Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

I cant connect to internet after I ran adwcleaner

3K views 9 replies 2 participants last post by  Machiavelli_G2G 
#1 ·
My network is limited after I ran adwcleaner and cleaned some malware.
Please someone help
 
#2 ·
Hey, :)
please post the Adwarecleaner Log.

Please download FRST (by Farbar) from the link below and save it to your Desktop.

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here

  1. Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  2. Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  3. When the disclaimer appears, click Yes.
  4. Click Scan to start FRST.
  5. When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  6. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.
 
#5 ·
Here is FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Roshaan (administrator) on ROSHAAN-PC on 14-01-2015 16:49:27
Running from C:\Users\Roshaan\Desktop
Loaded Profile: Roshaan (Available profiles: Roshaan & fbwuser & uni55_000)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [3727648 2013-11-06] (Connectify)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [1656608 2013-11-06] (Connectify)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-19] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-09] (Raptr, Inc)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1937600 2014-08-14] (Valve Corporation)
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [] => [X]
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\HiSuite\HiSuite.exe [583488 2014-01-28] ()
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {58f5169b-6284-11e4-bec4-70f39530b5b4} - "E:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {5fe26a89-fd05-11e3-be93-70f39530b5b4} - "E:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {9e1c7ac1-e4dc-11e3-be88-70f39530b5b4} - "I:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {9e1c7ae7-e4dc-11e3-be88-70f39530b5b4} - "I:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {c67bcfcf-ec97-11e3-be8a-70f39530b5b4} - "I:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2328872 2014-02-16] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Roshaan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://arabia.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Roshaan\AppData\Roaming\Mozilla\Firefox\Profiles\tjqpz3vg.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_38 -> C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3849734346-3184810195-2697269132-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Roshaan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Security Protection - C:\Users\Roshaan\AppData\Roaming\Mozilla\Firefox\Profiles\tjqpz3vg.default\Extensions\detgdp@gmail.com [2014-12-23]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Roshaan\AppData\Roaming\Mozilla\Firefox\Profiles\tjqpz3vg.default\extensions\detgdp@gmail.com
FF HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Roshaan\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Roshaan\AppData\Roaming\IDM\idmmzcc5 [2014-05-08]
FF HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Roshaan\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419322627&from=wpm12233&uid=HitachiXHTS725032A9A364_100418PCK304VKHZPRRJX
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HP Product Detection Plugin) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2014-05-08]
CHR Extension: (SoundCloud Downloader) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apbeiaejbifegcmfkflngimmegifddkn [2014-05-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-08]
CHR Extension: (Adblock Plus) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-08]
CHR Extension: (Bypass Surveys) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjakedkphmphnlilokfkgkdclmhakhjg [2014-05-08]
CHR Extension: (Google Search) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-08]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-06-12]
CHR Extension: (AdBlock) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-08]
CHR Extension: (ESPN Cricinfo) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhlikjoigjegofbedmfmlcfkmhabldh [2014-05-08]
CHR Extension: (FVD Downloader) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-05-08]
CHR Extension: (Google Wallet) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-08]
