Here is FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by Roshaan (administrator) on ROSHAAN-PC on 14-01-2015 16:49:27
Running from C:\Users\Roshaan\Desktop
Loaded Profile: Roshaan (Available profiles: Roshaan & fbwuser & uni55_000)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [3727648 2013-11-06] (Connectify)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [1656608 2013-11-06] (Connectify)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-19] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-09] (Raptr, Inc)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1937600 2014-08-14] (Valve Corporation)
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [Unified Remote v2] => C:\Program Files (x86)\Unified Remote\RemoteServer.exe
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [] => [X]
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-10-02] (Nokia)
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\HiSuite\HiSuite.exe [583488 2014-01-28] ()
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {58f5169b-6284-11e4-bec4-70f39530b5b4} - "E:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {5fe26a89-fd05-11e3-be93-70f39530b5b4} - "E:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {9e1c7ac1-e4dc-11e3-be88-70f39530b5b4} - "I:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {9e1c7ae7-e4dc-11e3-be88-70f39530b5b4} - "I:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\MountPoints2: {c67bcfcf-ec97-11e3-be8a-70f39530b5b4} - "I:\AutoRun.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2328872 2014-02-16] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Roshaan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll No File
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\WINDOWS\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://arabia.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Roshaan\AppData\Roaming\Mozilla\Firefox\Profiles\tjqpz3vg.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_38 -> C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3849734346-3184810195-2697269132-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Roshaan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Security Protection - C:\Users\Roshaan\AppData\Roaming\Mozilla\Firefox\Profiles\tjqpz3vg.default\Extensions\detgdp@gmail.com [2014-12-23]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Roshaan\AppData\Roaming\Mozilla\Firefox\Profiles\tjqpz3vg.default\extensions\detgdp@gmail.com
FF HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Roshaan\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Roshaan\AppData\Roaming\IDM\idmmzcc5 [2014-05-08]
FF HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Roshaan\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1419322627&from=wpm12233&uid=HitachiXHTS725032A9A364_100418PCK304VKHZPRRJX
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google
ageClassification}{google:searchVersion}{google:sessionToken}{google
refetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HP Product Detection Plugin) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2014-05-08]
CHR Extension: (SoundCloud Downloader) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apbeiaejbifegcmfkflngimmegifddkn [2014-05-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-08]
CHR Extension: (Adblock Plus) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-08]
CHR Extension: (Bypass Surveys) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjakedkphmphnlilokfkgkdclmhakhjg [2014-05-08]
CHR Extension: (Google Search) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-08]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-06-12]
CHR Extension: (AdBlock) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-08]
CHR Extension: (ESPN Cricinfo) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhlikjoigjegofbedmfmlcfkmhabldh [2014-05-08]
CHR Extension: (FVD Downloader) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-05-08]
CHR Extension: (Google Wallet) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-08]
CHR Extension: (APK Downloader) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhlfmheblhjhkmacldlhdnbgbaiigba [2014-05-08]
CHR Extension: (Gmail) - C:\Users\Roshaan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-29] (Broadcom Corporation.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe [56648 2014-12-15] (Google Inc.)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2013-11-06] (Connectify) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-26] (Microsoft Corporation) [File not signed]
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [137024 2014-01-28] ()
