\User\Desktop\MDI
2015-10-11 23:03 - 2011-10-11 23:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Nokia
2015-10-05 09:50 - 2015-05-03 17:22 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-05 09:50 - 2015-05-03 17:22 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2015-05-03 17:22 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-05 00:02 - 2015-08-02 17:38 - 00000000 ____D C:\Windows\system32\Drivers\NIS
2015-10-05 00:01 - 2015-08-07 13:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-10-05 00:01 - 2015-08-02 17:39 - 00002107 _____ C:\Users\Public\Desktop\Norton Internet Security.LNK
2015-10-03 17:58 - 2015-08-22 15:48 - 00000000 ____D C:\Users\User\Desktop\15PGHR56
2015-10-02 19:49 - 2011-08-06 00:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-02 19:35 - 2011-08-06 00:43 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
 
==================== Files in the root of some directories =======
 
2014-06-09 11:34 - 2014-06-09 11:34 - 0000052 _____ () C:\Users\User\AppData\Roaming\Camdata.ini
2014-06-09 11:34 - 2014-06-09 11:34 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini
2014-06-09 11:34 - 2014-06-09 11:34 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini
2014-06-09 11:18 - 2014-06-09 11:34 - 0004535 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg
2009-05-27 20:02 - 2009-05-27 20:02 - 0000268 ____R () C:\Users\User\AppData\Roaming\Comedy Noises
2011-03-10 14:23 - 2011-03-10 14:23 - 0000019 _____ () C:\Users\User\AppData\Roaming\graaruh
2011-02-28 17:59 - 2011-02-28 23:10 - 0000008 ____H () C:\Users\User\AppData\Roaming\mb_list.db
2010-10-31 23:12 - 2010-10-31 23:12 - 0006710 _____ () C:\Users\User\AppData\Roaming\MhoraOptions.xml
2009-07-21 02:40 - 2012-10-22 23:41 - 0027043 _____ () C:\Users\User\AppData\Roaming\UserTile.png
2014-06-09 11:15 - 2014-06-09 11:15 - 0000096 _____ () C:\Users\User\AppData\Roaming\version2.xml
2009-01-07 06:10 - 2009-01-07 06:10 - 0000000 _____ () C:\Users\User\AppData\Local\AtStart.txt
2015-10-20 11:11 - 2015-10-20 11:11 - 0000000 ____H () C:\Users\User\AppData\Local\BIT1.tmp
2015-09-26 21:28 - 2015-09-26 21:28 - 0000000 ____H () C:\Users\User\AppData\Local\BITE688.tmp
2009-01-17 19:46 - 2015-10-24 09:55 - 0006756 _____ () C:\Users\User\AppData\Local\d3d9caps.dat
2009-01-07 06:21 - 2015-10-17 21:41 - 0133120 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-01-07 06:10 - 2009-01-07 06:10 - 0000000 _____ () C:\Users\User\AppData\Local\DSwitch.txt
2009-07-30 02:41 - 2012-09-13 18:49 - 0000000 _____ () C:\Users\User\AppData\Local\FnF4.txt
2009-01-07 06:10 - 2009-01-07 06:10 - 0000000 _____ () C:\Users\User\AppData\Local\QSwitch.txt
2015-10-20 11:10 - 2015-10-20 11:10 - 0000000 _____ () C:\Users\User\AppData\Local\{0A4A5BE8-FB61-4B68-9E43-DA3F49F2F3C2}
2015-09-26 21:26 - 2015-09-26 21:26 - 0000000 _____ () C:\Users\User\AppData\Local\{DAED93CB-7D9C-456D-880C-BC896067688A}
2009-05-27 20:02 - 2009-05-27 20:02 - 0000268 ____R () C:\ProgramData\Components
2014-10-03 14:02 - 2014-10-03 14:02 - 2989660 _____ (Macromedia, Inc.) C:\ProgramData\DVD.exe
2014-10-03 14:02 - 2014-10-03 14:02 - 2231606 _____ (Macromedia, Inc.) C:\ProgramData\Games.exe
2009-12-20 02:54 - 2015-10-30 22:50 - 0000286 _____ () C:\ProgramData\hpqp.ini
2009-12-20 02:58 - 2015-10-24 07:30 - 0000021 _____ () C:\ProgramData\hpqp.txt
2008-07-03 11:34 - 2011-03-07 12:38 - 0013441 _____ () C:\ProgramData\hpzinstall.log
2014-10-03 14:02 - 2014-10-03 14:02 - 2331174 _____ (Macromedia, Inc.) C:\ProgramData\Karaoke.exe
2011-01-03 19:47 - 2011-01-03 20:10 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-10-03 14:02 - 2014-10-03 14:02 - 3063561 _____ (Macromedia, Inc.) C:\ProgramData\MobileTV.exe
2014-10-03 14:02 - 2014-10-03 14:02 - 2864396 _____ (Macromedia, Inc.) C:\ProgramData\MPV.exe
2009-05-27 20:02 - 2011-12-08 15:39 - 0000020 ____N () C:\ProgramData\PKP_DLdu.DAT
 
Files to move or delete:
====================
C:\ProgramData\DVD.exe
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe
 
 
Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\HssInstaller.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-30 22:55
 