CHR Extension: (APK Downloader) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhlfmheblhjhkmacldlhdnbgbaiigba [2014-05-08]
CHR Extension: (Gmail) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-29] (Broadcom Corporation.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [56648 2014-12-15] (Google Inc.)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2013-11-06] (Connectify) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-26] (Microsoft Corporation) [File not signed]
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-01-28] ()
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-05] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-02] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [204096 2014-01-28] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [37888 2013-03-03] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-29] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-10] (EldoS Corporation)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [35352 2014-08-16] (Connectify)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-22] (Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [32512 2015-01-13] ()
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-13] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [20016 2011-10-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-08] (Synaptics Incorporated)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-08-13] (Anchorfree Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-14] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 AtiDCM; \??\C:\Users\Roshaan\AppData\Local\Temp\atdcm64a.sys [X]
S1 HssDRV6; \SystemRoot\system32\DRIVERS\hssdrv6.sys [X]
S1 MpKsl9d05e58c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7EEB1EE1-2AC7-4C5A-A40D-E6B98828E091}\MpKsl9d05e58c.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 16:49 - 2015-01-14 16:50 - 00023872 _____ () C:\Users\Roshaan\Desktop\FRST.txt
2015-01-14 16:49 - 2015-01-14 16:49 - 00000000 ____D () C:\FRST
2015-01-14 16:48 - 2015-01-14 16:45 - 02124288 _____ (Farbar) C:\Users\Roshaan\Desktop\FRST64.exe
2015-01-14 16:45 - 2015-01-14 16:45 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Solvusoft
2015-01-14 16:43 - 2015-01-14 16:43 - 00000000 ____H () C:\ProgramData\cm-lock
2015-01-14 16:15 - 2015-01-14 16:15 - 00017461 _____ () C:\Users\Roshaan\Desktop\zoek-results.txt
2015-01-14 16:12 - 2015-01-14 16:12 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\DriverToolkit
2015-01-14 16:10 - 2015-01-14 15:30 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-14 15:32 - 2015-01-14 16:12 - 00017461 _____ () C:\zoek-results.log
2015-01-14 15:30 - 2015-01-14 16:06 - 00000000 ____D () C:\zoek_backup
2015-01-14 13:28 - 2015-01-14 13:28 - 00278568 _____ () C:\WINDOWS\Minidump\011415-22031-01.dmp
2015-01-14 13:09 - 2015-01-14 13:09 - 00000000 ____D () C:\Program Files\ATI
2015-01-14 13:09 - 2015-01-14 13:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-14 12:29 - 2015-01-14 12:29 - 00006144 _____ () C:\WINDOWS\system32\umstartup.etl
2015-01-14 11:54 - 2015-01-14 13:28 - 557362005 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-14 11:54 - 2015-01-14 11:54 - 00278456 _____ () C:\WINDOWS\Minidump\011415-17562-01.dmp
2015-01-13 22:30 - 2015-01-13 22:35 - 00006656 _____ () C:\WINDOWS\system32\bcmwlrc.dll
2015-01-13 22:30 - 2015-01-13 22:30 - 03060800 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\BCMWL664.SYS
2015-01-13 22:30 - 2015-01-13 22:30 - 00000000 ____D () C:\Program Files\Broadcom
2015-01-13 22:27 - 2015-01-13 22:27 - 00000188 _____ () C:\WINDOWS\SysWOW64\HPWA.ini
2015-01-13 22:27 - 2015-01-13 22:27 - 00000188 _____ () C:\WINDOWS\system32\HPWA.ini
2015-01-13 22:27 - 2015-01-13 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-13 22:27 - 2015-01-13 22:27 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-01-13 22:25 - 2015-01-14 13:03 - 00000362 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForRoshaan.job
2015-01-13 22:25 - 2015-01-14 12:57 - 00003180 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForRoshaan
2015-01-13 22:14 - 2015-01-13 22:14 - 00458448 _____ () C:\WINDOWS\Minidump\011315-25750-01.dmp
2015-01-13 21:53 - 2015-01-13 21:53 - 18561704 ____N (Hewlett-Packard Company ) C:\Users\Roshaan\Desktop\sp49408.exe
2015-01-13 21:08 - 2015-01-14 13:05 - 00000000 ____D () C:\WINDOWS\LastGood