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-05] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-04-02] (Hewlett-Packard Company)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [204096 2014-01-28] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [37888 2013-03-03] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-20] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-29] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-10] (EldoS Corporation)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [35352 2014-08-16] (Connectify)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-22] (Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-13] (LogMeIn Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [32512 2015-01-13] ()
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-13] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [20016 2011-10-14] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-05-08] (Synaptics Incorporated)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-08-13] (Anchorfree Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-14] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 AtiDCM; \??\C:\Users\Roshaan\AppData\Local\Temp\atdcm64a.sys [X]
S1 HssDRV6; \SystemRoot\system32\DRIVERS\hssdrv6.sys [X]
S1 MpKsl9d05e58c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7EEB1EE1-2AC7-4C5A-A40D-E6B98828E091}\MpKsl9d05e58c.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-14 16:49 - 2015-01-14 16:50 - 00023872 _____ () C:\Users\Roshaan\Desktop\FRST.txt
2015-01-14 16:49 - 2015-01-14 16:49 - 00000000 ____D () C:\FRST
2015-01-14 16:48 - 2015-01-14 16:45 - 02124288 _____ (Farbar) C:\Users\Roshaan\Desktop\FRST64.exe
2015-01-14 16:45 - 2015-01-14 16:45 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Solvusoft
2015-01-14 16:43 - 2015-01-14 16:43 - 00000000 ____H () C:\ProgramData\cm-lock
2015-01-14 16:15 - 2015-01-14 16:15 - 00017461 _____ () C:\Users\Roshaan\Desktop\zoek-results.txt
2015-01-14 16:12 - 2015-01-14 16:12 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\DriverToolkit
2015-01-14 16:10 - 2015-01-14 15:30 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-14 15:32 - 2015-01-14 16:12 - 00017461 _____ () C:\zoek-results.log
2015-01-14 15:30 - 2015-01-14 16:06 - 00000000 ____D () C:\zoek_backup
2015-01-14 13:28 - 2015-01-14 13:28 - 00278568 _____ () C:\WINDOWS\Minidump\011415-22031-01.dmp
2015-01-14 13:09 - 2015-01-14 13:09 - 00000000 ____D () C:\Program Files\ATI
2015-01-14 13:09 - 2015-01-14 13:09 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-01-14 12:29 - 2015-01-14 12:29 - 00006144 _____ () C:\WINDOWS\system32\umstartup.etl
2015-01-14 11:54 - 2015-01-14 13:28 - 557362005 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-14 11:54 - 2015-01-14 11:54 - 00278456 _____ () C:\WINDOWS\Minidump\011415-17562-01.dmp
2015-01-13 22:30 - 2015-01-13 22:35 - 00006656 _____ () C:\WINDOWS\system32\bcmwlrc.dll
2015-01-13 22:30 - 2015-01-13 22:30 - 03060800 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\BCMWL664.SYS
2015-01-13 22:30 - 2015-01-13 22:30 - 00000000 ____D () C:\Program Files\Broadcom
2015-01-13 22:27 - 2015-01-13 22:27 - 00000188 _____ () C:\WINDOWS\SysWOW64\HPWA.ini
2015-01-13 22:27 - 2015-01-13 22:27 - 00000188 _____ () C:\WINDOWS\system32\HPWA.ini
2015-01-13 22:27 - 2015-01-13 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-01-13 22:27 - 2015-01-13 22:27 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-01-13 22:25 - 2015-01-14 13:03 - 00000362 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForRoshaan.job
2015-01-13 22:25 - 2015-01-14 12:57 - 00003180 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForRoshaan
2015-01-13 22:14 - 2015-01-13 22:14 - 00458448 _____ () C:\WINDOWS\Minidump\011315-25750-01.dmp
2015-01-13 21:53 - 2015-01-13 21:53 - 18561704 ____N (Hewlett-Packard Company ) C:\Users\Roshaan\Desktop\sp49408.exe
2015-01-13 21:08 - 2015-01-14 13:05 - 00000000 ____D () C:\WINDOWS\LastGood
2015-01-13 21:07 - 2015-01-13 21:06 - 03891200 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvsrv64.dll
2015-01-13 21:07 - 2015-01-13 21:06 - 00095544 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmwlcoi.dll
2015-01-13 16:45 - 2015-01-14 16:45 - 00000304 _____ () C:\WINDOWS\Tasks\DriverDoc_UPDATES.job
2015-01-13 16:45 - 2015-01-13 16:45 - 00003034 _____ () C:\WINDOWS\System32\Tasks\DriverDoc_UPDATES
2015-01-13 16:17 - 2015-01-13 16:21 - 00000000 ____D () C:\AdwCleaner
2015-01-13 16:17 - 2015-01-13 16:17 - 02191360 _____ () C:\Users\Roshaan\Downloads\adwcleaner_4.107.exe
2015-01-13 16:14 - 2015-01-13 16:14 - 00000000 ____D () C:\Program Files\Intel
2015-01-13 16:13 - 2015-01-13 16:13 - 00000000 ____D () C:\ProgramData\IntelDLM