==================== End of FRST.txt ============================
 
 
ADDItion.txt
 
******************************************************************
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-10-2015
Ran by User (2015-10-31 02:25:14)
Running from C:\Users\User\Desktop
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) (2009-01-07 19:07:14)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3273286156-3480778537-3055062599-500 - Administrator - Disabled)
Guest (S-1-5-21-3273286156-3480778537-3055062599-501 - Limited - Enabled) => C:\Users\Guest
User (S-1-5-21-3273286156-3480778537-3055062599-1003 - Administrator - Enabled) => C:\Users\User
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
5600 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS5 (HKLM\...\{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AIO_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
Avro Keyboard 5.5.0 (HKLM\...\Avro Keyboard_is1) (Version: 5.5.0 - OmicronLab)
bestadblocker (HKLM\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION
BitTorrent (HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.26 - Broadcom Corporation)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
calibre (HKLM\...\{0305E6D9-E11E-445C-B468-CAA3996641BA}) (Version: 1.18.0 - Kovid Goyal)
Camersoft Fake Webcam 3.1.08 (HKLM\...\Camersoft Fake Webcam_is1) (Version:  - Camersoft Studio)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
Cisco Network Magic (Version: 5.5.09195.0 - Pure Networks) Hidden
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2519 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DigitalPersona Personal 4.11 (HKLM\...\{1A5D65E1-B438-4148-97E3-1BC3627BEC71}) (Version: 4.11.3805 - DigitalPersona, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
EatCam Webcam Recorder 5.0 for Yahoo Messenger (HKLM\...\EatCam Webcam Recorder 5.0 for Yahoo Messenger_is1) (Version: 5.0 - EatCam.com)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Free Video Call Recorder for Skype version 1.2.28.324 (HKLM\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.28.324 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Drive (HKLM\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Goravani Jyotish Studio 3.9 (HKLM\...\{D18CEC90-7219-4047-B2CC-9B8B9472AAA7}_is1) (Version:  - Goravani)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP MULTIPLE MODEM INSTALLER for VISTA (HKLM\...\{45A136EC-88BF-4B95-99F5-C45D3930E1CC}) (Version: 1.0.0.30 - Hewlett Packard)
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 D1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 D1 - Hewlett-Packard)
HP QuickPlay 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.6310 - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM\...\{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}) (Version: 1.0.9 - Hewlett-Packard)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3359.2635 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0102 (HKLM\...\{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{A5CE7175-080D-49AC-B5A3-E7E3502428F5}) (Version: 3.00 I2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}) (Version: 2.1.3.0000 - Hewlett Packard Development Company L.P.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
Jagannatha Hora 7.66 (HKLM\...\Jagannatha Hora_is1) (Version: 7.66 - PVR Narasimha Rao)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2719 - CyberLink Corp.)
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version:  - )
LightScribe System Software (HKLM\...\{4A9849CA-E11C-4F24-8BB1-97C717A1C898}) (Version: 1.18.1.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version:  - )
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTNL 3G version 1.0 (HKLM\...\{6B1C21DC-F011-4917-A6AB-4C707D5276EB}_is1) (Version: 1.0 - MTNL)
muvee autoProducer 6.1 (HKLM\...\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
NaturalReaderFree (HKLM\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Network Magic (HKLM\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.0 - Nikon)
NirSoft VideoCacheView (HKLM\...\NirSoft VideoCacheView) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 2.0.2.2 - Nokia)
Nokia PC Internet Access (Version: 2.0.2.2 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (Version: 3.8.54.0 - Nokia) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 22.5.4.24 - Symantec Corporation)
Norton Utilities 16 (HKLM\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
OL School Atlas (HKLM\...\{630E9109-D2B8-4614-93BA-77FDF37FAA73}) (Version: 1.00.0000 - Orient Longman)
Opera Stable 32.0.1948.69 (HKLM\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Oracle Data Provider for .NET Help (HKLM\...\{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}) (Version: 11.2.010 - Oracle Corporation)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3919 - CyberLink Corp.)
ProtectSmart Hard Drive Protection (HKLM\...\{AAD72731-807A-4B79-AE05-9190B7002B7B}) (Version: 3.10 A7 - Hewlett-Packard)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
Pure Networks Platform (Version: 11.2.09195.1 - Pure Networks) Hidden
Python 3.4.1 (HKLM\...\{df32bb9e-3ed8-36b5-a649-e8c845c5f3a2}) (Version: 3.4.1150 - Python Software Foundation)
QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SalePlus (HKLM\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version:  - ) <==== ATTENTION
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Security Task Manager 1.8c (HKLM\...\Security Task Manager) (Version: 1.8c - Neuber Software)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Sentinel Protection Installer 7.0.0 (HKLM\...\{547D4265-AF45-42E9-A62A-C58182AA35B9}) (Version: 7.0.0 - SafeNet, Inc.)
Skype™ 7.13 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe (HKLM\...\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}) (Version: 1.6.5.17120 - Synaptics Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (Version:  - WildTangent) Hidden
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.34 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebEx Support Manager for Internet Explorer (HKLM\...\{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}) (Version: 6.5.4917 - WebEx Communications Inc.)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
WildTangent Games App for HP (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent)
WinDirStat 1.1.2 (HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\WinDirStat) (Version:  - )
Windows Driver Package - ENE (enecir) HIDClass  (09/04/2008 2.6.0.0) (HKLM\...\7DE39862CC26DCE2446838AAF7CD5C163F835A57) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WordWeb (HKLM\...\WordWeb) (Version: 7 - WordWeb Software)
XAMPP (HKLM\...\xampp) (Version: 1.8.3-2 - BitNami)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\User\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\User\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> no filepath
 