2015-01-13 21:07 - 2015-01-13 21:06 - 03891200 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvsrv64.dll
2015-01-13 21:07 - 2015-01-13 21:06 - 00095544 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmwlcoi.dll
2015-01-13 16:45 - 2015-01-14 16:45 - 00000304 _____ () C:\WINDOWS\Tasks\DriverDoc_UPDATES.job
2015-01-13 16:45 - 2015-01-13 16:45 - 00003034 _____ () C:\WINDOWS\System32\Tasks\DriverDoc_UPDATES
2015-01-13 16:17 - 2015-01-13 16:21 - 00000000 ____D () C:\AdwCleaner
2015-01-13 16:17 - 2015-01-13 16:17 - 02191360 _____ () C:\Users\Roshaan\Downloads\adwcleaner_4.107.exe
2015-01-13 16:14 - 2015-01-13 16:14 - 00000000 ____D () C:\Program Files\Intel
2015-01-13 16:13 - 2015-01-13 16:13 - 00000000 ____D () C:\ProgramData\IntelDLM
2015-01-13 16:03 - 2015-01-13 16:03 - 00032512 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-01-13 15:49 - 2015-01-13 15:49 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Intel
2015-01-13 15:48 - 2015-01-13 15:48 - 00001182 _____ () C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk
2015-01-13 15:48 - 2015-01-13 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-01-13 15:48 - 2015-01-13 15:48 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-01-13 13:53 - 2015-01-13 14:23 - 00000000 ____D () C:\Users\Roshaan\Downloads\bluescreenview
2015-01-13 13:53 - 2015-01-13 13:53 - 00066913 _____ () C:\Users\Roshaan\Downloads\bluescreenview.zip
2015-01-13 13:41 - 2015-01-13 13:41 - 02333416 _____ (Intel) C:\Users\Roshaan\Downloads\Intel Driver Update Utility Installer.exe
2015-01-13 13:25 - 2015-01-13 13:25 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Roshaan\Downloads\autodetectutility.exe
2015-01-13 13:23 - 2015-01-13 13:23 - 00001047 _____ () C:\Users\Public\Desktop\Driver Reviver.lnk
2015-01-13 13:23 - 2015-01-13 13:23 - 00000316 _____ () C:\WINDOWS\Tasks\Start Driver Reviver for ROSHAAN-PC@Roshaan(logon).job
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-01-13 13:20 - 2015-01-13 13:20 - 04054840 _____ (ReviverSoft LLC) C:\Users\Roshaan\Downloads\DriverReviverSetup.exe
2015-01-13 13:16 - 2015-01-13 13:16 - 03441528 _____ (Solvusoft Corporation ) C:\Users\Roshaan\Downloads\Setup_DriverDoc_2015.exe
2015-01-13 13:16 - 2015-01-13 13:16 - 00001045 _____ () C:\Users\Public\Desktop\DriverDoc.lnk
2015-01-13 13:16 - 2015-01-13 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverDoc
2015-01-13 13:16 - 2015-01-13 13:16 - 00000000 ____D () C:\Program Files (x86)\DriverDoc
2015-01-13 12:03 - 2015-01-13 12:03 - 00278520 _____ () C:\WINDOWS\Minidump\011315-20921-01.dmp
2015-01-12 23:44 - 2015-01-12 23:44 - 00278632 _____ () C:\WINDOWS\Minidump\011215-25625-01.dmp
2015-01-12 23:34 - 2015-01-12 23:34 - 00378872 _____ () C:\WINDOWS\Minidump\011215-25656-01.dmp
2015-01-12 23:23 - 2015-01-12 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-01-12 22:10 - 2015-01-12 22:10 - 00492896 _____ () C:\WINDOWS\Minidump\011215-23156-01.dmp
2015-01-12 15:37 - 2015-01-12 23:11 - 00000000 ____D () C:\Users\Roshaan\Downloads\The Imitation Game (2014) DVDSCR XviD-MAXSPEED
2015-01-12 13:44 - 2015-01-12 13:44 - 00845200 _____ () C:\Users\Roshaan\Downloads\DroidSniff.apk
2015-01-12 13:35 - 2015-01-12 13:35 - 00785960 _____ () C:\Users\Roshaan\Downloads\com.overlook.android.fing-2.15-APK4Fun.com.apk
2015-01-11 14:52 - 2015-01-11 14:52 - 00319264 _____ () C:\WINDOWS\Minidump\011115-24093-01.dmp
2015-01-11 14:49 - 2015-01-11 14:49 - 01046792 _____ () C:\WINDOWS\Minidump\011115-21125-01.dmp
2015-01-08 13:28 - 2015-01-08 13:28 - 00711056 _____ () C:\WINDOWS\Minidump\010815-19453-01.dmp
2015-01-03 14:12 - 2015-01-03 14:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2014-12-23 17:20 - 2014-12-26 02:51 - 00004972 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROSHAAN-PC-Roshaan Roshaan-pc
2014-12-23 00:48 - 2014-12-23 00:48 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\LogMeIn
2014-12-23 00:48 - 2014-12-23 00:48 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-12-22 21:58 - 2014-12-22 22:01 - 00000000 ____D () C:\MOVIES
2014-12-22 14:14 - 2014-12-22 14:14 - 00000647 _____ () C:\Users\Roshaan\Desktop\CoD2MP_s - Shortcut.lnk
2014-12-16 10:25 - 2014-12-16 10:25 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Innovative Solutions
2014-12-16 10:25 - 2014-12-16 10:25 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Innovative Solutions