2015-01-13 16:03 - 2015-01-13 16:03 - 00032512 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-01-13 15:49 - 2015-01-13 15:49 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Intel
2015-01-13 15:48 - 2015-01-13 15:48 - 00001182 _____ () C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk
2015-01-13 15:48 - 2015-01-13 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-01-13 15:48 - 2015-01-13 15:48 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility
2015-01-13 13:53 - 2015-01-13 14:23 - 00000000 ____D () C:\Users\Roshaan\Downloads\bluescreenview
2015-01-13 13:53 - 2015-01-13 13:53 - 00066913 _____ () C:\Users\Roshaan\Downloads\bluescreenview.zip
2015-01-13 13:41 - 2015-01-13 13:41 - 02333416 _____ (Intel) C:\Users\Roshaan\Downloads\Intel Driver Update Utility Installer.exe
2015-01-13 13:25 - 2015-01-13 13:25 - 05451464 _____ (Advanced Micro Devices, Inc.) C:\Users\Roshaan\Downloads\autodetectutility.exe
2015-01-13 13:23 - 2015-01-13 13:23 - 00001047 _____ () C:\Users\Public\Desktop\Driver Reviver.lnk
2015-01-13 13:23 - 2015-01-13 13:23 - 00000316 _____ () C:\WINDOWS\Tasks\Start Driver Reviver for
ROSHAAN-PC@Roshaan(logon).job
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\ProgramData\ReviverSoft
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-01-13 13:23 - 2015-01-13 13:23 - 00000000 ____D () C:\Program Files\ReviverSoft
2015-01-13 13:20 - 2015-01-13 13:20 - 04054840 _____ (ReviverSoft LLC) C:\Users\Roshaan\Downloads\DriverReviverSetup.exe
2015-01-13 13:16 - 2015-01-13 13:16 - 03441528 _____ (Solvusoft Corporation ) C:\Users\Roshaan\Downloads\Setup_DriverDoc_2015.exe
2015-01-13 13:16 - 2015-01-13 13:16 - 00001045 _____ () C:\Users\Public\Desktop\DriverDoc.lnk
2015-01-13 13:16 - 2015-01-13 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverDoc
2015-01-13 13:16 - 2015-01-13 13:16 - 00000000 ____D () C:\Program Files (x86)\DriverDoc
2015-01-13 12:03 - 2015-01-13 12:03 - 00278520 _____ () C:\WINDOWS\Minidump\011315-20921-01.dmp
2015-01-12 23:44 - 2015-01-12 23:44 - 00278632 _____ () C:\WINDOWS\Minidump\011215-25625-01.dmp
2015-01-12 23:34 - 2015-01-12 23:34 - 00378872 _____ () C:\WINDOWS\Minidump\011215-25656-01.dmp
2015-01-12 23:23 - 2015-01-12 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-01-12 22:10 - 2015-01-12 22:10 - 00492896 _____ () C:\WINDOWS\Minidump\011215-23156-01.dmp
2015-01-12 15:37 - 2015-01-12 23:11 - 00000000 ____D () C:\Users\Roshaan\Downloads\The Imitation Game (2014) DVDSCR XviD-MAXSPEED
2015-01-12 13:44 - 2015-01-12 13:44 - 00845200 _____ () C:\Users\Roshaan\Downloads\DroidSniff.apk
2015-01-12 13:35 - 2015-01-12 13:35 - 00785960 _____ () C:\Users\Roshaan\Downloads\com.overlook.android.fing-2.15-APK4Fun.com.apk
2015-01-11 14:52 - 2015-01-11 14:52 - 00319264 _____ () C:\WINDOWS\Minidump\011115-24093-01.dmp
2015-01-11 14:49 - 2015-01-11 14:49 - 01046792 _____ () C:\WINDOWS\Minidump\011115-21125-01.dmp
2015-01-08 13:28 - 2015-01-08 13:28 - 00711056 _____ () C:\WINDOWS\Minidump\010815-19453-01.dmp
2015-01-03 14:12 - 2015-01-03 14:12 - 00000000 ____D () C:\WINDOWS\System32\Tasks\GenericSettingsHandler
2014-12-23 17:20 - 2014-12-26 02:51 - 00004972 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ROSHAAN-PC-Roshaan Roshaan-pc
2014-12-23 00:48 - 2014-12-23 00:48 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\LogMeIn
2014-12-23 00:48 - 2014-12-23 00:48 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-12-22 21:58 - 2014-12-22 22:01 - 00000000 ____D () C:\MOVIES
2014-12-22 14:14 - 2014-12-22 14:14 - 00000647 _____ () C:\Users\Roshaan\Desktop\CoD2MP_s - Shortcut.lnk
2014-12-16 10:25 - 2014-12-16 10:25 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Innovative Solutions
2014-12-16 10:25 - 2014-12-16 10:25 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Innovative Solutions
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-14 16:50 - 2014-05-08 08:45 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-14 16:48 - 2014-05-08 08:07 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3849734346-3184810195-2697269132-1001
2015-01-14 16:47 - 2013-09-30 09:14 - 00913650 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-14 16:44 - 2014-05-08 08:32 - 01958932 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-14 16:43 - 2014-05-08 09:25 - 00000384 _____ () C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2015-01-14 16:43 - 2014-05-08 08:45 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-14 16:42 - 2013-08-22 19:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-14 16:39 - 2014-11-02 00:30 - 00000000 __RDO () C:\Users\Roshaan\SkyDrive
2015-01-14 16:39 - 2014-05-08 23:08 - 00000000 ____D () C:\Program Files\KMSpico