==================== Restore Points =========================
 
27-10-2015 06:33:08 Windows Update
28-10-2015 03:00:53 Windows Update
29-10-2015 07:48:37 Windows Update
30-10-2015 01:41:38 Windows Update
30-10-2015 03:01:02 Windows Update
30-10-2015 03:17:13 Windows Update
30-10-2015 13:33:12 Windows Update
30-10-2015 21:58:43 Windows Update
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {004C4FDA-4E77-4569-98BA-3319E360E3A2} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {01FB1988-EE2F-47E7-A62D-95FB47A133DC} - System32\Tasks\{A48771FC-8214-4001-97F0-9D8EB30FF409} => pcalua.exe -a C:\Users\User\Downloads\Package\Package\setup.exe -d C:\Users\User\Downloads\Package\Package
Task: {0A06C75F-BF98-4CCF-BD4C-305A0FF15B30} - System32\Tasks\Core Temp Autostart User => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {14AB7F55-A002-454D-AB41-D70C6A2215A6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: {176CB84D-20CE-42D1-A876-CF81EA560AD7} - System32\Tasks\{AE002024-D544-4569-BBA5-84F34DD341A5} => pcalua.exe -a "C:\Users\User\Documents\Azureus Downloads\Parashara_s_Light_6.1\Parashara's Light 6.1\SETUP.EXE" -d "C:\Users\User\Documents\Azureus Downloads\Parashara_s_Light_6.1\Parashara's Light 6.1"
Task: {1B347BAA-5746-44AD-845C-2ED13D482D66} - System32\Tasks\{656BEA03-63D6-40B0-84D3-7DDF0447700A} => C:\Program Files\Skype\Phone\Skype.exe [2015-10-14] (Skype Technologies S.A.)
Task: {2616AF83-0D8E-4261-B537-0993D00CED11} - System32\Tasks\{FD5C0253-2C4D-42E3-A0AC-EC70755A10AC} => pcalua.exe -a C:\ProgramData\Installations\{EE60BB9B-E721-454C-9B61-34EE8B36B8A7}\INSTALLER.EXE
Task: {290B2CDA-E91A-436F-AC7E-B91FC315BE4D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {299D416C-9E38-4E5D-B814-7986908B89D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {2E7A36EE-79AD-4D56-A962-F206C6139298} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2FD6238A-8F93-4043-B995-57399A71056C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {351D51B7-0FCA-4E34-88C0-E0C6E8D30647} - \5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2 -> No File <==== ATTENTION
Task: {3EB6C526-C1D5-413D-9E82-2AC118675739} - \Bidaily Synchronize Task -> No File <==== ATTENTION
Task: {449B3246-7601-48F4-8032-2A96B047B393} - System32\Tasks\NUSchedule => C:\Program Files\Symantec\Norton Utilities 16\nu.exe [2015-03-31] (Symantec)
Task: {4DAC4BF3-C831-4972-AFD4-08D983460C45} - System32\Tasks\{F62D94F8-4254-4873-9281-6D19B98B1AEA} => pcalua.exe -a C:\Users\User\Downloads\windirstat1_1_2_setup.exe -d C:\Users\User\Downloads
Task: {5203D9EE-8E0B-4363-9AA8-04AED42518F3} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {556AEF19-A9CF-431C-955B-B4CBE4356909} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5683914D-9A98-4BFC-B612-D1211376647C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5C11A32E-5037-48D6-8235-D5972DF94E0E} - System32\Tasks\{1635C5D7-F67F-4221-9551-BC85C3626EFC} => pcalua.exe -a "C:\Users\User\Desktop\KUNDLI_PACK\KUNDLI PACK\Kundli Parashara Lite 7.0\Setup.exe" -d "C:\Users\User\Desktop\KUNDLI_PACK\KUNDLI PACK\Kundli Parashara Lite 7.0"
Task: {6B55480D-FA3D-407A-B29B-02EEA46217BC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6CE32B5D-F782-438D-8D41-7D8800A6C64D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-26] (Adobe Systems Incorporated)
Task: {6DD0F3D3-17A7-48CA-9CBD-06F93EA755E9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {77CB15C1-B973-456E-AAD4-4335DAFFF4C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1009 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {784E5B70-70A5-47B5-8AC4-291B189E8A60} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7E7A9EA8-2A42-42CD-B9E0-C52416863446} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-05-26] ()
Task: {863B4D33-F00F-4FE1-8474-4266BF4FF794} - System32\Tasks\{4D7D025E-2B49-45AE-8660-5E1BBAB9B5BF} => pcalua.exe -a F:\INSTALLER.EXE -d F:\
Task: {95AA2056-04CC-48E3-8BCB-0E1019FC1020} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-27] (Facebook Inc.)
Task: {973DA91D-63EF-4B59-B178-7C5DB768ADF2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1009 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9CF3F4EF-F536-44CE-A181-1DD9FEF7D5F7} - System32\Tasks\{98FB32EF-A8DB-44A0-A54A-F8C79139276F} => pcalua.exe -a C:\Users\User\Desktop\sayan\vlc-1.0.1-win32.exe -d C:\Users\User\Desktop\sayan
Task: {A5E3B5AB-15A9-4119-9851-993A27A65A26} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\SymErr.exe [2015-09-09] (Symantec Corporation)
Task: {BE882345-73FA-4B83-AED6-5932CD99D546} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-27] (Facebook Inc.)
Task: {C23D46F1-9C6C-4ED0-BE47-33B014228E21} - System32\Tasks\Microsoft\Windows\RestartManager\{E3BCBBC5-0942-42e5-9A4F-4F2E5C3AD053} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {CA48EAC0-D403-467C-9FB1-674C5C8FD44B} - System32\Tasks\{C8BE5B44-943E-4721-BC4A-61C69C06D05E} => pcalua.exe -a C:\Users\User\Downloads\Compressed\win32_11gR2_database_1of2\database\setup.exe -d C:\Users\User\Downloads\Compressed\win32_11gR2_database_1of2\database
Task: {D473CF0A-D8D5-4784-8D78-7539277B45A6} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\SymErr.exe [2015-09-09] (Symantec Corporation)
Task: {D838B51B-4DE9-4826-A8ED-78EAC1621EA3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {DB68DD01-8809-4DC6-B223-E5A6EFF99DC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {EB0AF980-BB0A-4D59-B36D-8ECB98974415} - System32\Tasks\Opera scheduled Autoupdate 1388224918 => C:\Program Files\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {FB86B8BE-EEEA-47D0-AE5E-7DBF84B91926} - System32\Tasks\NUAutoUpdate => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe [2015-03-31] (Symantec)