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 16:50 - 2014-05-08 08:45 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-14 16:48 - 2014-05-08 08:07 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3849734346-3184810195-2697269132-1001
2015-01-14 16:47 - 2013-09-30 09:14 - 00913650 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-14 16:44 - 2014-05-08 08:32 - 01958932 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-14 16:43 - 2014-05-08 09:25 - 00000384 _____ () C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2015-01-14 16:43 - 2014-05-08 08:45 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-14 16:42 - 2013-08-22 19:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-14 16:39 - 2014-11-02 00:30 - 00000000 __RDO () C:\Users\Roshaan\SkyDrive
2015-01-14 16:39 - 2014-05-08 23:08 - 00000000 ____D () C:\Program Files\KMSpico
2015-01-14 16:38 - 2013-08-22 18:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-14 16:19 - 2014-05-08 22:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-14 16:11 - 2013-09-30 09:02 - 00022066 _____ () C:\WINDOWS\PFRO.log
2015-01-14 16:05 - 2014-06-12 10:36 - 00000000 ____D () C:\Users\uni55_000\AppData\Local\Google
2015-01-14 16:04 - 2014-05-08 08:27 - 00000000 ____D () C:\Users\Roshaan
2015-01-14 16:00 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-14 15:17 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-14 13:28 - 2014-05-09 11:48 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-14 13:26 - 2014-06-07 16:20 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-01-14 13:19 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-14 13:10 - 2014-08-12 22:30 - 00046514 _____ () C:\WINDOWS\setupact.log
2015-01-14 13:05 - 2014-05-08 09:59 - 00000000 ____D () C:\Program Files\AMD
2015-01-14 04:01 - 2014-06-12 10:36 - 00000000 ____D () C:\Users\uni55_000
2015-01-14 03:56 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\registration
2015-01-13 23:03 - 2014-05-26 19:58 - 00000958 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001UA.job
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2015-01-13 21:54 - 2014-05-08 08:46 - 00000000 ____D () C:\swsetup
2015-01-13 16:21 - 2014-05-10 20:29 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-13 16:21 - 2014-05-08 08:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-13 16:21 - 2014-05-08 08:38 - 00001005 _____ () C:\Users\Roshaan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-13 16:00 - 2014-05-08 23:14 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Raptr
2015-01-13 15:54 - 2014-08-23 12:25 - 00001520 _____ () C:\WINDOWS\system32\.crusader
2015-01-13 14:30 - 2014-05-08 08:44 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{66043D5B-2D5F-4A61-9DF9-746CA8A82117}
2015-01-13 13:50 - 2014-05-08 20:18 - 00000000 ____D () C:\Users\Roshaan\Documents\Visual Studio 2012
2015-01-12 23:22 - 2014-05-08 23:14 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-11 13:54 - 2014-05-10 19:21 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\vlc
2015-01-11 13:01 - 2014-05-10 19:56 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-07 14:36 - 2014-09-21 19:46 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Research In Motion
2015-01-07 14:35 - 2014-09-21 19:33 - 00001937 _____ () C:\Users\Roshaan\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-01-07 14:33 - 2014-05-10 16:25 - 00000000 ____D () C:\Users\Roshaan\Documents\Bluetooth Exchange Folder
2015-01-07 14:27 - 2014-05-08 09:17 - 00000000 ____D () C:\Users\Roshaan\Downloads\Compressed
2015-01-07 14:06 - 2014-05-08 22:30 - 01690624 ___SH () C:\Users\Roshaan\Desktop\Thumbs.db
2015-01-06 20:35 - 2014-05-17 10:55 - 00515072 ___SH () C:\Users\Roshaan\Downloads\Thumbs.db
2015-01-05 13:56 - 2014-08-12 17:43 - 00007632 _____ () C:\Users\Roshaan\AppData\Local\Resmon.ResmonCfg
2015-01-05 12:40 - 2014-05-10 19:55 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-31 16:14 - 2014-05-08 09:17 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-23 12:51 - 2014-05-08 08:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-22 15:49 - 2014-05-08 09:59 - 00000000 ____D () C:\AMD
2014-12-19 11:30 - 2014-05-08 08:01 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Packages
2014-12-19 11:05 - 2014-10-12 12:53 - 00000000 ____D () C:\Users\Roshaan\Documents\Outlook Files
2014-12-19 11:05 - 2014-05-08 08:01 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\VirtualStore
2014-12-18 23:39 - 2014-05-08 22:44 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Microsoft Help
2014-12-17 00:52 - 2014-05-10 19:02 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-16 01:18 - 2014-06-24 11:03 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Adobe
2014-12-15 21:58 - 2014-05-08 22:21 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-12 12:48