2015-01-14 16:38 - 2013-08-22 18:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-14 16:19 - 2014-05-08 22:21 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-14 16:11 - 2013-09-30 09:02 - 00022066 _____ () C:\WINDOWS\PFRO.log
2015-01-14 16:05 - 2014-06-12 10:36 - 00000000 ____D () C:\Users\uni55_000\AppData\Local\Google
2015-01-14 16:04 - 2014-05-08 08:27 - 00000000 ____D () C:\Users\Roshaan
2015-01-14 16:00 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-14 15:17 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-14 13:28 - 2014-05-09 11:48 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-14 13:26 - 2014-06-07 16:20 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth
2015-01-14 13:19 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-14 13:10 - 2014-08-12 22:30 - 00046514 _____ () C:\WINDOWS\setupact.log
2015-01-14 13:05 - 2014-05-08 09:59 - 00000000 ____D () C:\Program Files\AMD
2015-01-14 04:01 - 2014-06-12 10:36 - 00000000 ____D () C:\Users\uni55_000
2015-01-14 03:56 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\registration
2015-01-13 23:03 - 2014-05-26 19:58 - 00000958 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001UA.job
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2015-01-13 22:35 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2015-01-13 21:54 - 2014-05-08 08:46 - 00000000 ____D () C:\swsetup
2015-01-13 16:21 - 2014-05-10 20:29 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-13 16:21 - 2014-05-08 08:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-13 16:21 - 2014-05-08 08:38 - 00001005 _____ () C:\Users\Roshaan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-13 16:00 - 2014-05-08 23:14 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\Raptr
2015-01-13 15:54 - 2014-08-23 12:25 - 00001520 _____ () C:\WINDOWS\system32\.crusader
2015-01-13 14:30 - 2014-05-08 08:44 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{66043D5B-2D5F-4A61-9DF9-746CA8A82117}
2015-01-13 13:50 - 2014-05-08 20:18 - 00000000 ____D () C:\Users\Roshaan\Documents\Visual Studio 2012
2015-01-12 23:22 - 2014-05-08 23:14 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-11 13:54 - 2014-05-10 19:21 - 00000000 ____D () C:\Users\Roshaan\AppData\Roaming\vlc
2015-01-11 13:01 - 2014-05-10 19:56 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-07 14:36 - 2014-09-21 19:46 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Research In Motion
2015-01-07 14:35 - 2014-09-21 19:33 - 00001937 _____ () C:\Users\Roshaan\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-01-07 14:33 - 2014-05-10 16:25 - 00000000 ____D () C:\Users\Roshaan\Documents\Bluetooth Exchange Folder
2015-01-07 14:27 - 2014-05-08 09:17 - 00000000 ____D () C:\Users\Roshaan\Downloads\Compressed
2015-01-07 14:06 - 2014-05-08 22:30 - 01690624 ___SH () C:\Users\Roshaan\Desktop\Thumbs.db
2015-01-06 20:35 - 2014-05-17 10:55 - 00515072 ___SH () C:\Users\Roshaan\Downloads\Thumbs.db
2015-01-05 13:56 - 2014-08-12 17:43 - 00007632 _____ () C:\Users\Roshaan\AppData\Local\Resmon.ResmonCfg
2015-01-05 12:40 - 2014-05-10 19:55 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-31 16:14 - 2014-05-08 09:17 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-23 12:51 - 2014-05-08 08:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-22 15:49 - 2014-05-08 09:59 - 00000000 ____D () C:\AMD
2014-12-19 11:30 - 2014-05-08 08:01 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Packages
2014-12-19 11:05 - 2014-10-12 12:53 - 00000000 ____D () C:\Users\Roshaan\Documents\Outlook Files
2014-12-19 11:05 - 2014-05-08 08:01 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\VirtualStore
2014-12-18 23:39 - 2014-05-08 22:44 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Microsoft Help
2014-12-17 00:52 - 2014-05-10 19:02 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-16 01:18 - 2014-06-24 11:03 - 00000000 ____D () C:\Users\Roshaan\AppData\Local\Adobe
2014-12-15 21:58 - 2014-05-08 22:21 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-12 12:48
==================== End Of Log ============================
And addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-01-2015 02
Ran by Roshaan at 2015-01-14 16:51:17
Running from C:\Users\Roshaan\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadband (HKLM-x32\...\Broadband) (Version: 16.001.06.00.172 - Huawei Technologies Co.,Ltd)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
CanoScan LiDE 100 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413) (Version: - )
Chrome Remote Desktop Host (HKLM-x32\...\{6FC79C95-F54F-4515-8012-01F33D894492}) (Version: 40.0.2214.44 - Google Inc.)