Task: {FC4E3032-2BE9-42F4-8E36-E8796688B7E5} - System32\Tasks\{E5FFE41C-64E7-46D6-8815-11009A3E7680} => pcalua.exe -a C:\app\User\product\11.2.0\dbhome_1\oui\bin\setup.exe -d C:\app\User\product\11.2.0\dbhome_1\oui
Task: {FDC5EB3D-514E-4951-A4FB-FE683DA0D203} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\NUAutoUpdate.job => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\Windows\Tasks\NUSchedule.job => C:\Program Files\Symantec\Norton Utilities 16\nu.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00292216 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2009-12-20 02:53 - 2009-01-12 16:50 - 00259480 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00038184 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2008-07-03 12:09 - 2008-03-27 03:56 - 00341328 _____ () C:\Windows\SMINST\BLService.exe
2008-07-03 12:09 - 2006-09-14 02:24 - 00081920 _____ () C:\Windows\SMINST\STString.dll
2008-07-03 12:09 - 2007-11-15 04:16 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2015-05-11 12:19 - 2010-07-30 18:33 - 00049152 _____ () C:\Program Files\Camersoft\Fake Webcam\fakewebcam.ax
2014-04-11 21:09 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 21:09 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2012-06-28 13:24 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2012-06-28 13:22 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files\Yahoo!\Messenger\pcre.dll
2010-02-24 22:19 - 2014-05-01 22:23 - 03178496 _____ () C:\Program Files\Jagannatha Hora\bin\jhora.exe
2010-02-24 22:19 - 2009-04-07 10:17 - 00479232 _____ () C:\Program Files\Jagannatha Hora\bin\swedll32.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\yieldmanager.com -> yieldmanager.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\img7.jpg
DNS Servers: 121.242.190.180 - 192.168.12.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: BcmSqlStartupSvc => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: MSSQL$MSSMLBIZ => 3
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SQLBrowser => 2
MSCONFIG\Services: SQLWriter => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avro Keyboard => C:\Program Files\Avro Keyboard\Avro Keyboard.exe
MSCONFIG\startupreg: BitTorrent => 
MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: googletalk => 
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: hpWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => 
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: S301MD => C:\Program Files\MTNL 3G\Delhi\Resource\driver\MctlSuc.exe
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\realplayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: uTorrent => "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{251CC31A-E63E-4BB1-8325-BEC4F9E9CD08}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{AA6A0660-19A9-4D58-8FB5-40DCD54555CE}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{DA32DE78-C5EF-4067-85C7-B348BD5ABDEC}] => (Allow) C:\Users\User\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{7B338455-CA0B-4505-BFC6-CC10BCB65EE7}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{600F4FF6-46FA-47A4-807B-41BEFEBC043F}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B6BB6038-59A8-4130-993B-FB4F5E748E85}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A4149651-986A-471F-ABC1-D12B42EA3207}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{3AAABFC9-239A-489F-893D-82BA4E325E6D}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{3FC640ED-B52A-419F-82BD-0DB7461E49A4}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{3E36E433-F7AD-4CE7-B229-EC6EAB2FD627}] => (Allow) C:\Program Files\Naver\LINE\Line.exe
FirewallRules: [{12BB1B49-C843-40ED-A324-FE6F8D6A9EB9}] => (Allow) C:\Program Files\Naver\LINE\Line.exe
FirewallRules: [TCP Query User{1D594D6A-D5FF-4019-BFEE-C6FFA6B5C534}C:\from my computer\empire earth\empire earth.exe] => (Block) C:\from my computer\empire earth\empire earth.exe
FirewallRules: [UDP Query User{2562B7F1-F6E9-4E80-A992-3F7E12039F3E}C:\from my computer\empire earth\empire earth.exe] => (Block) C:\from my computer\empire earth\empire earth.exe
FirewallRules: [{D5DCC945-A1A1-41F5-BB64-D27B6431C139}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FE45EDD1-0F6A-4769-8867-9D97981109C7}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{315251F0-2BB4-440B-B3C5-C3ED7F3FB07F}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D84870DC-4763-4267-986E-E8950B733743}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9D58FE96-5AA6-44BE-BE71-D3ECFE330A4E}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{93D6B219-57FA-4087-95CE-206A520D2244}] => (Allow) C:\Users\User\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{916CD997-5284-4D3E-B241-786DD194BC46}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{C2823C6F-95FD-43B1-9FC5-05120398B36D}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{018D7C56-932D-4B06-A3C3-DC1347CB5D1F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4FDABAAC-6969-4A3A-A5AC-7560C1384CEF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter #9
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: HP Integrated Bluetooth module
Description: HP Integrated Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: HP
Service: BTHUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/31/2015 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 400455
 