==================== End Of Log ============================

And addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Roshaan at 2015-01-14 16:51:17
Running from C:\Users\Roshaan\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadband (HKLM-x32\...\Broadband) (Version: 16.001.06.00.172 - Huawei Technologies Co.,Ltd)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan LiDE 100 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413) (Version: - )
Chrome Remote Desktop Host (HKLM-x32\...\{6FC79C95-F54F-4515-8012-01F33D894492}) (Version: 40.0.2214.44 - Google Inc.)
Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.)
Connectify (HKLM\...\Connectify) (Version: 7.1.0.29279 - Connectify)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Driver Reviver (HKLM\...\Driver Reviver) (Version: 5.0.1.14 - ReviverSoft LLC)
DriverDoc (HKLM-x32\...\DriverDoc_is1) (Version: 1.52.1086.14425 - Solvusoft Corporation)
DriverToolkit version 8.3.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.3.0.0 - Megaify Software)
Dropbox (HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
emu8086 microprocessor emulator (HKLM-x32\...\emu8086 microprocessor emulator_is1) (Version: - emu8086)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GameRanger (HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\GameRanger) (Version: - GameRanger Technologies)
GlassFish Server Open Source Edition 3.1.2.2 (HKLM\...\nbi-glassfish-mod-3.1.2.23.2) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPhoto.it 1.5 (HKLM-x32\...\GoPhoto.it) (Version: 1.5 - GoPhoto.it)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.26.00.06 - Huawei Technologies Co.,Ltd)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{69FD2930-C361-47F6-822E-71B021526778}) (Version: 11.50.0015 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iExplorer 3.2.1.3 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
IGI 2 (HKLM-x32\...\IGI 2) (Version: - )
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java(TM) 6 Update 38 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416038FF}) (Version: 6.0.380 - Oracle)
Java(TM) SE Development Kit 6 Update 38 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160380}) (Version: 1.6.0.380 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
Jeta Logo Designer FREE EDITION 1.30 (HKLM-x32\...\{B9552944-5DB8-48C1-890A-9D4419F4984B}_is1) (Version: 1.30 - JETA.COM)
KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version: - )
KMSpico 4.1 (HKLM\...\KMSpico v4.1_is1) (Version: 4 - )
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{9600393b-6ede-469b-a522-689fce1461d1}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Mozilla Firefox 16.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Readon TV Movie Radio Player 7.5.0.0 (HKLM-x32\...\{03840E8D-A75E-4C49-ADFC-09A867C7F943}) (Version: 7.5.0 - Readon Technology)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd)
Registry Recycler (HKLM-x32\...\Registry Recycler_is1) (Version: 0.9.2.7 - Developer Tribe (Pvt) Ltd.)
Riverbed Modeler Academic Edition 17.5 (HKLM-x32\...\Riverbed Modeler Academic Edition 17.5) (Version: 17.5.0.13309 - Riverbed Technology)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.)
Sothink Logo Maker Professional (HKLM-x32\...\{574FFDC9-AB09-4C4A-B7BE-C6066502181A}_is1) (Version: 4.0 - SourceTec Software Co., LTD)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{B9360B01-E7EC-4586-A192-23AFE0BE80AF}) (Version: 2.0.0.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Freer (HKLM-x32\...\WebFreer) (Version: - )
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8050 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:25 - 2013-08-22 18:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02C1EA5B-DE0E-49B7-BD6E-96030369F530} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2014-05-01] (Megaify Software Co., Ltd.)
Task: {0E165A90-FB89-4E17-A233-00E871B4F4CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-05] (Hewlett-Packard Company)
Task: {12CC92F5-8D9D-4F88-BB2C-1B48C26E2299} - System32\Tasks\DriverDoc_UPDATES => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe [2012-10-05] (Solvusoft Corporation)
Task: {15723982-D9ED-4353-829A-57F6F4D78299} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {3271CB92-424A-4944-AAC6-E3236EA7DF3B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-08] (Synaptics Incorporated)
Task: {3B01AFFF-896F-4905-9E56-25C9F2B3524C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-13] (Hewlett-Packard Company)
Task: {3EAB1481-7935-4D38-BF1C-BE22B15D2DB5} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3849734346-3184810195-2697269132-1001
Task: {3EEC9DC7-7672-481E-AFDB-4725390809D5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {47D3F464-C632-4A28-9502-66B649DBC874} - System32\Tasks\HPCeeScheduleForRoshaan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7ADBD0BB-DA10-4D53-B557-9F644DEB15B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
Task: {7CE72146-19B9-407E-AAFA-E13F8DB8604B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ROSHAAN-PC-Roshaan Roshaan-pc => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {919B9652-6EA5-45A3-B1A0-5AA22C467188} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {926D37D9-AC93-47E7-ACA8-E13C626C5D1C} - System32\Tasks\Update Service GoForFiles => C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe <==== ATTENTION
Task: {A6DBA781-F16F-4199-9F02-8FEAE95D5FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
Task: {B209B5C3-72A9-4E7D-9000-A66CC3A56A9E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001UA => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-26] (Facebook Inc.)
Task: {BD4F453F-1946-46CA-9F07-DB2FD7166E2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-05] (Hewlett-Packard Company)
Task: {C5B2E19E-E166-4823-9E90-279106F95540} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {D48AAB65-9A4C-4E51-B718-CCDFAAA1C516} - System32\Tasks\{FE14219B-58F5-4815-B322-B8A6BDF05427} => pcalua.exe -a C:\Users\Roshaan\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp <==== ATTENTION
Task: {D97CBA7D-0BF7-40F4-B46D-483BC55148C3} - System32\Tasks\AutoPico Daily Restart => C:\ProgramData\Microsoft\AutoKMS\AutoPico.exe [2014-02-02] ()
Task: {DC8B7A21-4214-4D3D-B4E5-43C924F435B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EB02C964-ADD3-48C1-A57F-85EB3F9F7BF1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001Core => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-26] (Facebook Inc.)
Task: {EF9D4D43-FE47-4880-BC15-C5557791F5EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverDoc_UPDATES.job => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001Core.job => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001UA.job => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRoshaan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Start Driver Reviver for ROSHAAN-PC@Roshaan(logon).job => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe

==================== Loaded Modules (whitelisted) =============

2013-10-11 02:02 - 2013-10-11 02:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-11-26 20:58 - 2014-01-28 12:44 - 00137024 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2014-11-26 20:58 - 2014-01-28 12:44 - 00204096 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2014-05-10 15:38 - 2008-01-22 22:35 - 00103808 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-03-13 08:09 - 2014-03-13 08:09 - 08884904 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-12 14:49 - 2014-05-12 14:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 00376608 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 03156256 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 00714016 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 00353056 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2014-05-08 09:03 - 2014-02-18 07:13 - 00092984 _____ () C:\Program Files (x86)\DriverToolkit\zlibwapi.dll
2010-11-23 03:56 - 2010-11-23 03:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 03:56 - 2010-11-23 03:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 23:17 - 2011-02-15 23:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 03:57 - 2010-11-23 03:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 03:57 - 2010-11-23 03:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 05:37 - 2014-08-14 05:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 05:37 - 2014-08-14 05:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 03:56 - 2010-11-23 03:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 05:56 - 2014-06-18 05:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 23:17 - 2011-02-15 23:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 04:06 - 2010-11-23 04:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 04:52 - 2013-05-10 04:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 04:52 - 2013-05-10 04:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 04:52 - 2013-05-10 04:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 23:56 - 2013-05-03 23:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 23:56 - 2013-05-03 23:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 23:56 - 2013-05-03 23:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-05-10 20:16 - 2014-05-10 20:16 - 00170496 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7fb69d482f0080d8fce999918ebc79bc\IsdiInterop.ni.dll
2014-05-10 20:16 - 2010-04-13 21:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Roshaan\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Roshaan\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\uni55_000\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Connectify Dispatch => C:\Program Files (x86)\Connectify\DispatchUI.exe autorun
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files (x86)\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Web Freer => C:\Program Files (x86)\WebFreer\webfreer.exe
HKLM\...\StartupApproved\Run: => "Connectify Dispatch"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe"
HKLM\...\StartupApproved\Run32: => "Talk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Web Freer"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Smart Driver Updater"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Mobile Partner"

========================= Accounts: ==========================

Administrator (S-1-5-21-3849734346-3184810195-2697269132-500 - Administrator - Disabled)
fbwuser (S-1-5-21-3849734346-3184810195-2697269132-1006 - Limited - Disabled) => C:\Users\fbwuser
Guest (S-1-5-21-3849734346-3184810195-2697269132-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3849734346-3184810195-2697269132-1009 - Limited - Enabled)
Roshaan (S-1-5-21-3849734346-3184810195-2697269132-1001 - Administrator - Enabled) => C:\Users\Roshaan
uni55_000 (S-1-5-21-3849734346-3184810195-2697269132-1007 - Limited - Enabled) => C:\Users\uni55_000

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/14/2015 04:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 1.0.0.0, time stamp: 0x5132cc2c
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16656, time stamp: 0x5318237f
Exception code: 0xe0434352
Fault offset: 0x00000000000043c8
Faulting process id: 0x4f0
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5

Error: (01/14/2015 04:43:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Service_KMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
at System.IO.File.InternalWriteAllBytes(System.String, Byte[], Boolean)
at Service_KMS.Service.ScheduledTask()
at Service_KMS.Service.TaskLoop()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (01/14/2015 04:40:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.16384, time stamp: 0x5215d4c4
Faulting module name: MSSRCH.DLL, version: 7.0.9600.16384, time stamp: 0x5215d425
Exception code: 0xc0000005
Fault offset: 0x0000000000006dbe
Faulting process id: 0x1388
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5

Error: (01/14/2015 04:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: delegate_execute.exe, version: 39.0.2171.95, time stamp: 0x54823f01
Faulting module name: delegate_execute.exe, version: 39.0.2171.95, time stamp: 0x54823f01
Exception code: 0xc0000005
Fault offset: 0x00037db3
Faulting process id: 0x1078
Faulting application start time: 0xdelegate_execute.exe0
Faulting application path: delegate_execute.exe1
Faulting module path: delegate_execute.exe2
Report Id: delegate_execute.exe3
Faulting package full name: delegate_execute.exe4
Faulting package-relative application ID: delegate_execute.exe5

Error: (01/14/2015 04:13:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.16384, time stamp: 0x5215d4c4
Faulting module name: MSSRCH.DLL, version: 7.0.9600.16384, time stamp: 0x5215d425
Exception code: 0xc0000005
Fault offset: 0x0000000000006dbe
Faulting process id: 0x53c
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5

Error: (01/14/2015 02:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 6.3.9600.16384, time stamp: 0x5215f9c9
Faulting module name: wmiprvse.exe, version: 6.3.9600.16384, time stamp: 0x5215f9c9
Exception code: 0xc0000005
Fault offset: 0x000000000001ad5d
Faulting process id: 0xa24
Faulting application start time: 0xwmiprvse.exe0
Faulting application path: wmiprvse.exe1
Faulting module path: wmiprvse.exe2
Report Id: wmiprvse.exe3
Faulting package full name: wmiprvse.exe4
Faulting package-relative application ID: wmiprvse.exe5

Error: (01/14/2015 02:23:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.16384, time stamp: 0x5215d4c4
Faulting module name: MSSRCH.DLL, version: 7.0.9600.16384, time stamp: 0x5215d425
Exception code: 0xc0000005
Fault offset: 0x0000000000006dbe
Faulting process id: 0x100c
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5

Error: (01/14/2015 02:21:54 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart ; Description = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; Error = 0x8007043c).

Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart ; Description = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; Error = 0x8007043c).

System errors:
=============
Error: (01/14/2015 04:44:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).