Cisco Packet Tracer 5.3.3 (HKLM-x32\...\Cisco Packet Tracer 5.3.3_is1) (Version: - Cisco Systems, Inc.)
Connectify (HKLM\...\Connectify) (Version: 7.1.0.29279 - Connectify)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - )
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Driver Reviver (HKLM\...\Driver Reviver) (Version: 5.0.1.14 - ReviverSoft LLC)
DriverDoc (HKLM-x32\...\DriverDoc_is1) (Version: 1.52.1086.14425 - Solvusoft Corporation)
DriverToolkit version 8.3.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.3.0.0 - Megaify Software)
Dropbox (HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
emu8086 microprocessor emulator (HKLM-x32\...\emu8086 microprocessor emulator_is1) (Version: - emu8086)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GameRanger (HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\GameRanger) (Version: - GameRanger Technologies)
GlassFish Server Open Source Edition 3.1.2.2 (HKLM\...\nbi-glassfish-mod-3.1.2.23.2) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPhoto.it 1.5 (HKLM-x32\...\GoPhoto.it) (Version: 1.5 - GoPhoto.it)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 32.610.26.00.06 - Huawei Technologies Co.,Ltd)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{69FD2930-C361-47F6-822E-71B021526778}) (Version: 11.50.0015 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iExplorer 3.2.1.3 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC)
IGI 2 (HKLM-x32\...\IGI 2) (Version: - )
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java(TM) 6 Update 38 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416038FF}) (Version: 6.0.380 - Oracle)
Java(TM) SE Development Kit 6 Update 38 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160380}) (Version: 1.6.0.380 - Oracle)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
Jeta Logo Designer FREE EDITION 1.30 (HKLM-x32\...\{B9552944-5DB8-48C1-890A-9D4419F4984B}_is1) (Version: 1.30 - JETA.COM)
KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version: - )
KMSpico 4.1 (HKLM\...\KMSpico v4.1_is1) (Version: 4 - )
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{9600393b-6ede-469b-a522-689fce1461d1}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Mozilla Firefox 16.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NetBeans IDE 7.3 (HKLM\...\nbi-nb-base-7.3.0.0.201302132200) (Version: 7.3 - NetBeans.org)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Readon TV Movie Radio Player 7.5.0.0 (HKLM-x32\...\{03840E8D-A75E-4C49-ADFC-09A867C7F943}) (Version: 7.5.0 - Readon Technology)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Recover My Files (HKLM-x32\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd)
Registry Recycler (HKLM-x32\...\Registry Recycler_is1) (Version: 0.9.2.7 - Developer Tribe (Pvt) Ltd.)
Riverbed Modeler Academic Edition 17.5 (HKLM-x32\...\Riverbed Modeler Academic Edition 17.5) (Version: 17.5.0.13309 - Riverbed Technology)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.40.0 - SAMSUNG Electronics Co., Ltd.)
Sothink Logo Maker Professional (HKLM-x32\...\{574FFDC9-AB09-4C4A-B7BE-C6066502181A}_is1) (Version: 4.0 - SourceTec Software Co., LTD)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{B9360B01-E7EC-4586-A192-23AFE0BE80AF}) (Version: 2.0.0.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Web Freer (HKLM-x32\...\WebFreer) (Version: - )
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8050 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3849734346-3184810195-2697269132-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roshaan\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 18:25 - 2013-08-22 18:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {02C1EA5B-DE0E-49B7-BD6E-96030369F530} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2014-05-01] (Megaify Software Co., Ltd.)