Error: (10/31/2015 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 400455
 
Error: (10/31/2015 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/31/2015 01:37:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 398255
 
Error: (10/31/2015 01:37:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 398255
 
Error: (10/31/2015 01:37:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/31/2015 01:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 396586
 
Error: (10/31/2015 01:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 396586
 
Error: (10/31/2015 01:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (10/31/2015 01:37:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 394683
 
 
System errors:
=============
Error: (10/31/2015 01:44:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: QuickPlay Task Scheduler (QTS)1
 
Error: (10/30/2015 10:48:19 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
 
Error: (10/30/2015 10:48:19 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.16.253, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (10/30/2015 10:48:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Cyberlink RichVideo Service(CRVS)%%2
 
Error: (10/30/2015 10:48:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (10/30/2015 10:47:43 PM) (Source: Print) (EventID: 23) (User: NT AUTHORITY)
Description: Printer Acrobat PDFWriter failed to initialize because a suitable Acrobat PDFWriter driver could not be found. The new printer settings that you specified have not taken effect. Install or reinstall the printer driver. You might need to contact the vendor for an updated driver.
 
Error: (10/30/2015 10:47:08 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: 2147942402
 
Error: (10/30/2015 10:46:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 22:45:03 on 30-10-2015 was unexpected.
 
Error: (10/30/2015 10:18:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x8007064aUpdate for Microsoft Office Outlook 2007 Junk Email Filter (KB3085617){D9F08FDC-BB6D-4574-84BE-1AA6D6F95472}200
 
Error: (10/30/2015 08:37:03 PM) (Source: VDS Dynamic Provider) (EventID: 10) (User: )
Description: The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505
 
 
CodeIntegrity:
===================================
  Date: 2015-10-31 02:23:22.055
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:23:20.009
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:23:18.251
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:23:15.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:23:12.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:23:10.336
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:23:08.528
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:23:06.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:21:42.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-10-31 02:21:41.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 72%
Total physical RAM: 3002.45 MB
Available physical RAM: 837.64 MB
Total Virtual: 6227.14 MB
Available Virtual: 3202.58 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:223.81 GB) (Free:21.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:9.07 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 4F102E62)
Partition 1: (Active) - (Size=223.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
 
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

  • 0

#3
sayan.dg

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

the log 

 

 