Error: (01/14/2015 04:40:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/14/2015 04:36:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/14/2015 04:14:16 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (01/14/2015 04:13:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/14/2015 04:11:14 PM) (Source: DCOM) (EventID: 10010) (User: ROSHAAN-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/14/2015 04:11:14 PM) (Source: DCOM) (EventID: 10010) (User: ROSHAAN-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/14/2015 04:00:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/14/2015 04:00:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/14/2015 04:00:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Microsoft Office Sessions:
=========================
Error: (01/14/2015 04:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe1.0.0.05132cc2cKERNELBASE.dll6.3.9600.166565318237fe043435200000000000043c84f001d02fef3d5a3891C:\Program Files\KMSpico\Service_KMS.exeC:\WINDOWS\system32\KERNELBASE.dll88320195-9be2-11e4-bf42-70f39530b5b4

Error: (01/14/2015 04:43:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Service_KMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
at System.IO.File.InternalWriteAllBytes(System.String, Byte[], Boolean)
at Service_KMS.Service.ScheduledTask()
at Service_KMS.Service.TaskLoop()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

Error: (01/14/2015 04:40:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe138801d02feecb918873C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL2f681936-9be2-11e4-bf41-70f39530b5b4

Error: (01/14/2015 04:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe39.0.2171.9554823f01delegate_execute.exe39.0.2171.9554823f01c000000500037db3107801d02feecf2326e2C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe13f16aa4-9be2-11e4-bf41-70f39530b5b4

Error: (01/14/2015 04:13:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe53c01d02feb0fb2342fC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL661be313-9bde-11e4-bf40-70f39530b5b4

Error: (01/14/2015 02:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmiprvse.exe6.3.9600.163845215f9c9wmiprvse.exe6.3.9600.163845215f9c9c0000005000000000001ad5da2401d02fdba100094dC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\system32\wbem\wmiprvse.exed1450706-9bd0-11e4-bf3f-70f39530b5b4

Error: (01/14/2015 02:23:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe100c01d02fdbb459f202C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL059ca210-9bcf-11e4-bf3f-70f39530b5b4

Error: (01/14/2015 02:21:54 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d

Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.507270x8007043c

Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.507270x8007043c

CodeIntegrity Errors:
===================================
Date: 2014-12-22 14:46:26.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:46:26.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:46:26.090
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:46:26.043
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:46:26.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:45:54.471
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:45:54.424
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:45:54.330
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:45:54.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-12-22 14:45:49.189
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 37%
Total physical RAM: 3893.86 MB
Available physical RAM: 2450.93 MB
Total Pagefile: 7861.86 MB
Available Pagefile: 6201.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.22 GB) (Free:10.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (My Passport) (Fixed) (Total:465.73 GB) (Free:50.22 GB) NTFS
Drive f: (My Data) (Fixed) (Total:173.38 GB) (Free:12.6 GB) NTFS
Drive g: (RECOVERY) (Fixed) (Total:13.19 GB) (Free:1.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9AAB8A80)
Partition 1: (Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=173.4 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0004A183)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
#6 ·
Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1

  1. Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  2. Click Scan and let the scan run.
  3. When it finishes, click Clean, following the on screen prompts
  4. After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.

Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits



Go back to the Dashboard and select Scan Now



If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.





On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

*Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 4: FRST Scan

  1. Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  2. Click Scan to start FRST.
  3. When FRST finishes scanning, a log, FRST.txt, will open.
  4. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
 
#7 ·
Finally I fixed the problem my doing some research. I found the solution here
http://answers.microsoft.com/en-us/...l/a2f074cf-be62-435e-b951-42dfbb9351c2?page=2

And here is the solution. It might save someone's alot of time.

It turns out there was some third party software inserting itself into my adapter settings.

Here's how I fixed it:

Go to Control Panel> Network and Internet > Network Sharing Center

Click 'Change adapter settings' in left pane.

Right click your adapter. Select 'properties'.

There will be a box headed 'This connection uses the following items.'

Uncheck anything that looks like it was installed by a third party (AVG, Avast, ZoneAlarm). In my case the culprit was 'HTC NDIS Protocol Driver' which was installed by my cell phone software (HTC). Since it might not be obvious what to uncheck, here is what I currently have checked in my working system that should not cause a problem:

KEEP THESE CHECKED:

Client for Microsoft Networks
QoS packet scheduler
File and Printer Sharing
Internet Protocol v6
Internet Protocal v4
Link-Layer Topology Discovery Mapper I/O driver
Link-Layer Topology Discovery Reminder

Uncheck everything else.

Go back to the Network and Sharing menu, disable and re-enable the adapter. That should work.

I hope it will help somebody. Thanks for your help. Cheers!
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top