Task: {0E165A90-FB89-4E17-A233-00E871B4F4CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-05] (Hewlett-Packard Company)
Task: {12CC92F5-8D9D-4F88-BB2C-1B48C26E2299} - System32\Tasks\DriverDoc_UPDATES => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe [2012-10-05] (Solvusoft Corporation)
Task: {15723982-D9ED-4353-829A-57F6F4D78299} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {3271CB92-424A-4944-AAC6-E3236EA7DF3B} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-08] (Synaptics Incorporated)
Task: {3B01AFFF-896F-4905-9E56-25C9F2B3524C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-13] (Hewlett-Packard Company)
Task: {3EAB1481-7935-4D38-BF1C-BE22B15D2DB5} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3849734346-3184810195-2697269132-1001
Task: {3EEC9DC7-7672-481E-AFDB-4725390809D5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {47D3F464-C632-4A28-9502-66B649DBC874} - System32\Tasks\HPCeeScheduleForRoshaan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {7ADBD0BB-DA10-4D53-B557-9F644DEB15B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
Task: {7CE72146-19B9-407E-AAFA-E13F8DB8604B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ROSHAAN-PC-Roshaan Roshaan-pc => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-01-23] (Microsoft Corporation)
Task: {919B9652-6EA5-45A3-B1A0-5AA22C467188} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {926D37D9-AC93-47E7-ACA8-E13C626C5D1C} - System32\Tasks\Update Service GoForFiles => C:\Program Files (x86)\GoForFilesUpdater\GoForFilesUpdater.exe <==== ATTENTION
Task: {A6DBA781-F16F-4199-9F02-8FEAE95D5FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-08] (Google Inc.)
Task: {B209B5C3-72A9-4E7D-9000-A66CC3A56A9E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001UA => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-26] (Facebook Inc.)
Task: {BD4F453F-1946-46CA-9F07-DB2FD7166E2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-05] (Hewlett-Packard Company)
Task: {C5B2E19E-E166-4823-9E90-279106F95540} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {D48AAB65-9A4C-4E51-B718-CCDFAAA1C516} - System32\Tasks\{FE14219B-58F5-4815-B322-B8A6BDF05427} => pcalua.exe -a C:\Users\Roshaan\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp <==== ATTENTION
Task: {D97CBA7D-0BF7-40F4-B46D-483BC55148C3} - System32\Tasks\AutoPico Daily Restart => C:\ProgramData\Microsoft\AutoKMS\AutoPico.exe [2014-02-02] ()
Task: {DC8B7A21-4214-4D3D-B4E5-43C924F435B6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {EB02C964-ADD3-48C1-A57F-85EB3F9F7BF1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001Core => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-26] (Facebook Inc.)
Task: {EF9D4D43-FE47-4880-BC15-C5557791F5EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverDoc_UPDATES.job => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001Core.job => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3849734346-3184810195-2697269132-1001UA.job => C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRoshaan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Start Driver Reviver for
ROSHAAN-PC@Roshaan(logon).job => C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe
==================== Loaded Modules (whitelisted) =============
2013-10-11 02:02 - 2013-10-11 02:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-11-26 20:58 - 2014-01-28 12:44 - 00137024 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2014-11-26 20:58 - 2014-01-28 12:44 - 00204096 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2014-05-10 15:38 - 2008-01-22 22:35 - 00103808 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-03-13 08:09 - 2014-03-13 08:09 - 08884904 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-12 14:49 - 2014-05-12 14:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 00376608 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 03156256 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 00714016 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2014-08-16 14:56 - 2013-11-06 01:07 - 00353056 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2014-05-08 09:03 - 2014-02-18 07:13 - 00092984 _____ () C:\Program Files (x86)\DriverToolkit\zlibwapi.dll
2010-11-23 03:56 - 2010-11-23 03:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 03:56 - 2010-11-23 03:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 23:17 - 2011-02-15 23:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 03:57 - 2010-11-23 03:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 04:26 - 2014-05-14 04:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 03:56 - 2010-11-23 03:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 03:57 - 2010-11-23 03:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 05:37 - 2014-08-14 05:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 05:37 - 2014-08-14 05:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 03:56 - 2010-11-23 03:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 03:57 - 2010-11-23 03:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 05:56 - 2014-06-18 05:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 23:17 - 2011-02-15 23:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 04:06 - 2010-11-23 04:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 04:52 - 2013-05-10 04:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 04:52 - 2013-05-10 04:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 04:52 - 2013-05-10 04:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 23:56 - 2013-05-03 23:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 23:56 - 2013-05-03 23:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 23:56 - 2013-05-03 23:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 23:57 - 2013-05-03 23:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-05-10 20:16 - 2014-05-10 20:16 - 00170496 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\7fb69d482f0080d8fce999918ebc79bc\IsdiInterop.ni.dll