#################################

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 3.79 0 K 24 K 0
WmiPrvSE.exe < 0.01 16,800 K 11,940 K 4056 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2.27 4,440 K 4,892 K 944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
BLService.exe 9.09 13,340 K 5,700 K 1784 Application MFC STServices (Verified) SoftThinks
procexp.exe 7.57 34,948 K 47,188 K 10256 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 3.79 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 3.03 41,648 K 35,376 K 508 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
vfsFPService.exe 2.27 9,124 K 8,788 K 1656 Validity Sensors Fingerprint Service Validity Sensors, Inc. (Verified) Validity Sensors
nis.exe 0.76 1,18,580 K 14,608 K 3940 Norton Internet Security Symantec Corporation (Verified) Symantec Corporation
System 1.51 0 K 3,468 K 4
SynTPEnh.exe 0.76 9,236 K 4,944 K 1100 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
nmsrvc.exe 0.76 11,228 K 8,080 K 2816 Pure Networks Platform Service Cisco Systems, Inc. (Verified) Cisco-Linksys LLC
explorer.exe 0.76 43,388 K 46,876 K 628 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 50,064 K 66,816 K 5284 Google Chrome Google Inc. (Verified) Google Inc
YahooMessenger.exe 0.76 1,21,636 K 1,06,056 K 6512 Yahoo! Messenger Yahoo! Inc. (Verified) Yahoo! Inc.
chrome.exe < 0.01 35,072 K 40,672 K 8332 Google Chrome Google Inc. (Verified) Google Inc
Skype.exe < 0.01 1,32,276 K 38,332 K 8212 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
nis.exe 18,688 K 10,240 K 4000 Norton Internet Security Symantec Corporation (Verified) Symantec Corporation
chrome.exe < 0.01 1,29,204 K 1,82,368 K 4456 Google Chrome Google Inc. (Verified) Google Inc
igfxsrvc.exe < 0.01 4,096 K 3,728 K 2396 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
svchost.exe < 0.01 1,16,080 K 79,840 K 1208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsass.exe < 0.01 6,808 K 6,656 K 740 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,576 K 5,252 K 696 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 17,084 K 8,432 K 1140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Core Temp.exe < 0.01 3,836 K 3,372 K 2272 CPU temperature and system information utility (Verified) Artur Liberman
chrome.exe < 0.01 1,75,704 K 1,95,200 K 1264 Google Chrome Google Inc. (Verified) Google Inc
csrss.exe < 0.01 2,092 K 2,336 K 640 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
DpHostW.exe 0.76 16,768 K 12,028 K 500 DigitalPersona Local Host DigitalPersona, Inc. (Certificate expired) DigitalPersona, Inc.
stacsv.exe < 0.01 9,576 K 3,300 K 1240 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
chrome.exe < 0.01 26,952 K 22,640 K 11664 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 0.76 4,996 K 4,844 K 1012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 4,456 K 2,948 K 3096 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
hkcmd.exe < 0.01 2,944 K 2,484 K 2352 hkcmd Module Intel Corporation (Verified) Intel Corporation
wlanext.exe < 0.01 2,064 K 1,828 K 1936 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 23,388 K 11,772 K 1764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsm.exe 2,436 K 2,348 K 748 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
services.exe 0.76 3,304 K 3,916 K 728 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe < 0.01 3,024 K 2,204 K 4328 iPodService Module (32-bit) Apple Inc. (Verified) Apple Inc.
SearchIndexer.exe < 0.01 63,772 K 10,808 K 2992 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 4,500 K 2,640 K 3320 MobileDeviceService Apple Inc. (Verified) Apple Inc.
chrome.exe 22,256 K 4,140 K 5964 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe < 0.01 92,768 K 72,416 K 8712 Google Chrome Google Inc. (Verified) Google Inc
YahooMessenger.exe < 0.01 25,792 K 15,568 K 3932 Yahoo! Messenger Yahoo! Inc. (Verified) Yahoo! Inc.
svchost.exe 0.76 95,280 K 93,196 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe < 0.01 11,656 K 5,444 K 1132 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
spnsrvnt.exe < 0.01 1,508 K 796 K 1320 SafeNet, Inc (Verified) Rainbow Technologies
iTunesHelper.exe < 0.01 5,424 K 3,476 K 2892 iTunesHelper Apple Inc. (Verified) Apple Inc.
StartManSvc.exe < 0.01 2,900 K 1,500 K 3972 StartMan Application PC Tools (Verified) Symantec Corporation
spoolsv.exe < 0.01 6,652 K 4,548 K 336 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
hpservice.exe < 0.01 2,584 K 1,012 K 1588 HpService Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
wweb32.exe 3,664 K 1,216 K 2972 WordWeb WordWeb Software (Verified) WordWeb Software
wuauclt.exe 2,836 K 1,816 K 11936 Windows Update Microsoft Corporation (Verified) Microsoft Windows Component Publisher
WmiPrvSE.exe 3,308 K 4,456 K 4368 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 884 K 488 K 1960 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE 6,016 K 2,532 K 2488 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 2,040 K 2,284 K 828 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,356 K 616 K 684 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,568 K 1,768 K 2476 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,036 K 3,772 K 388 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,660 K 2,292 K 1792 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 740 K 560 K 5808 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 14,288 K 12,528 K 2116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 8,688 K 9,132 K 1460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,356 K 1,744 K 1416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,264 K 812 K 3388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,612 K 1,756 K 3420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,728 K 1,668 K 1196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,828 K 2,824 K 2656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,496 K 864 K 2260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,064 K 43,488 K 4360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray.exe 8,956 K 3,104 K 2780 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
SSDMonitor.exe 1,600 K 1,096 K 2804 SSDMonit Application Symantec Corporation (Verified) Symantec Corporation
smss.exe 296 K 184 K 488 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe 6,656 K 2,588 K 1436 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
ScrybeUpdater.exe 4,156 K 5,280 K 2024 Scrybe Update Manager. Synaptics, Inc. (Verified) Synaptics Incorporated
rndlresolversvc.exe 968 K 500 K 1412 (Verified) RealNetworks
realsched.exe < 0.01 2,560 K 520 K 11608 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks
QPService.exe 8,512 K 3,752 K 904 HP QuickPlay Resident Program CyberLink Corp. (Verified) CyberLink
QPCapSvc.exe 14,464 K 2,792 K 1220 CLCapSvc Module (Verified) CyberLink
QLBCTRL.exe 9,812 K 5,364 K 592 Quick Launch Buttons Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
nmctxth.exe < 0.01 6,832 K 5,780 K 1884 Pure Networks Platform Assistant Cisco Systems, Inc. (Verified) Cisco-Linksys LLC
msiexec.exe 4,912 K 10,904 K 10744 Windows® installer Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 1,608 K 1,904 K 3376 Bonjour Service Apple Inc. (Verified) Apple Inc.
mdm.exe < 0.01 1,924 K 1,560 K 3892 Machine Debug Manager Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
LSSrvc.exe 1,108 K 588 K 3868 LightScribe Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
ISUSPM.exe 2,296 K 2,716 K 2920 Macrovision Software Manager Macrovision Corporation (Verified) Macrovision Corporation
igfxpers.exe 2,364 K 2,520 K 2636 persistence Module Intel Corporation (Verified) Intel Corporation
ielowutil.exe < 0.01 2,756 K 8,268 K 11264 Internet Low-Mic Utility Tool Microsoft Corporation (Verified) Microsoft Windows
IAANTmon.exe 3,088 K 1,860 K 3828 RAID Monitor Intel Corporation (Verified) Intel Corporation
IAAnotif.exe 3,760 K 1,944 K 2032 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
HPSupportSolutionsFrameworkService.exe 14,376 K 3,556 K 3464 SolutionsFrameworkService Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqwmiex.exe 2,752 K 2,352 K 4240 hpqwmiex Module Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPKBDAPP.exe 7,268 K 2,284 K 1340 HP QuickTouch On Screen Display Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleCrashHandler.exe 2,500 K 832 K 2080 Google Crash Handler Google Inc. (Verified) Google Inc
DpAgent.exe 10,860 K 4,400 K 1620 DigitalPersona Local Agent DigitalPersona, Inc. (Certificate expired) DigitalPersona, Inc.
dllhost.exe 2,688 K 1,440 K 6044 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
Com4QLBEx.exe 996 K 980 K 4984 Com for QLB application Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
chrome.exe 32,488 K 31,760 K 6712 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 28,208 K 13,740 K 5504 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 29,808 K 13,724 K 5264 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe < 0.01 91,084 K 24,132 K 7788 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe < 0.01 24,884 K 25,000 K 11636 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe < 0.01 26,092 K 14,200 K 5652 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 71,452 K 69,460 K 4172 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,052 K 1,680 K 1308 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 38,852 K 19,124 K 3824 Google Chrome Google Inc. (Verified) Google Inc
audiodg.exe 15,592 K 10,028 K 1348 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atashost.exe 1,816 K 412 K 3348 WebEx Host for Support Center WebEx Communications, Inc. (Verified) WebEx Communications Inc.
armsvc.exe 2,104 K 612 K 3300 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
alg.exe 1,472 K 1,008 K 4496 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
vdsldr.exe 4.54 1,080 K 3,684 K 496 Virtual Disk Service Loader Microsoft Corporation

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP
appears that chrome is using too much CPU. Close chrome. Open ie or another browser. Make a new log. Make sure you click on the CPU column header until the highest users are at the top. Blservices.exe and interrupts are also too high. Interrupts usually means a bad driver.
  • 0

#5
sayan.dg

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

Hi RKinner,

 

The chrome was running multiple applications .. thats why heavy usage was shown mostly am adding chrome and ie versions both... 

 

 

**************************************************************************

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 33.49 0 K 24 K 0
svchost.exe 20.41 4,508 K 5,128 K 944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 18.90 16,644 K 11,016 K 4056 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 11.34 28,800 K 40,272 K 8072 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
SynTPEnh.exe 4.53 9,244 K 5,044 K 1100 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
nmsrvc.exe 3.02 11,240 K 8,688 K 2816 Pure Networks Platform Service Cisco Systems, Inc. (Verified) Cisco-Linksys LLC
dwm.exe 2.27 40,368 K 35,108 K 508 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
YahooMessenger.exe 0.76 1,38,392 K 1,22,596 K 6512 Yahoo! Messenger Yahoo! Inc. (Verified) Yahoo! Inc.
vfsFPService.exe 0.76 9,284 K 8,216 K 1656 Validity Sensors Fingerprint Service Validity Sensors, Inc. (Verified) Validity Sensors
System 0.76 0 K 860 K 4
svchost.exe 0.76 99,872 K 96,544 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
nmctxth.exe 0.76 6,832 K 5,584 K 1884 Pure Networks Platform Assistant Cisco Systems, Inc. (Verified) Cisco-Linksys LLC
Interrupts 0.76 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 0.76 2,432 K 2,252 K 640 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Core Temp.exe 0.76 3,964 K 2,664 K 2272 CPU temperature and system information utility (Verified) Artur Liberman
explorer.exe < 0.01 40,472 K 38,472 K 628 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
Skype.exe < 0.01 1,32,444 K 35,336 K 8212 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
csrss.exe < 0.01 2,632 K 6,692 K 696 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 17,128 K 7,764 K 1140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
igfxsrvc.exe < 0.01 4,664 K 3,472 K 2396 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
svchost.exe < 0.01 1,16,680 K 43,344 K 1208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
DpHostW.exe < 0.01 16,864 K 7,848 K 500 DigitalPersona Local Host DigitalPersona, Inc. (Certificate expired) DigitalPersona, Inc.
stacsv.exe < 0.01 9,576 K 3,468 K 1240 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
chrome.exe < 0.01 1,22,568 K 1,75,156 K 4456 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe < 0.01 5,032 K 4,868 K 1012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 1,32,592 K 1,51,144 K 5592 Google Chrome Google Inc. (Verified) Google Inc
wmpnetwk.exe < 0.01 4,456 K 2,624 K 3096 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
wlanext.exe < 0.01 2,092 K 1,816 K 1936 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
hkcmd.exe < 0.01 2,948 K 2,452 K 2352 hkcmd Module Intel Corporation (Verified) Intel Corporation
svchost.exe < 0.01 23,608 K 9,420 K 1764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 4,936 K 2,588 K 3320 MobileDeviceService Apple Inc. (Verified) Apple Inc.
iPodService.exe < 0.01 3,024 K 1,960 K 4328 iPodService Module (32-bit) Apple Inc. (Verified) Apple Inc.
dllhost.exe < 0.01 2,720 K 2,500 K 6044 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 14,320 K 12,776 K 2116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 64,508 K 10,480 K 2992 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
nis.exe < 0.01 1,25,768 K 16,524 K 3940 Norton Internet Security Symantec Corporation (Verified) Symantec Corporation
chrome.exe < 0.01 24,996 K 27,052 K 11160 Google Chrome Google Inc. (Verified) Google Inc
lsass.exe < 0.01 6,328 K 6,668 K 740 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
YahooMessenger.exe < 0.01 25,888 K 15,712 K 5596 Yahoo! Messenger Yahoo! Inc. (Verified) Yahoo! Inc.
SearchProtocolHost.exe < 0.01 4,364 K 8,524 K 5380 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe < 0.01 11,676 K 5,144 K 1132 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe < 0.01 5,424 K 2,772 K 2892 iTunesHelper Apple Inc. (Verified) Apple Inc.
StartManSvc.exe < 0.01 2,900 K 1,004 K 3972 StartMan Application PC Tools (Verified) Symantec Corporation
spoolsv.exe < 0.01 6,652 K 3,220 K 336 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
hpservice.exe < 0.01 2,584 K 784 K 1588 HpService Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
wweb32.exe 3,664 K 1,172 K 2972 WordWeb WordWeb Software (Verified) WordWeb Software
wuauclt.exe 2,836 K 1,188 K 11936 Windows Update Microsoft Corporation (Verified) Microsoft Windows Component Publisher
WmiPrvSE.exe 3,660 K 4,368 K 4368 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WLIDSVCM.EXE 884 K 268 K 1960 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE 5,996 K 3,172 K 2488 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 2,216 K 2,156 K 828 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,356 K 376 K 684 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,568 K 1,608 K 2476 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,692 K 2,416 K 1792 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,052 K 2,596 K 388 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 740 K 464 K 5808 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 8,676 K 9,308 K 1460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,880 K 2,588 K 2656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,484 K 1,848 K 1416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,264 K 1,316 K 3388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,728 K 1,384 K 1196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,612 K 1,640 K 3420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,496 K 844 K 2260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,064 K 33,884 K 4360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray.exe 8,972 K 3,040 K 2780 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
SSDMonitor.exe 1,600 K 1,060 K 2804 SSDMonit Application Symantec Corporation (Verified) Symantec Corporation
spnsrvnt.exe 1,508 K 476 K 1320 SafeNet, Inc (Verified) Rainbow Technologies
smss.exe 296 K 180 K 488 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe 6,656 K 1,956 K 1436 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
services.exe 3,308 K 3,732 K 728 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 3,568 K 6,052 K 11072 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
ScrybeUpdater.exe 4,132 K 3,996 K 2024 Scrybe Update Manager. Synaptics, Inc. (Verified) Synaptics Incorporated
rndlresolversvc.exe 968 K 524 K 1412 (Verified) RealNetworks
realsched.exe 2,632 K 236 K 11608 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks
QPService.exe 8,512 K 2,628 K 904 HP QuickPlay Resident Program CyberLink Corp. (Verified) CyberLink
QPCapSvc.exe 14,464 K 5,800 K 1220 CLCapSvc Module (Verified) CyberLink
QLBCTRL.exe 11,028 K 4,816 K 592 Quick Launch Buttons Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
nis.exe 18,768 K 11,276 K 4000 Norton Internet Security Symantec Corporation (Verified) Symantec Corporation
mDNSResponder.exe 1,628 K 2,076 K 3376 Bonjour Service Apple Inc. (Verified) Apple Inc.
mdm.exe 1,924 K 1,428 K 3892 Machine Debug Manager Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
LSSrvc.exe 1,108 K 308 K 3868 LightScribe Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
lsm.exe 2,440 K 2,132 K 748 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
ISUSPM.exe 2,304 K 2,512 K 2920 Macrovision Software Manager Macrovision Corporation (Verified) Macrovision Corporation
igfxpers.exe 2,412 K 2,428 K 2636 persistence Module Intel Corporation (Verified) Intel Corporation
IAANTmon.exe 3,088 K 1,776 K 3828 RAID Monitor Intel Corporation (Verified) Intel Corporation
IAAnotif.exe 3,760 K 1,688 K 2032 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
HPSupportSolutionsFrameworkService.exe 14,376 K 1,492 K 3464 SolutionsFrameworkService Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqwmiex.exe 2,776 K 2,320 K 4240 hpqwmiex Module Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPKBDAPP.exe 7,284 K 2,216 K 1340 HP QuickTouch On Screen Display Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleCrashHandler.exe 2,504 K 852 K 2080 Google Crash Handler Google Inc. (Verified) Google Inc
DpAgent.exe 10,860 K 4,496 K 1620 DigitalPersona Local Agent DigitalPersona, Inc. (Certificate expired) DigitalPersona, Inc.
Com4QLBEx.exe 1,000 K 916 K 4984 Com for QLB application Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
chrome.exe 50,964 K 95,268 K 11760 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 51,892 K 57,188 K 5028 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 19,540 K 6,196 K 5964 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,052 K 1,336 K 1308 Google Chrome Google Inc. (Verified) Google Inc
BLService.exe 14,512 K 5,264 K 1784 Application MFC STServices (Verified) SoftThinks
audiodg.exe 15,564 K 10,084 K 1348 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atashost.exe 1,816 K 300 K 3348 WebEx Host for Support Center WebEx Communications, Inc. (Verified) WebEx Communications Inc.
armsvc.exe 2,104 K 348 K 3300 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
alg.exe 1,472 K 960 K 4496 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
 