2014-05-10 20:16 - 2010-04-13 21:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Roshaan\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Roshaan\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\uni55_000\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Connectify Dispatch => C:\Program Files (x86)\Connectify\DispatchUI.exe autorun
MSCONFIG\startupreg: Connectify Hotspot => C:\Program Files (x86)\Connectify\Connectify.exe autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Roshaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Web Freer => C:\Program Files (x86)\WebFreer\webfreer.exe
HKLM\...\StartupApproved\Run: => "Connectify Dispatch"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe"
HKLM\...\StartupApproved\Run32: => "Talk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Web Freer"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Smart Driver Updater"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Facebook Update"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-3849734346-3184810195-2697269132-1001\...\StartupApproved\Run: => "Mobile Partner"
========================= Accounts: ==========================
Administrator (S-1-5-21-3849734346-3184810195-2697269132-500 - Administrator - Disabled)
fbwuser (S-1-5-21-3849734346-3184810195-2697269132-1006 - Limited - Disabled) => C:\Users\fbwuser
Guest (S-1-5-21-3849734346-3184810195-2697269132-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3849734346-3184810195-2697269132-1009 - Limited - Enabled)
Roshaan (S-1-5-21-3849734346-3184810195-2697269132-1001 - Administrator - Enabled) => C:\Users\Roshaan
uni55_000 (S-1-5-21-3849734346-3184810195-2697269132-1007 - Limited - Enabled) => C:\Users\uni55_000
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/14/2015 04:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Service_KMS.exe, version: 1.0.0.0, time stamp: 0x5132cc2c
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16656, time stamp: 0x5318237f
Exception code: 0xe0434352
Fault offset: 0x00000000000043c8
Faulting process id: 0x4f0
Faulting application start time: 0xService_KMS.exe0
Faulting application path: Service_KMS.exe1
Faulting module path: Service_KMS.exe2
Report Id: Service_KMS.exe3
Faulting package full name: Service_KMS.exe4
Faulting package-relative application ID: Service_KMS.exe5
Error: (01/14/2015 04:43:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Service_KMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
at System.IO.File.InternalWriteAllBytes(System.String, Byte[], Boolean)
at Service_KMS.Service.ScheduledTask()
at Service_KMS.Service.TaskLoop()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (01/14/2015 04:40:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.16384, time stamp: 0x5215d4c4
Faulting module name: MSSRCH.DLL, version: 7.0.9600.16384, time stamp: 0x5215d425
Exception code: 0xc0000005
Fault offset: 0x0000000000006dbe
Faulting process id: 0x1388
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5
Error: (01/14/2015 04:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: delegate_execute.exe, version: 39.0.2171.95, time stamp: 0x54823f01
Faulting module name: delegate_execute.exe, version: 39.0.2171.95, time stamp: 0x54823f01
Exception code: 0xc0000005
Fault offset: 0x00037db3
Faulting process id: 0x1078
Faulting application start time: 0xdelegate_execute.exe0
Faulting application path: delegate_execute.exe1
Faulting module path: delegate_execute.exe2
Report Id: delegate_execute.exe3
Faulting package full name: delegate_execute.exe4
Faulting package-relative application ID: delegate_execute.exe5
Error: (01/14/2015 04:13:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.16384, time stamp: 0x5215d4c4
Faulting module name: MSSRCH.DLL, version: 7.0.9600.16384, time stamp: 0x5215d425
Exception code: 0xc0000005
Fault offset: 0x0000000000006dbe
Faulting process id: 0x53c
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5
Error: (01/14/2015 02:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 6.3.9600.16384, time stamp: 0x5215f9c9
Faulting module name: wmiprvse.exe, version: 6.3.9600.16384, time stamp: 0x5215f9c9
Exception code: 0xc0000005
Fault offset: 0x000000000001ad5d
Faulting process id: 0xa24
Faulting application start time: 0xwmiprvse.exe0
Faulting application path: wmiprvse.exe1
Faulting module path: wmiprvse.exe2
Report Id: wmiprvse.exe3
Faulting package full name: wmiprvse.exe4
Faulting package-relative application ID: wmiprvse.exe5
Error: (01/14/2015 02:23:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchIndexer.exe, version: 7.0.9600.16384, time stamp: 0x5215d4c4
Faulting module name: MSSRCH.DLL, version: 7.0.9600.16384, time stamp: 0x5215d425
Exception code: 0xc0000005
Fault offset: 0x0000000000006dbe
Faulting process id: 0x100c
Faulting application start time: 0xSearchIndexer.exe0
Faulting application path: SearchIndexer.exe1
Faulting module path: SearchIndexer.exe2
Report Id: SearchIndexer.exe3
Faulting package full name: SearchIndexer.exe4
Faulting package-relative application ID: SearchIndexer.exe5
Error: (01/14/2015 02:21:54 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart ; Description = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; Error = 0x8007043c).
Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart ; Description = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; Error = 0x8007043c).
System errors:
=============
Error: (01/14/2015 04:44:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s).
Error: (01/14/2015 04:40:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/14/2015 04:36:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (01/14/2015 04:14:16 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056
Error: (01/14/2015 04:13:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (01/14/2015 04:11:14 PM) (Source: DCOM) (EventID: 10010) (User: ROSHAAN-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/14/2015 04:11:14 PM) (Source: DCOM) (EventID: 10010) (User: ROSHAAN-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (01/14/2015 04:00:39 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (01/14/2015 04:00:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (01/14/2015 04:00:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Microsoft Office Sessions:
=========================
Error: (01/14/2015 04:43:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe1.0.0.05132cc2cKERNELBASE.dll6.3.9600.166565318237fe043435200000000000043c84f001d02fef3d5a3891C:\Program Files\KMSpico\Service_KMS.exeC:\WINDOWS\system32\KERNELBASE.dll88320195-9be2-11e4-bf42-70f39530b5b4
Error: (01/14/2015 04:43:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Service_KMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
Stack:
at System.IO.__Error.WinIOError(Int32, System.String)
at System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
at System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
at System.IO.File.InternalWriteAllBytes(System.String, Byte[], Boolean)
at Service_KMS.Service.ScheduledTask()
at Service_KMS.Service.TaskLoop()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
Error: (01/14/2015 04:40:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe138801d02feecb918873C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL2f681936-9be2-11e4-bf41-70f39530b5b4
Error: (01/14/2015 04:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe39.0.2171.9554823f01delegate_execute.exe39.0.2171.9554823f01c000000500037db3107801d02feecf2326e2C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe13f16aa4-9be2-11e4-bf41-70f39530b5b4
Error: (01/14/2015 04:13:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe53c01d02feb0fb2342fC:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL661be313-9bde-11e4-bf40-70f39530b5b4
Error: (01/14/2015 02:36:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmiprvse.exe6.3.9600.163845215f9c9wmiprvse.exe6.3.9600.163845215f9c9c0000005000000000001ad5da2401d02fdba100094dC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\system32\wbem\wmiprvse.exed1450706-9bd0-11e4-bf3f-70f39530b5b4
Error: (01/14/2015 02:23:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SearchIndexer.exe7.0.9600.163845215d4c4MSSRCH.DLL7.0.9600.163845215d425c00000050000000000006dbe100c01d02fdbb459f202C:\WINDOWS\system32\SearchIndexer.exeC:\WINDOWS\system32\MSSRCH.DLL059ca210-9bcf-11e4-bf3f-70f39530b5b4
Error: (01/14/2015 02:21:54 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.507270x8007043c
Error: (01/14/2015 02:12:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.507270x8007043c
CodeIntegrity Errors:
===================================
Date: 2014-12-22 14:46:26.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:46:26.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:46:26.090
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:46:26.043
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:46:26.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:45:54.471
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:45:54.424
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:45:54.330
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:45:54.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-12-22 14:45:49.189
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 37%
Total physical RAM: 3893.86 MB
Available physical RAM: 2450.93 MB
Total Pagefile: 7861.86 MB
Available Pagefile: 6201.95 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.22 GB) (Free:10.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (My Passport) (Fixed) (Total:465.73 GB) (Free:50.22 GB) NTFS
Drive f: (My Data) (Fixed) (Total:173.38 GB) (Free:12.6 GB) NTFS
Drive g: (RECOVERY) (Fixed) (Total:13.19 GB) (Free:1.83 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9AAB8A80)
Partition 1: (Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=173.4 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0004A183)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================