**************************************************************************

IE VERSION

******************************

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process < 0.01 0 K 24 K 0
svchost.exe 19.63 4,636 K 5,220 K 944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 13.59 16,888 K 11,272 K 4056 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 14.35 27,932 K 39,760 K 8072 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
vfsFPService.exe 3.78 9,284 K 8,216 K 1656 Validity Sensors Fingerprint Service Validity Sensors, Inc. (Verified) Validity Sensors
dwm.exe 3.78 40,360 K 33,812 K 508 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
nmsrvc.exe < 0.01 11,224 K 9,092 K 2816 Pure Networks Platform Service Cisco Systems, Inc. (Verified) Cisco-Linksys LLC
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
YahooMessenger.exe < 0.01 1,37,804 K 1,21,488 K 6512 Yahoo! Messenger Yahoo! Inc. (Verified) Yahoo! Inc.
svchost.exe 1.51 99,912 K 96,656 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 3.02 41,696 K 43,400 K 628 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
DpHostW.exe < 0.01 16,864 K 7,848 K 500 DigitalPersona Local Host DigitalPersona, Inc. (Certificate expired) DigitalPersona, Inc.
csrss.exe < 0.01 2,524 K 5,252 K 696 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
SynTPEnh.exe 5.29 9,244 K 5,072 K 1100 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
System 1.51 0 K 864 K 4
svchost.exe < 0.01 1,16,772 K 43,484 K 1208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Skype.exe < 0.01 1,32,364 K 35,340 K 8212 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
igfxsrvc.exe < 0.01 4,648 K 3,472 K 2396 igfxsrvc Module Intel Corporation (Verified) Intel Corporation
svchost.exe < 0.01 17,200 K 7,796 K 1140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
Core Temp.exe < 0.01 3,964 K 2,668 K 2272 CPU temperature and system information utility (Verified) Artur Liberman
WmiPrvSE.exe 3,656 K 4,304 K 4368 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,432 K 2,244 K 640 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
stacsv.exe 0.76 9,576 K 3,468 K 1240 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe < 0.01 5,000 K 4,904 K 1012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
mdm.exe < 0.01 1,924 K 1,428 K 3892 Machine Debug Manager Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
nmctxth.exe 6,892 K 5,640 K 1884 Pure Networks Platform Assistant Cisco Systems, Inc. (Verified) Cisco-Linksys LLC
YahooMessenger.exe < 0.01 25,924 K 15,772 K 7960 Yahoo! Messenger Yahoo! Inc. (Verified) Yahoo! Inc.
wmpnetwk.exe < 0.01 4,476 K 2,644 K 3096 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
hkcmd.exe < 0.01 2,948 K 2,452 K 2352 hkcmd Module Intel Corporation (Verified) Intel Corporation
wlanext.exe < 0.01 2,088 K 1,816 K 1936 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
nis.exe < 0.01 1,24,804 K 16,836 K 3940 Norton Internet Security Symantec Corporation (Verified) Symantec Corporation
SearchIndexer.exe < 0.01 64,792 K 17,472 K 2992 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe < 0.01 3,024 K 1,960 K 4328 iPodService Module (32-bit) Apple Inc. (Verified) Apple Inc.
AppleMobileDeviceService.exe < 0.01 4,936 K 2,588 K 3320 MobileDeviceService Apple Inc. (Verified) Apple Inc.
unsecapp.exe 2,564 K 1,612 K 2476 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe < 0.01 11,164 K 24,472 K 6940 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
svchost.exe < 0.01 23,688 K 9,464 K 1764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
hpqwmiex.exe 2,760 K 2,312 K 4240 hpqwmiex Module Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
nis.exe 18,784 K 10,224 K 4000 Norton Internet Security Symantec Corporation (Verified) Symantec Corporation
lsass.exe < 0.01 6,404 K 6,792 K 740 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe < 0.01 11,676 K 5,148 K 1132 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe < 0.01 28,888 K 46,656 K 5044 Internet Explorer Microsoft Corporation (Verified) Microsoft Corporation
iTunesHelper.exe < 0.01 5,424 K 2,772 K 2892 iTunesHelper Apple Inc. (Verified) Apple Inc.
StartManSvc.exe < 0.01 2,900 K 1,004 K 3972 StartMan Application PC Tools (Verified) Symantec Corporation
spoolsv.exe < 0.01 6,652 K 3,220 K 336 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
hpservice.exe < 0.01 2,584 K 784 K 1588 HpService Hewlett-Packard Company (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
svchost.exe 8,768 K 9,428 K 1460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
alg.exe 1,472 K 960 K 4496 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows
wweb32.exe 3,664 K 1,316 K 2972 WordWeb WordWeb Software (Verified) WordWeb Software
wuauclt.exe 2,836 K 1,188 K 11936 Windows Update Microsoft Corporation (Verified) Microsoft Windows Component Publisher
WLIDSVCM.EXE 884 K 268 K 1960 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
WLIDSVC.EXE 5,996 K 3,172 K 2488 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 2,216 K 2,156 K 828 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,356 K 376 K 684 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,692 K 2,416 K 1792 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,052 K 2,596 K 388 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 740 K 464 K 5808 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 14,376 K 12,808 K 2116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,512 K 1,916 K 1416 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,192 K 83,280 K 4360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,880 K 2,588 K 2656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,264 K 1,316 K 3388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,728 K 1,384 K 1196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,612 K 1,640 K 3420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,496 K 844 K 2260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray.exe 8,972 K 3,040 K 2780 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
SSDMonitor.exe 1,600 K 1,060 K 2804 SSDMonit Application Symantec Corporation (Verified) Symantec Corporation
spnsrvnt.exe < 0.01 1,508 K 476 K 1320 SafeNet, Inc (Verified) Rainbow Technologies
smss.exe 296 K 180 K 488 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe 6,656 K 1,956 K 1436 Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
services.exe 3,336 K 3,740 K 728 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
ScrybeUpdater.exe 4,152 K 4,020 K 2024 Scrybe Update Manager. Synaptics, Inc. (Verified) Synaptics Incorporated
rndlresolversvc.exe 968 K 524 K 1412 (Verified) RealNetworks
realsched.exe 3.78 2,632 K 1,604 K 11608 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks
QPService.exe 8,512 K 2,628 K 904 HP QuickPlay Resident Program CyberLink Corp. (Verified) CyberLink
QPCapSvc.exe 14,464 K 5,800 K 1220 CLCapSvc Module (Verified) CyberLink
QLBCTRL.exe 11,028 K 4,816 K 592 Quick Launch Buttons Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
mDNSResponder.exe 1,628 K 2,076 K 3376 Bonjour Service Apple Inc. (Verified) Apple Inc.
LSSrvc.exe 1,108 K 308 K 3868 LightScribe Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
lsm.exe 2,440 K 2,132 K 748 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
ISUSPM.exe 2,304 K 2,512 K 2920 Macrovision Software Manager Macrovision Corporation (Verified) Macrovision Corporation
igfxpers.exe 2,412 K 2,428 K 2636 persistence Module Intel Corporation (Verified) Intel Corporation
ielowutil.exe 2,476 K 8,132 K 10572 Internet Low-Mic Utility Tool Microsoft Corporation (Verified) Microsoft Windows
IAANTmon.exe 3,088 K 1,776 K 3828 RAID Monitor Intel Corporation (Verified) Intel Corporation
IAAnotif.exe 3,760 K 1,688 K 2032 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
HPSupportSolutionsFrameworkService.exe 14,376 K 1,492 K 3464 SolutionsFrameworkService Hewlett-Packard Company (Verified) Hewlett-Packard Company
HPKBDAPP.exe 7,284 K 2,216 K 1340 HP QuickTouch On Screen Display Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleCrashHandler.exe 2,488 K 844 K 2080 Google Crash Handler Google Inc. (Verified) Google Inc
DpAgent.exe 10,860 K 4,496 K 1620 DigitalPersona Local Agent DigitalPersona, Inc. (Certificate expired) DigitalPersona, Inc.
dllhost.exe 2,692 K 2,488 K 6044 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
Com4QLBEx.exe 1,000 K 916 K 4984 Com for QLB application Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
BLService.exe 14,528 K 5,276 K 1784 Application MFC STServices (Verified) SoftThinks
audiodg.exe 15,564 K 10,084 K 1348 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atashost.exe 1,816 K 300 K 3348 WebEx Host for Support Center WebEx Communications, Inc. (Verified) WebEx Communications Inc.
armsvc.exe 2,104 K 348 K 3300 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
 

**************************************************************************


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP
Run process explorer again. If svchost is still high, hover over it and it should tell you what services are in it. Please report them. Wmiprvse is too high too. We may need to get and run wmi diagnostic utility 2.0
  • 0

#7
sayan.dg

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

hi

 

svc is having multiple entries as shown below. I have shown the mouse hover processes of first 5 entries sorted according to CPU usage.If you want the details of the next 10 svchost entries please let me know.

 

6.jpg

 

 

 

1.jpg

 

2.jpg

 

3.jpg

 

4.jpg

 

5.jpg

 

 

Thank you


Edited by sayan.dg, 04 November 2015 - 12:19 PM.

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,023 posts
  • MVP

Sorry for the delay.  Been on a trip and got back this morning at 4 AM.

 

We only care about the top CPU using svchost which appears to be the one with dcom.  We can't stop dcom so let's see if the following finds anything interesting:

 

 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.
 
 (Second time you run vew it will overwrite the first log so copy it to a reply or rename it first.)

  • 0

#9
sayan.dg

sayan.dg

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

i am replying in a day

 

kindly bear with me


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP