1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

scanned many times but there are threats.

Discussion in 'Virus & Other Malware Removal' started by PhoenixNEW, Jan 16, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    hi

    please check my post:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:24:00 PM, on 1/16/2015
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.17416)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
    C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
    C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
    C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
    C:\Program Files (x86)\USB Camera\VM331STI.EXE
    C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
    C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
    C:\Users\arun\Downloads\setup.exe
    C:\Users\arun\AppData\Local\Temp\{97FA0051-0E42-4BB2-9802-BBD01B37E1CE}\ki15AC.exe
    C:\Users\arun\Desktop\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com/?pc=LNJB
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [Fastboot] "C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" /analysis
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
    O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
    O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    O23 - Service: BrcmSetSecurity - Intel - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
    O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: @oem31.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Lenovo QuickSnip Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe
    O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
    O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
    O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
    O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
    O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
    O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
    O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Lenovo Settings Mobile Hotspot Service (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
    O23 - Service: Location Task Manager (LocationTaskManager) - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
    O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Lenovo Settings Power Service (Power Manager DBC Service) - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
    O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
    O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
    O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\WINDOWS\System32\TPHDEXLG64.exe (file missing)
    O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: ValBioService - Validity Sensors, Inc. - C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
    O23 - Service: @oem30.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
    O23 - Service: @oem30.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

    --
    End of file - 12517 bytes
     
  2. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    hi

    i am posting the analysis of Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
    Ran by arun (administrator) on LENOVO-PC on 16-01-2015 21:08:30
    Running from C:\Users\arun\Downloads
    Loaded Profiles: arun & (Available profiles: arun & Administrator)
    Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Lenovo.) C:\Windows\System32\ibmpmsvc.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
    (LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
    (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe
    (Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
    (Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
    (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
    (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
    (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (LENOVO INCORPORATED.) C:\Program Files\Lenovo\QuickSnipService\QuickSnipService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Lenovo) C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
    (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
    () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    () C:\Windows\System32\igfxTray.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Validity Sensors, Inc.) C:\Program Files\Lenovo Fingerprint Reader\SwipeMonitor.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
    (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
    () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
    (Lenovo.) C:\Windows\System32\TpShocks.exe
    (Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
    (Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
    (Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
    (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe
    (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_257.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [HotKeysCmds] => C:\windows\system32\hkcmd.exe
    HKLM\...\Run: [Persistence] => C:\windows\system32\igfxpers.exe
    HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (Lenovo Group Limited)
    HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [901216 2013-04-29] (Conexant Systems, Inc.)
    HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
    HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
    HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [382248 2013-06-21] (Lenovo.)
    HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937976 2013-06-26] (Lenovo)
    HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [593408 2013-07-05] (Lenovo Corporation)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2776816 2014-02-06] (Synaptics Incorporated)
    HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-16] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2014-03-22] (Lenovo)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-15] (AVAST Software)
    HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
    HKU\S-1-5-21-2917679876-1677656169-376132391-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-2917679876-1677656169-376132391-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com/?pc=LNJB
    HKU\S-1-5-21-2917679876-1677656169-376132391-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
    HKU\S-1-5-21-2917679876-1677656169-376132391-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
    HKU\S-1-5-21-2917679876-1677656169-376132391-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
    HKU\S-1-5-21-2917679876-1677656169-376132391-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13-comm.msn.com/?pc=LNJB
    HKU\S-1-5-21-2917679876-1677656169-376132391-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13-comm.msn.com/?pc=LNJB
    HKU\S-1-5-21-2917679876-1677656169-376132391-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
    HKU\S-1-5-21-2917679876-1677656169-376132391-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2917679876-1677656169-376132391-1001 -> {3858EF0C-FC54-4FAE-B2D2-970DAAC37A8D} URL =
    SearchScopes: HKU\S-1-5-21-2917679876-1677656169-376132391-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3858EF0C-FC54-4FAE-B2D2-970DAAC37A8D} URL =
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\arun\AppData\Roaming\Mozilla\Firefox\Profiles\l5kyf3yj.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Extension: Solution Real 1.0.1 - C:\Users\arun\AppData\Roaming\Mozilla\Firefox\Profiles\l5kyf3yj.default\Extensions\{76eaa25f-d535-414d-8a8b-4bce0a94d247}.xpi [2015-01-13]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-15]

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-15]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-15] (AVAST Software)
    S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [565760 2013-07-05] (Lenovo Corporation) [File not signed]
    R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-12] (Intel)
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
    R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2014-03-22] (Lenovo)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
    R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
    R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-15] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
    R2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-06-06] (LENOVO INCORPORATED.)
    R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2044408 2013-07-18] (Lenovo Group Limited)
    R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [562504 2013-06-06] (LENOVO INCORPORATED.)
    S3 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\cammute.exe [504320 2013-07-05] (Lenovo Corporation) [File not signed]
    S3 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe [504320 2013-07-05] (Lenovo Group Limited) [File not signed]
    S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [687104 2013-07-05] (Lenovo Corporation) [File not signed]
    R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo Group Limited)
    S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [468984 2013-06-26] (Lenovo)
    R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [465912 2013-06-22] ()
    S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
    R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-17] (Lenovo Group Limited)
    R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-17] (Lenovo Group Limited)
    S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-27] ()
    R2 ValBioService; C:\Program Files\Lenovo Fingerprint Reader\ValBioService.exe [24112 2013-07-26] (Validity Sensors, Inc.)
    R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [49040 2014-07-24] (Synaptics Incorporated)
    R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [32256 2014-07-24] (Synaptics Incorporated)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-15] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-15] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-15] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-15] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-15] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-15] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-15] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-15] ()
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
    R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-24] (Motorola Solutions, Inc.)
    R0 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2014-03-22] (Windows (R) Win 7 DDK provider)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
    R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-03-15] ()
    R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-03-15] ()
    R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-15] ()
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-16] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
    R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
    S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
    S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
    R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [408136 2013-05-08] (Realsil Semiconductor Corporation)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-02-06] (Synaptics Incorporated)
    S3 SWIX64; C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys [33856 2012-09-13] (Lenovo Group Limited)
    R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207256 2013-04-12] (Windows (R) Win 7 DDK provider)
    R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1045248 2013-03-01] (Vimicro Corporation)
    R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)
    R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-16] ()

    ========================== Drivers MD5 =======================

    C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
    C:\Windows\System32\drivers\WdBoot.sys F5D4FA3E1F4879C361FFF3855259D2C2
    C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
    C:\Windows\System32\drivers\WdFilter.sys 019CC610AD95FF47EAD7C08B7A683B96
    C:\Windows\System32\Drivers\WdNisDrv.sys 6CC1BB8F6851A262E2E824F0E92D5EEF
    C:\Windows\System32\DRIVERS\wfplwfs.sys BAB713B409258DB7B5D9F9693F802B0E
    C:\Windows\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620
    C:\Windows\system32\DRIVERS\WinUSB.sys AC263C2F66405589528995AA41040599
    C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
    C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
    C:\Windows\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
    C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
    C:\Windows\System32\drivers\WPRO_41_2001.sys 7CA09731EB7FC99B910C7F239E57720F
    C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
    C:\Windows\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
    C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-17 06:48 - 2015-01-16 19:25 - 00000000 ___DC () C:\WINDOWS\Panther
    2015-01-17 06:47 - 2015-01-17 06:47 - 00000000 ____D () C:\Windows.old
    2015-01-17 06:25 - 2015-01-17 06:25 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2015-01-17 06:25 - 2015-01-17 06:25 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2015-01-17 06:25 - 2015-01-17 06:25 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2015-01-17 06:25 - 2015-01-17 06:25 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
    2015-01-17 06:25 - 2015-01-17 06:25 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
    2015-01-17 06:25 - 2015-01-17 06:25 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2015-01-17 06:25 - 2015-01-17 06:25 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2015-01-17 06:25 - 2015-01-17 06:25 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2015-01-17 06:24 - 2015-01-17 06:24 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
    2015-01-17 06:24 - 2015-01-17 06:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2015-01-17 06:24 - 2015-01-17 06:24 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
    2015-01-17 06:24 - 2015-01-17 06:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
    2015-01-17 06:23 - 2015-01-17 06:23 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
    2015-01-17 06:23 - 2015-01-17 06:23 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2015-01-17 06:23 - 2015-01-17 06:23 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2015-01-17 06:23 - 2015-01-17 06:23 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2015-01-17 06:23 - 2015-01-17 06:23 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
    2015-01-17 06:23 - 2015-01-17 06:23 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
    2015-01-17 06:23 - 2015-01-17 06:23 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
    2015-01-17 06:20 - 2015-01-17 06:20 - 00000000 ____D () C:\Program Files\Reference Assemblies
    2015-01-17 06:20 - 2015-01-17 06:20 - 00000000 ____D () C:\Program Files\MSBuild
    2015-01-17 06:20 - 2015-01-17 06:20 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
    2015-01-17 06:20 - 2015-01-17 06:20 - 00000000 ____D () C:\Program Files (x86)\MSBuild
    2015-01-17 06:19 - 2013-08-03 08:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
    2015-01-17 06:19 - 2013-08-03 08:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-01-17 06:19 - 2013-08-03 08:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
    2015-01-17 06:19 - 2013-08-03 08:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
    2015-01-17 06:19 - 2013-08-03 08:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-01-17 06:19 - 2013-08-03 08:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
    2015-01-16 21:08 - 2015-01-16 21:08 - 00021766 _____ () C:\Users\arun\Downloads\FRST.txt
    2015-01-16 21:08 - 2015-01-16 21:08 - 00000000 ____D () C:\FRST
    2015-01-16 21:07 - 2015-01-16 21:08 - 02125312 _____ (Farbar) C:\Users\arun\Downloads\FRST64.exe
    2015-01-16 21:04 - 2015-01-16 21:04 - 00000625 _____ () C:\Users\arun\Desktop\JRT.txt
    2015-01-16 20:59 - 2015-01-16 21:00 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2015-01-16 20:58 - 2015-01-16 20:58 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-16 20:58 - 2015-01-16 20:58 - 00000000 ____D () C:\WINDOWS\ERUNT
    2015-01-16 20:58 - 2015-01-16 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-16 20:58 - 2015-01-16 20:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-16 20:58 - 2015-01-16 20:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-01-16 20:58 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2015-01-16 20:58 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2015-01-16 20:58 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2015-01-16 20:43 - 2015-01-16 20:43 - 00000118 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2015-01-16 20:38 - 2015-01-16 20:38 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
    2015-01-16 20:38 - 2015-01-16 20:38 - 00000464 __RSH () C:\ProgramData\ntuser.pol
    2015-01-16 20:30 - 2015-01-16 20:31 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\arun\Downloads\mbam-setup-2.0.4.1028.exe
    2015-01-16 20:28 - 2015-01-16 20:28 - 02191360 _____ () C:\Users\arun\Downloads\AdwCleaner(1).exe
    2015-01-16 20:28 - 2015-01-16 20:28 - 01707939 _____ (Thisisu) C:\Users\arun\Downloads\JRT.exe
    2015-01-16 20:28 - 2015-01-16 20:28 - 00865187 _____ () C:\Users\arun\Downloads\FRST.exe.part
    2015-01-16 20:27 - 2015-01-16 20:27 - 00002428 _____ () C:\Users\arun\Desktop\fixlist.txt
    2015-01-16 20:24 - 2015-01-16 20:24 - 00012519 _____ () C:\Users\arun\Desktop\hijackthis1.txt
    2015-01-16 20:21 - 2015-01-16 20:21 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
    2015-01-16 20:20 - 2015-01-16 20:20 - 00362880 _____ (Kaspersky Lab) C:\Users\arun\Downloads\setup.exe
    2015-01-16 20:05 - 2014-07-24 07:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
    2015-01-16 20:05 - 2014-07-24 07:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
    2015-01-16 20:02 - 2014-11-10 03:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2015-01-16 20:02 - 2014-11-10 03:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2015-01-16 20:02 - 2014-11-10 03:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2015-01-16 20:02 - 2014-11-10 03:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
    2015-01-16 20:00 - 2015-01-16 20:00 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-01-16 20:00 - 2015-01-16 20:00 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-01-16 20:00 - 2015-01-16 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2015-01-16 19:47 - 2015-01-16 19:47 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B007AF01-89EA-4FAF-8A38-876CFF4B6B53}
    2015-01-16 19:46 - 2015-01-16 19:46 - 00000000 __SHD () C:\Users\arun\AppData\Local\EmieUserList
    2015-01-16 19:46 - 2015-01-16 19:46 - 00000000 __SHD () C:\Users\arun\AppData\Local\EmieSiteList
    2015-01-16 19:46 - 2015-01-16 19:46 - 00000000 __SHD () C:\Users\arun\AppData\Local\EmieBrowserModeList
    2015-01-16 19:40 - 2014-12-31 15:14 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2015-01-16 19:29 - 2015-01-16 20:44 - 00000000 ____D () C:\Users\arun\OneDrive
    2015-01-16 19:26 - 2015-01-16 19:29 - 00000000 ____D () C:\Users\arun\AppData\Local\PackageStaging
    2015-01-16 19:25 - 2015-01-16 19:25 - 00001453 _____ () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-01-16 19:24 - 2015-01-16 19:24 - 00000425 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
    2015-01-16 19:23 - 2015-01-16 19:23 - 00000020 ___SH () C:\Users\arun\ntuser.ini
    2015-01-16 19:16 - 2015-01-16 20:53 - 01150654 _____ () C:\WINDOWS\WindowsUpdate.log
    2015-01-16 19:15 - 2015-01-16 19:15 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
    2015-01-16 19:04 - 2015-01-16 19:04 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
    2015-01-16 19:04 - 2015-01-16 19:04 - 00000000 ____D () C:\Users\Default\AppData\Local\Pokki
    2015-01-16 19:04 - 2015-01-16 19:04 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
    2015-01-16 19:04 - 2015-01-16 19:04 - 00000000 ____D () C:\Users\Default User\AppData\Local\Pokki
    2015-01-16 19:03 - 2015-01-16 19:03 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2015-01-16 19:00 - 2015-01-16 19:00 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
    2015-01-16 18:59 - 2015-01-16 19:29 - 00000000 ____D () C:\Users\arun
    2015-01-16 18:59 - 2015-01-16 19:09 - 00000000 ____D () C:\Users\Administrator
    2015-01-16 18:59 - 2015-01-16 19:00 - 00000000 ___RD () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-01-16 18:59 - 2015-01-16 19:00 - 00000000 ___RD () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-01-16 18:59 - 2015-01-16 18:59 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-01-16 18:59 - 2014-11-21 20:17 - 00000000 ___RD () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-01-16 18:59 - 2014-11-21 20:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-01-16 18:59 - 2014-11-21 20:17 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-01-16 18:59 - 2014-11-21 12:53 - 00000369 _____ () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2015-01-16 18:59 - 2014-11-21 12:53 - 00000369 _____ () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2015-01-16 18:59 - 2014-11-21 12:53 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
    2015-01-16 18:59 - 2014-11-21 12:53 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
    2015-01-16 18:59 - 2013-08-22 19:36 - 00000000 ____D () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-01-16 18:59 - 2013-08-22 19:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2015-01-16 18:58 - 2015-01-16 19:15 - 00032388 _____ () C:\WINDOWS\diagwrn.xml
    2015-01-16 18:58 - 2015-01-16 19:15 - 00032388 _____ () C:\WINDOWS\diagerr.xml
    2015-01-16 18:52 - 2015-01-16 19:01 - 00000000 ____D () C:\ProgramData\Conexant
    2015-01-16 18:52 - 2015-01-16 19:01 - 00000000 ____D () C:\Program Files\CONEXANT
    2015-01-16 18:52 - 2015-01-16 18:52 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
    2015-01-16 18:52 - 2015-01-16 18:52 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
    2015-01-16 18:52 - 2015-01-16 18:52 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_btmhsf_01011.Wdf
    2015-01-16 18:51 - 2015-01-16 19:01 - 00000000 ____D () C:\Program Files (x86)\Intel
    2015-01-16 18:51 - 2015-01-16 18:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
    2015-01-16 18:50 - 2015-01-16 20:37 - 00000000 ____D () C:\ProgramData\Validity
    2015-01-16 18:50 - 2015-01-16 19:01 - 00000000 ____D () C:\Program Files\Intel
    2015-01-16 18:50 - 2015-01-16 18:51 - 00000000 ____D () C:\Program Files\Synaptics
    2015-01-16 18:50 - 2015-01-16 18:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_wbf_vfs_lvcmn_01_09_00.Wdf
    2015-01-16 18:50 - 2015-01-16 18:50 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
    2015-01-16 18:50 - 2015-01-16 18:50 - 00000000 ____D () C:\Program Files (x86)\USB Camera
    2015-01-16 06:57 - 2015-01-16 06:57 - 00039030 _____ () C:\WINDOWS\SysWOW64\QuickControlService.dmp
    2015-01-16 03:18 - 2015-01-16 03:18 - 00002266 _____ () C:\WINDOWS\SysWOW64\BroomData.bit
    2015-01-16 03:18 - 2013-04-08 16:30 - 00022752 _____ () C:\WINDOWS\system32\PCloudBroom64.exe
    2015-01-16 01:34 - 2015-01-16 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
    2015-01-16 01:34 - 2015-01-16 01:34 - 00001293 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
    2015-01-16 01:34 - 2015-01-16 01:34 - 00000000 ____D () C:\Program Files (x86)\Panda Security
    2015-01-16 01:34 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
    2015-01-16 01:32 - 2015-01-16 01:33 - 32509672 _____ (Panda Security ) C:\Users\arun\Downloads\PandaCloudCleaner.exe
    2015-01-15 08:31 - 2015-01-16 19:15 - 00008175 _____ () C:\WINDOWS\comsetup.log
    2015-01-15 00:20 - 2015-01-16 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-01-15 00:20 - 2015-01-15 00:20 - 00001975 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-01-15 00:20 - 2015-01-15 00:20 - 00000000 ____D () C:\Users\arun\AppData\Roaming\AVAST Software
    2015-01-15 00:17 - 2015-01-16 19:27 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
    2015-01-15 00:16 - 2015-01-15 05:34 - 00000000 ____D () C:\Users\arun\AppData\Local\CrashDumps
    2015-01-15 00:16 - 2015-01-15 00:19 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
    2015-01-15 00:16 - 2015-01-15 00:19 - 00087912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
    2015-01-15 00:16 - 2015-01-15 00:16 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2015-01-15 00:16 - 2015-01-15 00:16 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2015-01-15 00:16 - 2015-01-15 00:16 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
    2015-01-15 00:16 - 2015-01-15 00:16 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2015-01-15 00:16 - 2015-01-15 00:16 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2015-01-15 00:16 - 2015-01-15 00:16 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2015-01-15 00:16 - 2015-01-15 00:16 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
    2015-01-15 00:16 - 2015-01-15 00:16 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
    2015-01-15 00:10 - 2015-01-15 00:10 - 00000000 ____D () C:\Program Files\AVAST Software
    2015-01-15 00:08 - 2015-01-15 00:08 - 00000000 ____D () C:\Program Files (x86)\ESET
    2015-01-15 00:07 - 2015-01-15 00:10 - 00000000 ____D () C:\ProgramData\AVAST Software
    2015-01-15 00:07 - 2015-01-15 00:07 - 04864824 _____ (AVAST Software) C:\Users\arun\Downloads\avast_free_antivirus_setup_online(1).exe
    2015-01-15 00:06 - 2015-01-15 00:06 - 02347384 _____ (ESET) C:\Users\arun\Downloads\esetsmartinstaller_enu.exe
    2015-01-15 00:05 - 2015-01-15 00:05 - 00000036 _____ () C:\Users\arun\AppData\Local\housecall.guid.cache
    2015-01-15 00:04 - 2015-01-15 00:05 - 02073112 _____ (Trend Micro Inc.) C:\Users\arun\Downloads\HousecallLauncher.exe
    2015-01-13 23:52 - 2015-01-16 20:37 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
    2015-01-13 23:14 - 2015-01-13 23:14 - 00004032 _____ () C:\{8C0AA966-7843-48AF-BC23-93570A9BE931}
    2015-01-13 22:23 - 2014-10-22 07:34 - 00010777 _____ () C:\WINDOWS\system32\AutoconfigV2.cab
    2015-01-13 22:08 - 2015-01-13 22:08 - 00002079 _____ () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk
    2015-01-13 22:08 - 2015-01-13 22:08 - 00001368 _____ () C:\{3E80C9C6-A26D-43BE-957E-4DA7035BE1A4}
    2015-01-13 21:55 - 2015-01-16 19:02 - 00000000 ____D () C:\WINDOWS\system32\appraiser
    2015-01-13 21:26 - 2015-01-13 21:26 - 00003752 _____ () C:\{0F0C9192-35F6-41C5-815C-86603CC8E314}
    2015-01-13 21:24 - 2015-01-13 21:24 - 00003800 _____ () C:\{88CCF4FD-939C-4567-BE38-D455C325E70F}
    2015-01-13 21:18 - 2015-01-13 21:18 - 00003752 _____ () C:\{6209F923-6F4E-4478-946F-0C8759601817}
    2015-01-13 21:09 - 2015-01-13 21:09 - 00003800 _____ () C:\{32DD804D-1964-484F-967F-9A7C2A1E98FF}
    2015-01-13 21:04 - 2015-01-13 21:04 - 00003752 _____ () C:\{E7F2B0C2-3B3F-4025-8DCC-462093D60BBB}
    2015-01-13 20:59 - 2015-01-13 20:59 - 00003800 _____ () C:\{A77FF03B-7CF1-423F-A737-DD8164C3018E}
    2015-01-13 20:57 - 2015-01-13 20:57 - 00003752 _____ () C:\{BB94628D-C2E8-4ED7-B30D-DEE7301EB7C2}
    2015-01-13 20:51 - 2015-01-13 20:51 - 00003800 _____ () C:\{92B480CC-6586-4488-AD98-656492711F87}
    2015-01-13 20:45 - 2015-01-13 20:45 - 00003752 _____ () C:\{909F61AA-0960-4891-957E-7B333DB2FA49}
    2015-01-13 20:34 - 2015-01-13 20:34 - 00003800 _____ () C:\{803C92A0-E4D0-4F6F-B206-3EA8FD19E38F}
    2015-01-13 20:33 - 2015-01-13 20:33 - 00003752 _____ () C:\{3D287E45-E691-4982-99E7-861B4D6E90A6}
    2015-01-13 20:31 - 2015-01-13 20:31 - 00003800 _____ () C:\{4DA63810-095A-4D80-82D6-36FB7FA5AE31}
    2015-01-13 20:30 - 2015-01-13 20:30 - 00003752 _____ () C:\{8D186258-08AD-4AA9-9B60-72F9F516781D}
    2015-01-13 20:24 - 2015-01-13 20:24 - 00003800 _____ () C:\{C3F268AD-3121-4FE8-9C40-D0CA3E920220}
    2015-01-13 20:18 - 2015-01-13 20:18 - 00003752 _____ () C:\{ECA100A3-361F-4A94-8F61-AFB40D9092F3}
    2015-01-13 20:12 - 2015-01-13 20:12 - 00003800 _____ () C:\{B6D1FF74-58FC-4CA3-9A4E-6C31CEF50A3C}
    2015-01-13 20:09 - 2015-01-13 20:09 - 00003752 _____ () C:\{BCA98F2D-6D17-4974-BE6F-06A54379BDB0}
    2015-01-13 19:18 - 2015-01-13 19:18 - 00003752 _____ () C:\{6E44AD26-0CB1-4D82-BC31-5153DD3FB480}
    2015-01-13 19:03 - 2015-01-13 23:47 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2015-01-13 19:03 - 2015-01-13 23:44 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-01-13 18:54 - 2015-01-13 18:54 - 00003800 _____ () C:\{9130A625-2D1C-4BE7-A1CD-B826557BF1B6}
    2015-01-13 18:47 - 2015-01-16 19:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
    2015-01-13 18:46 - 2015-01-13 18:46 - 00000000 ____D () C:\Program Files\Common Files\Intel
    2015-01-13 18:46 - 2015-01-13 18:46 - 00000000 ____D () C:\Program Files (x86)\Cisco
    2015-01-13 18:14 - 2015-01-13 18:15 - 00000000 ____D () C:\Users\arun\dwhelper
    2015-01-13 18:11 - 2015-01-13 18:12 - 00000000 ____D () C:\Users\arun\AppData\Local\WinZip
    2015-01-13 17:41 - 2015-01-13 17:41 - 00003752 _____ () C:\{D4F70BC6-EE59-4158-A75F-984F38DD7AC7}
    2015-01-13 17:38 - 2015-01-13 17:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
    2015-01-13 17:32 - 2015-01-13 17:32 - 00002002 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
    2015-01-13 04:25 - 2015-01-16 19:04 - 00000000 ____D () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2015-01-13 04:15 - 2014-12-05 05:41 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2015-01-13 04:15 - 2014-12-05 05:41 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2015-01-13 03:51 - 2015-01-16 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
    2015-01-13 03:51 - 2015-01-13 03:51 - 00002264 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
    2015-01-13 03:51 - 2015-01-13 03:51 - 00002258 _____ () C:\Users\Public\Desktop\WinZip.lnk
    2015-01-13 03:51 - 2015-01-13 03:51 - 00000000 ____D () C:\ProgramData\WinZip
    2015-01-13 03:51 - 2015-01-13 03:51 - 00000000 ____D () C:\Program Files (x86)\WinZip
    2015-01-13 03:47 - 2015-01-16 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2015-01-13 03:47 - 2015-01-13 20:27 - 00000000 ____D () C:\Program Files (x86)\Steam
    2015-01-13 03:47 - 2015-01-13 03:47 - 00000974 _____ () C:\Users\Public\Desktop\Steam.lnk
    2015-01-13 03:43 - 2015-01-13 03:43 - 00000000 ____D () C:\Users\arun\AppData\Local\Macromedia
    2015-01-13 03:42 - 2015-01-13 03:46 - 59058544 _____ () C:\Users\arun\Downloads\winzip190-32.exe
    2015-01-13 03:41 - 2015-01-16 20:50 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2015-01-13 03:41 - 2015-01-13 22:50 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
    2015-01-13 03:33 - 2015-01-13 03:33 - 00244624 _____ () C:\Users\arun\Downloads\InstallIMVU_514.0_st_c.exe
    2015-01-13 03:23 - 2015-01-13 03:50 - 220569600 _____ () C:\Users\arun\Downloads\LibreOffice_4.2.8_Win_x86.msi
    2015-01-13 03:13 - 2015-01-16 20:34 - 00147842 _____ () C:\Users\Public\CAFADEBUG.log
    2015-01-13 02:54 - 2015-01-16 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    2015-01-13 02:54 - 2015-01-16 03:16 - 00000000 ____D () C:\Users\arun\AppData\Roaming\vlc
    2015-01-13 02:54 - 2015-01-13 02:54 - 00001077 _____ () C:\Users\Public\Desktop\VLC media player.lnk
    2015-01-13 02:54 - 2015-01-13 02:54 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
    2015-01-13 02:53 - 2015-01-13 02:54 - 24743106 _____ () C:\Users\arun\Downloads\vlc-2.1.5-win32.exe
    2015-01-13 02:46 - 2015-01-16 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2015-01-13 02:46 - 2015-01-13 02:47 - 00000000 ____D () C:\Users\arun\AppData\Roaming\Mozilla
    2015-01-13 02:46 - 2015-01-13 02:47 - 00000000 ____D () C:\Users\arun\AppData\Local\Mozilla
    2015-01-13 02:46 - 2015-01-13 02:46 - 00000000 ____D () C:\ProgramData\Mozilla
    2015-01-13 02:29 - 2015-01-16 21:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2917679876-1677656169-376132391-1001
    2015-01-13 02:28 - 2015-01-13 02:28 - 00000000 ____D () C:\Users\Public\Pokki
    2015-01-13 02:27 - 2015-01-13 22:10 - 00002249 _____ () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
    2015-01-13 02:26 - 2015-01-13 17:32 - 00000000 ____D () C:\Users\arun\AppData\Local\LSC
    2015-01-13 02:24 - 2015-01-13 17:38 - 00000000 ____D () C:\Users\arun\AppData\Roaming\LSC
    2015-01-13 02:24 - 2015-01-13 03:42 - 00000000 ____D () C:\Users\arun\AppData\Local\Adobe
    2015-01-13 02:23 - 2015-01-13 02:23 - 00000000 ____D () C:\Users\arun\AppData\Roaming\Lenovo
    2015-01-13 02:23 - 2015-01-13 02:23 - 00000000 ____D () C:\Users\arun\AppData\Roaming\ATI
    2015-01-13 02:23 - 2015-01-13 02:23 - 00000000 ____D () C:\Users\arun\AppData\Local\Lenovo
    2015-01-13 02:23 - 2015-01-13 02:23 - 00000000 ____D () C:\Users\arun\AppData\Local\ATI
    2015-01-13 02:23 - 2015-01-13 02:23 - 00000000 ____D () C:\ProgramData\ATI
    2015-01-13 02:22 - 2015-01-16 19:26 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
    2015-01-13 02:21 - 2015-01-13 02:24 - 00000000 ____D () C:\Users\arun\AppData\Roaming\Adobe
    2015-01-13 02:20 - 2015-01-13 02:20 - 00000000 ____D () C:\Users\arun\AppData\Local\Absolute_Software
    2015-01-13 02:19 - 2015-01-16 14:08 - 00001532 _____ () C:\Users\arun\AppData\Roaming\AbsoluteReminder.xml
    2015-01-13 02:18 - 2015-01-16 20:43 - 00000193 _____ () C:\Users\arun\AppData\Local\RegisteredPackageInformation.xml
    2015-01-13 02:18 - 2015-01-16 20:23 - 00000000 ____D () C:\Users\arun\AppData\Local\VirtualStore
    2015-01-13 02:18 - 2015-01-16 19:33 - 00000000 ____D () C:\Users\arun\AppData\Local\Packages
    2015-01-13 02:18 - 2015-01-13 02:18 - 00000000 ____D () C:\Users\arun\AppData\Roaming\Intel
    2015-01-13 02:10 - 2015-01-16 13:59 - 00000000 ____D () C:\Users\arun\AppData\Local\Pokki
    2015-01-13 02:10 - 2014-03-22 05:42 - 00000000 ____D () C:\Users\arun\AppData\Roaming\Macromedia
    2015-01-13 02:10 - 2013-01-14 22:58 - 00001599 _____ () C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LenovoToast.lnk
    2015-01-13 02:09 - 2015-01-16 20:38 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
    2015-01-13 02:08 - 2015-01-13 02:08 - 00000000 ____D () C:\WINDOWS\CSC
    2015-01-13 01:42 - 2015-01-13 05:49 - 00000000 ___HD () C:\$SysReset
    2015-01-13 01:41 - 2015-01-13 01:41 - 00000000 ____D () C:\Users\arun\Documents\My Received Files
    2015-01-13 01:15 - 2015-01-13 01:24 - 262298536 _____ (Lenovo Group Limited ) C:\Users\arun\Downloads\j3d706ww.exe
    2015-01-11 04:22 - 2015-01-11 04:23 - 00017811 _____ () C:\Users\arun\Documents\PRAYER REQUEST 120.odt
    2015-01-10 01:58 - 2015-01-10 01:58 - 15352218 _____ () C:\Users\arun\Downloads\wwe-wrestlemania.xap
    2015-01-08 06:40 - 2015-01-08 06:42 - 05105895 _____ () C:\Users\arun\Desktop\Success attraction prayer activates the laws of success.flv
    2015-01-08 06:40 - 2015-01-08 06:41 - 05182035 _____ () C:\Users\arun\Desktop\Manifest prosperity and unlimited wealth in ur life prayer.flv
    2015-01-08 06:39 - 2015-01-08 06:41 - 05217798 _____ () C:\Users\arun\Desktop\See ur prosperity growth increase in the name of Jesus.flv
    2015-01-08 06:38 - 2015-01-08 06:39 - 05166449 _____ () C:\Users\arun\Desktop\Prayer to be smarter about money and watch it increase.flv
    2015-01-08 06:37 - 2015-01-08 06:39 - 05154736 _____ () C:\Users\arun\Desktop\Prayer to renew ur strength if you are spiritually burnt out.flv
    2015-01-03 02:48 - 2015-01-03 02:48 - 05006864 _____ (AVAST Software) C:\Users\arun\Downloads\avast_free_antivirus_setup_online.exe
    2015-01-03 02:44 - 2015-01-03 02:45 - 04637504 _____ (AVG Technologies) C:\Users\arun\Downloads\avg_free_stb_all_2015_5557_cnet.exe
    2014-12-28 05:28 - 2014-12-28 05:30 - 05306219 _____ () C:\Users\arun\Desktop\If there is an attachment of demonic spirits on you prayer.flv
    2014-12-25 19:15 - 2014-12-25 19:17 - 05187987 _____ () C:\Users\arun\Desktop\Pray if you are always dreaming of demonic things.flv
    2014-12-25 19:14 - 2014-12-25 19:16 - 05175114 _____ () C:\Users\arun\Desktop\Prayer to conquer demonic beings of stress in ur life.flv
    2014-12-25 19:14 - 2014-12-25 19:15 - 05116492 _____ () C:\Users\arun\Desktop\Praying this hinders all rituals from the demonic book of spells.flv
    2014-12-25 19:13 - 2014-12-25 19:14 - 05124544 _____ () C:\Users\arun\Desktop\Prayer to vanquish all satanic creatures opposing you.flv
    2014-12-25 19:12 - 2014-12-25 19:14 - 05093449 _____ () C:\Users\arun\Desktop\Prayer repels all satanic spell caster hexes on your health.flv
    2014-12-25 19:12 - 2014-12-25 19:13 - 05169615 _____ () C:\Users\arun\Desktop\Prayer to prevent death spells from binding to you.flv
    2014-12-23 17:42 - 2014-12-23 17:44 - 56840704 _____ () C:\Users\arun\Downloads\VizzedRgrPlugin-v2.0.msi
    2014-12-23 04:18 - 2014-12-23 04:20 - 05287186 _____ () C:\Users\arun\Desktop\Prayer allows u to attract love spiritually then physically.flv
    2014-12-23 04:17 - 2014-12-23 04:19 - 05408082 _____ () C:\Users\arun\Desktop\Prayer against satanic groups for them to crumble.flv
    2014-12-18 01:14 - 2015-01-12 04:55 - 00056517 _____ () C:\Users\arun\Desktop\SALVATION TRACT2.odt
    2014-12-18 00:41 - 2014-12-18 00:42 - 00000000 ____D () C:\Users\arun\Desktop\bible
    2014-12-17 21:42 - 2014-12-17 21:46 - 38336856 _____ () C:\Users\arun\Downloads\WSBasicSetup.exe
    2014-12-17 21:41 - 2014-12-17 21:52 - 22463146 _____ () C:\Users\arun\Desktop\Luke.zip
    2014-12-17 21:41 - 2014-12-17 21:49 - 21050380 _____ () C:\Users\arun\Downloads\Matthew.zip
    2014-12-17 21:41 - 2014-12-17 21:48 - 17172371 _____ () C:\Users\arun\Downloads\John.zip
    2014-12-17 21:41 - 2014-12-17 21:48 - 12974179 _____ () C:\Users\arun\Downloads\Mark.zip
    2014-12-17 17:33 - 2014-12-17 17:33 - 00244624 _____ () C:\Users\arun\Downloads\InstallIMVU_513.0_st_c.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-01-17 06:47 - 2014-07-15 18:59 - 00000000 __SHD () C:\Recovery
    2015-01-17 06:47 - 2013-08-22 19:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
    2015-01-17 06:24 - 2013-08-22 19:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
    2015-01-16 21:06 - 2012-07-26 11:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2015-01-16 21:00 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2015-01-16 20:53 - 2013-08-22 18:46 - 00339199 _____ () C:\WINDOWS\setupact.log
    2015-01-16 20:45 - 2014-11-21 12:43 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2015-01-16 20:38 - 2013-08-22 18:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2015-01-16 20:37 - 2014-11-21 12:34 - 00005732 _____ () C:\WINDOWS\PFRO.log
    2015-01-16 20:36 - 2013-08-22 17:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
    2015-01-16 20:34 - 2014-11-22 16:52 - 00000000 ____D () C:\AdwCleaner
    2015-01-16 20:27 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\restore
    2015-01-16 20:24 - 2014-09-08 16:50 - 00012519 _____ () C:\Users\arun\Desktop\hijackthis.log
    2015-01-16 19:56 - 2013-08-22 17:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2015-01-16 19:34 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2015-01-16 19:29 - 2014-07-16 01:11 - 00000000 __RDO () C:\Users\arun\OneDrive.old
    2015-01-16 19:27 - 2014-11-22 02:07 - 00000000 ___HD () C:\$Windows.~BT
    2015-01-16 19:24 - 2014-03-22 05:21 - 00000000 ____D () C:\Intel
    2015-01-16 19:17 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\rescache
    2015-01-16 19:16 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\Registration
    2015-01-16 19:13 - 2013-08-22 19:36 - 00000000 __RSD () C:\WINDOWS\Media
    2015-01-16 19:13 - 2013-08-22 19:36 - 00000000 __RHD () C:\Users\Public\Libraries
    2015-01-16 19:05 - 2013-08-22 18:44 - 00337808 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2015-01-16 19:04 - 2014-03-22 05:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
    2015-01-16 19:04 - 2014-03-22 05:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Absolute Software
    2015-01-16 19:04 - 2014-03-22 05:44 - 00000000 ____D () C:\Program Files\Lenovo Fingerprint Reader
    2015-01-16 19:04 - 2014-03-22 05:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
    2015-01-16 19:04 - 2014-03-22 05:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
    2015-01-16 19:04 - 2014-03-22 05:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
    2015-01-16 19:04 - 2014-03-22 05:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
    2015-01-16 19:04 - 2013-08-22 19:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
    2015-01-16 19:04 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
    2015-01-16 19:04 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioDatabase
    2015-01-16 19:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
    2015-01-16 19:04 - 2012-07-26 09:37 - 00000000 ____D () C:\Users\Default.migrated
    2015-01-16 19:03 - 2014-11-21 12:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
    2015-01-16 19:03 - 2014-11-21 12:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
    2015-01-16 19:03 - 2014-03-22 05:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
    2015-01-16 19:03 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
    2015-01-16 19:03 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
    2015-01-16 19:03 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
    2015-01-16 19:02 - 2014-11-21 20:17 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
    2015-01-16 19:02 - 2014-11-21 12:00 - 00000000 ____D () C:\WINDOWS\system32\WCN
    2015-01-16 19:02 - 2013-08-22 19:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\spool
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\IME
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\IME
    2015-01-16 19:02 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\Help
    2015-01-16 19:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
    2015-01-16 19:01 - 2014-03-22 05:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
    2015-01-16 19:01 - 2014-03-22 05:24 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
    2015-01-16 19:01 - 2013-08-22 19:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
    2015-01-16 19:01 - 2013-08-22 19:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
    2015-01-16 19:01 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\AppCompat
    2015-01-16 19:01 - 2013-08-22 19:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2015-01-16 19:01 - 2013-03-26 01:03 - 00000000 ____D () C:\ProgramData\PRICache
    2015-01-16 19:00 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
    2015-01-16 19:00 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\system32\GroupPolicy
    2015-01-16 18:59 - 2013-03-26 01:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Packages
    2015-01-16 18:52 - 2013-08-22 18:46 - 00000084 _____ () C:\WINDOWS\setuperr.log
    2015-01-16 18:50 - 2013-08-22 19:36 - 00000000 ____D () C:\WINDOWS\System
    2015-01-16 18:49 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Default
    2015-01-16 18:10 - 2014-03-22 05:04 - 01307437 _____ () C:\WINDOWS\WindowsUpdate (1).log
    2015-01-16 06:27 - 2014-03-22 05:46 - 00000000 ____D () C:\ProgramData\Norton
    2015-01-16 06:27 - 2012-07-26 12:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
    2015-01-16 06:13 - 2012-07-26 12:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
    2015-01-16 06:09 - 2012-07-26 09:26 - 00000194 _____ () C:\WINDOWS\win.ini
    2015-01-13 22:13 - 2014-03-22 05:27 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-01-13 18:49 - 2014-03-22 05:22 - 00000000 ____D () C:\ProgramData\Intel
    2015-01-13 17:32 - 2014-03-22 05:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
    2015-01-13 17:32 - 2014-03-22 05:25 - 00000000 ____D () C:\Program Files\Lenovo
    2015-01-13 17:32 - 2014-03-21 13:19 - 00000000 ____D () C:\ProgramData\Lenovo
    2015-01-13 17:25 - 2014-03-22 05:40 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
    2015-01-13 04:25 - 2014-09-20 01:13 - 00000220 _____ () C:\Users\arun\Desktop\Sid Meier's Civilization V.url
    2015-01-13 02:21 - 2014-03-22 06:53 - 00090489 _____ () C:\WINDOWS\modules.log
    2015-01-12 04:55 - 2014-07-18 10:42 - 00117248 ___SH () C:\Users\arun\Desktop\Thumbs.db
    2014-12-23 17:37 - 2014-08-16 03:54 - 00119296 ___SH () C:\Users\arun\Downloads\Thumbs.db

    Some content of TEMP:
    ====================
    C:\Users\arun\AppData\Local\Temp\mpam-e3447879.exe
    C:\Users\arun\AppData\Local\Temp\Quarantine.exe
    C:\Users\arun\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    ==================== BCD ================================

    Firmware Boot Manager
    ---------------------
    identifier {fwbootmgr}
    displayorder {bootmgr}
    {26134bcf-b162-11e3-929c-806e6f6e6963}
    {26134bd0-b162-11e3-929c-806e6f6e6963}
    {26134bd1-b162-11e3-929c-806e6f6e6963}
    {26134bd2-b162-11e3-929c-806e6f6e6963}
    {26134bd3-b162-11e3-929c-806e6f6e6963}
    {26134bd4-b162-11e3-929c-806e6f6e6963}
    timeout 0

    Windows Boot Manager
    --------------------
    identifier {bootmgr}
    device partition=\Device\HarddiskVolume2
    path \EFI\Microsoft\Boot\bootmgfw.efi
    description Windows Boot Manager
    locale en-US
    inherit {globalsettings}
    default {current}
    resumeobject {ea31b2d1-9b0b-11e4-8cb0-bc6bb1219edd}
    displayorder {current}
    toolsdisplayorder {memdiag}
    timeout 30

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bc9-b162-11e3-929c-806e6f6e6963}
    description Setup

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bca-b162-11e3-929c-806e6f6e6963}
    description Boot Menu

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bcb-b162-11e3-929c-806e6f6e6963}
    description Diagnostic Splash Screen

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bcc-b162-11e3-929c-806e6f6e6963}
    description Lenovo Diagnostics

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bcd-b162-11e3-929c-806e6f6e6963}
    description Startup Interrupt Menu

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bce-b162-11e3-929c-806e6f6e6963}
    description Rescue and Recovery

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bcf-b162-11e3-929c-806e6f6e6963}
    description USB CD

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bd0-b162-11e3-929c-806e6f6e6963}
    description USB FDD

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bd1-b162-11e3-929c-806e6f6e6963}
    description ATA HDD0

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bd2-b162-11e3-929c-806e6f6e6963}
    description ATA HDD1

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bd3-b162-11e3-929c-806e6f6e6963}
    description USB HDD

    Firmware Application (101fffff)
    -------------------------------
    identifier {26134bd4-b162-11e3-929c-806e6f6e6963}
    description PCI LAN

    Windows Boot Loader
    -------------------
    identifier {175eee32-0b99-11e4-8e91-dea7aebad11e}
    device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{175eee33-0b99-11e4-8e91-dea7aebad11e}
    path \windows\system32\winload.efi
    description Windows Recovery Environment
    locale en-US
    inherit {bootloadersettings}
    displaymessage Recovery
    displaymessageoverride Recovery
    osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{175eee33-0b99-11e4-8e91-dea7aebad11e}
    systemroot \windows
    nx OptIn
    bootmenupolicy Standard
    winpe Yes

    Windows Boot Loader
    -------------------
    identifier {2ef4a634-0020-11e4-be71-ac7ba152c3bc}
    device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{2ef4a635-0020-11e4-be71-ac7ba152c3bc}
    path \windows\system32\winload.efi
    description Windows Recovery Environment
    locale en-US
    inherit {bootloadersettings}
    displaymessage Recovery
    displaymessageoverride Recovery
    osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{2ef4a635-0020-11e4-be71-ac7ba152c3bc}
    systemroot \windows
    nx OptIn
    bootmenupolicy Standard
    winpe Yes

    Windows Boot Loader
    -------------------
    identifier {3aa4afb9-0bfd-11e4-b77c-a4c32d2f334f}
    device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{3aa4afba-0bfd-11e4-b77c-a4c32d2f334f}
    path \windows\system32\winload.efi
    description Windows Recovery Environment
    locale en-US
    inherit {bootloadersettings}
    displaymessage Recovery
    displaymessageoverride Recovery
    osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{3aa4afba-0bfd-11e4-b77c-a4c32d2f334f}
    systemroot \windows
    nx OptIn
    bootmenupolicy Standard
    winpe Yes

    Windows Boot Loader
    -------------------
    identifier {ea31b2ce-9b0b-11e4-8cb0-bc6bb1219edd}
    device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ea31b2cf-9b0b-11e4-8cb0-bc6bb1219edd}
    path \windows\system32\winload.efi
    description Windows Recovery Environment
    locale en-US
    inherit {bootloadersettings}
    displaymessage Recovery
    displaymessageoverride Recovery
    osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{ea31b2cf-9b0b-11e4-8cb0-bc6bb1219edd}
    systemroot \windows
    nx OptIn
    bootmenupolicy Standard
    winpe Yes

    Windows Boot Loader
    -------------------
    identifier {current}
    device partition=C:
    path \WINDOWS\system32\winload.efi
    description Windows 8.1
    locale en-US
    inherit {bootloadersettings}
    recoverysequence {ea31b2d3-9b0b-11e4-8cb0-bc6bb1219edd}
    recoveryenabled Yes
    isolatedcontext Yes
    allowedinmemorysettings 0x15000075
    osdevice partition=C:
    systemroot \WINDOWS
    resumeobject {ea31b2d1-9b0b-11e4-8cb0-bc6bb1219edd}
    nx OptIn
    bootmenupolicy Standard

    Windows Boot Loader
    -------------------
    identifier {ea31b2d3-9b0b-11e4-8cb0-bc6bb1219edd}
    device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ea31b2d4-9b0b-11e4-8cb0-bc6bb1219edd}
    path \windows\system32\winload.efi
    description Windows Recovery Environment
    locale en-US
    inherit {bootloadersettings}
    displaymessage Recovery
    displaymessageoverride Recovery
    osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{ea31b2d4-9b0b-11e4-8cb0-bc6bb1219edd}
    systemroot \windows
    nx OptIn
    bootmenupolicy Standard
    winpe Yes

    Resume from Hibernate
    ---------------------
    identifier {175eee30-0b99-11e4-8e91-dea7aebad11e}
    device partition=C:
    path \WINDOWS\system32\winresume.efi
    description Windows Resume Application
    locale en-US
    inherit {resumeloadersettings}
    recoverysequence {175eee32-0b99-11e4-8e91-dea7aebad11e}
    recoveryenabled Yes
    isolatedcontext Yes
    allowedinmemorysettings 0x15000075
    filedevice partition=C:
    filepath \hiberfil.sys
    bootmenupolicy Standard
    debugoptionenabled No

    Resume from Hibernate
    ---------------------
    identifier {3aa4afb7-0bfd-11e4-b77c-a4c32d2f334f}
    device partition=C:
    path \WINDOWS\system32\winresume.efi
    description Windows Resume Application
    locale en-US
    inherit {resumeloadersettings}
    recoverysequence {3aa4afb9-0bfd-11e4-b77c-a4c32d2f334f}
    recoveryenabled Yes
    isolatedcontext Yes
    allowedinmemorysettings 0x15000075
    filedevice partition=C:
    filepath \hiberfil.sys
    bootmenupolicy Standard
    debugoptionenabled No

    Resume from Hibernate
    ---------------------
    identifier {581f4299-b0d9-11e3-902e-201a06c6f805}
    device partition=C:
    path \windows\system32\winresume.efi
    description Windows Resume Application
    locale en-US
    inherit {resumeloadersettings}
    recoverysequence {2ef4a634-0020-11e4-be71-ac7ba152c3bc}
    recoveryenabled Yes
    isolatedcontext Yes
    allowedinmemorysettings 0x15000075
    filedevice partition=C:
    filepath \hiberfil.sys
    bootmenupolicy Standard
    debugoptionenabled No

    Resume from Hibernate
    ---------------------
    identifier {ea31b2cc-9b0b-11e4-8cb0-bc6bb1219edd}
    device partition=C:
    path \WINDOWS\system32\winresume.efi
    description Windows Resume Application
    locale en-US
    inherit {resumeloadersettings}
    recoverysequence {ea31b2ce-9b0b-11e4-8cb0-bc6bb1219edd}
    recoveryenabled Yes
    isolatedcontext Yes
    allowedinmemorysettings 0x15000075
    filedevice partition=C:
    filepath \hiberfil.sys
    bootmenupolicy Standard
    debugoptionenabled No

    Resume from Hibernate
    ---------------------
    identifier {ea31b2d1-9b0b-11e4-8cb0-bc6bb1219edd}
    device partition=C:
    path \WINDOWS\system32\winresume.efi
    description Windows Resume Application
    locale en-US
    inherit {resumeloadersettings}
    recoverysequence {ea31b2d3-9b0b-11e4-8cb0-bc6bb1219edd}
    recoveryenabled Yes
    isolatedcontext Yes
    allowedinmemorysettings 0x15000075
    filedevice partition=C:
    filepath \hiberfil.sys
    bootmenupolicy Standard
    debugoptionenabled No

    Windows Memory Tester
    ---------------------
    identifier {memdiag}
    device partition=\Device\HarddiskVolume2
    path \EFI\Microsoft\Boot\memtest.efi
    description Windows Memory Diagnostic
    locale en-US
    inherit {globalsettings}
    badmemoryaccess Yes

    EMS Settings
    ------------
    identifier {emssettings}
    bootems No

    Debugger Settings
    -----------------
    identifier {dbgsettings}
    debugtype Serial
    debugport 1
    baudrate 115200

    RAM Defects
    -----------
    identifier {badmemory}

    Global Settings
    ---------------
    identifier {globalsettings}
    inherit {dbgsettings}
    {emssettings}
    {badmemory}

    Boot Loader Settings
    --------------------
    identifier {bootloadersettings}
    inherit {globalsettings}
    {hypervisorsettings}

    Hypervisor Settings
    -------------------
    identifier {hypervisorsettings}
    hypervisordebugtype Serial
    hypervisordebugport 1
    hypervisorbaudrate 115200

    Resume Loader Settings
    ----------------------
    identifier {resumeloadersettings}
    inherit {globalsettings}

    Device options
    --------------
    identifier {175eee33-0b99-11e4-8e91-dea7aebad11e}
    description Windows Recovery
    ramdisksdidevice partition=\Device\HarddiskVolume1
    ramdisksdipath \Recovery\WindowsRE\boot.sdi

    Device options
    --------------
    identifier {175eee34-0b99-11e4-8e91-dea7aebad11e}
    description Windows Setup
    ramdisksdidevice partition=C:
    ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

    Device options
    --------------
    identifier {2ef4a635-0020-11e4-be71-ac7ba152c3bc}
    description Windows Recovery
    ramdisksdidevice partition=\Device\HarddiskVolume1
    ramdisksdipath \Recovery\WindowsRE\boot.sdi

    Device options
    --------------
    identifier {2ef4a636-0020-11e4-be71-ac7ba152c3bc}
    description Windows Setup
    ramdisksdidevice partition=C:
    ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

    Device options
    --------------
    identifier {3aa4afba-0bfd-11e4-b77c-a4c32d2f334f}
    description Windows Recovery
    ramdisksdidevice partition=\Device\HarddiskVolume1
    ramdisksdipath \Recovery\WindowsRE\boot.sdi

    Device options
    --------------
    identifier {a4a25b9c-0c1e-11e4-be71-ac7ba152c3c0}
    description Windows Setup
    ramdisksdidevice partition=C:
    ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

    Setup Ramdisk Options
    ---------------------
    identifier {ramdiskoptions}
    description Ramdisk options
    ramdisksdidevice boot
    ramdisksdipath \boot\boot.sdi

    Device options
    --------------
    identifier {ea31b2cf-9b0b-11e4-8cb0-bc6bb1219edd}
    description Windows Recovery
    ramdisksdidevice partition=\Device\HarddiskVolume1
    ramdisksdipath \Recovery\WindowsRE\boot.sdi

    Device options
    --------------
    identifier {ea31b2d0-9b0b-11e4-8cb0-bc6bb1219edd}
    description Windows Setup
    ramdisksdidevice partition=C:
    ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

    Device options
    --------------
    identifier {ea31b2d4-9b0b-11e4-8cb0-bc6bb1219edd}
    description Windows Recovery
    ramdisksdidevice partition=\Device\HarddiskVolume5
    ramdisksdipath \Recovery\WindowsRE\boot.sdi



    LastRegBack: 2015-01-16 18:49

    ==================== End Of Log ============================
     
  3. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    Users shortcut scan result (x64) Version: 15-01-2015 01
    Ran by arun at 2015-01-16 21:11:22
    Running from C:\Users\arun\Downloads
    Boot Mode: Normal
    ==================== Shortcuts =============================
    (The entries could be listed to be restored or removed.)



    Shortcut: C:\Users\Administrator\Links\Desktop.lnk -> C:\Users\arun\Desktop ()
    Shortcut: C:\Users\Administrator\Links\Downloads.lnk -> C:\Users\arun\Downloads ()
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\arun\Documents ()
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LenovoToast.lnk -> C:\ProgramData\NoiseSuppressionTips\LenovoToast.exe ()
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\arun\Pictures ()
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer (2).lnk -> C:\Users\arun\AppData\Roaming\Microsoft\Windows\Libraries ()
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Users\arun\AppData\Roaming\Microsoft\Windows\Libraries ()
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\NoiseSuppressionTips\LenovoToast.lnk -> C:\ProgramData\NoiseSuppressionTips\LenovoToast.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk -> C:\Program Files (x86)\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk -> C:\Windows\Camera\Camera.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk -> C:\Windows\FileManager\FileManager.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Cloud Storage by SugarSync.lnk -> C:\Program Files (x86)\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Ultranav (Touchpad Clickpad Trackpad TrackPoint Mouse Pointer Pointing Pad).lnk -> C:\Windows\System32\main.cpl (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk -> C:\Windows\FileManager\PhotosApp.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 19.0.lnk -> C:\Program Files (x86)\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Panda Cloud Cleaner.lnk -> C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Uninstall Panda Cloud Cleaner.lnk -> C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\unins000.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Active Protection System.lnk -> C:\Windows\System32\TpShCPL.cpl (Lenovo.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo Solution Center.lnk -> C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo User Guide.lnk -> C:\ProgramData\Lenovo\userguides\viewer\LenovoUserGuide.exe (Lenovo)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\System Update.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Warranty Information.lnk -> C:\Program Files (x86)\Lenovo\Warranty Viewer\WarrantyViewer.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo QuickControl.lnk -> C:\Program Files (x86)\Lenovo\QuickControl\QuickControlUI.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\System Update.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel(R) WiDi\Intel(R) WiDi.lnk -> C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Smart Connect Technology.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTControl.exe (Intel Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Profile.lnk -> C:\Program Files (x86)\Dolby Home Theater v4\pcee4e.exe (Dolby Laboratories Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
    Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Absolute Software\Absolute Data Protect.lnk -> C:\Program Files (x86)\Absolute Software\Absolute Reminder\AbsoluteReminder.exe (Absolute Software)
    Shortcut: C:\ProgramData\Lenovo\SystemUpdate\Session\Repository\sushortcutfix01\tvsu_32.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
    Shortcut: C:\ProgramData\Lenovo\SystemUpdate\Session\Repository\sushortcutfix01\tvsu_64.lnk -> C:\Program Files (x86)\Lenovo\System Update\tvsu.exe ()
    Shortcut: C:\Users\arun\Links\Desktop.lnk -> C:\Users\arun\Desktop ()
    Shortcut: C:\Users\arun\Links\Downloads.lnk -> C:\Users\arun\Downloads ()
    Shortcut: C:\Users\arun\Links\SkyDrive.lnk -> C:\Users\arun\SkyDrive ()
    Shortcut: C:\Users\arun\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\arun\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\arun\Documents ()
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LenovoToast.lnk -> C:\ProgramData\NoiseSuppressionTips\LenovoToast.exe ()
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\arun\Pictures ()
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    Shortcut: C:\Users\arun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WinZip.lnk -> C:\Program Files (x86)\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
    Shortcut: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\arun\Documents ()
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo QuickSnip Toasts.lnk -> C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe (Lenovo)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LenovoToast.lnk -> C:\ProgramData\NoiseSuppressionTips\LenovoToast.exe ()
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\arun\Pictures ()
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
    Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
    Shortcut: C:\Users\Public\Desktop\Avast Free Antivirus.lnk -> C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
    Shortcut: C:\Users\Public\Desktop\Lenovo Solution Center.lnk -> C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe ()
    Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
    Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    Shortcut: C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk -> C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe ()
    Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
    Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
    Shortcut: C:\Users\Public\Desktop\WinZip.lnk -> C:\Program Files (x86)\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
    Shortcut: C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo QuickSnip Toasts.lnk -> C:\Program Files\Lenovo\QuickSnipService\QuickSnipInput.exe (Lenovo)
    Shortcut: C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LenovoToast.lnk -> C:\ProgramData\NoiseSuppressionTips\LenovoToast.exe ()




    ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
    ShortcutWithArgument: C:\Users\Administrator\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE (Microsoft Corporation) -> /OEM
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Switchable Graphics.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Dashboard SingleAspectPage LeafName=Leaf_PowerXpress
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo PC Experience.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Advanced Statistics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Advanced Statistics
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Event Viewer.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Event Viewer
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Manual Diagnostics.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Diagnostics
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager\Embedded Lockdown Manager.lnk -> C:\Windows\System32\mmc.exe (Microsoft Corporation) -> "%windir%\system32\EmbeddedLockdown.msc"
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Embedded Lockdown Manager.lnk -> C:\Windows\System32\mmc.exe (Microsoft Corporation) -> "%windir%\system32\EmbeddedLockdown.msc"
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
    ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
    ShortcutWithArgument: C:\ProgramData\Lenovo\LenovoTvtTools\Lenovo PC Experience.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
    ShortcutWithArgument: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk -> C:\Users\arun\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
    ShortcutWithArgument: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk -> C:\Users\arun\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"menu"
    ShortcutWithArgument: C:\Users\arun\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\arun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lenovo PC Experience.lnk -> C:\Windows\System32\Dxpserver.exe (Microsoft Corporation) -> /c
    ShortcutWithArgument: C:\Users\arun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC App Store.lnk -> C:\Users\arun\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"f22abfeae27a67446927d078890381efc546d3e1"
    ShortcutWithArgument: C:\Users\arun\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk -> C:\Users\arun\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) -> /OPEN"menu"
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
    ShortcutWithArgument: C:\Users\arun\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
    ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
    ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


    InternetURL: C:\Users\Administrator\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
    InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> hxxp://support.steampowered.com/
    InternetURL: C:\Users\arun\OneDrive.old\Documents\arun's Notebook.url -> https://skydrive.live.com/redir.aspx?cid=c614cc1750a5832f&resid=C614CC1750A5832F!907&type=3
    InternetURL: C:\Users\arun\OneDrive\Documents\arun's Notebook.url -> https://skydrive.live.com/redir.aspx?cid=c614cc1750a5832f&resid=C614CC1750A5832F!907&type=3
    InternetURL: C:\Users\arun\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\Extent Games.url -> hxxp://www.freeridegames.com/
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\Home.url -> hxxp://www.lenovo.com/welcome/thinkpad
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\Lenovo Cloud Storage by SugarSync.url -> https://www.sugarsync.com/affiliate...tp%:%/%/www.sugarsync.com%/offers%/lenovov1%/
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\My Lenovo Cloud.url -> hxxp://www.mylenovocloud.com/
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\News.url -> hxxp://www.lenovo.com/news/us/en
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\Product Registration.url -> hxxp://www.lenovo.com/register
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\Products.url -> hxxp://www.lenovo.com/products/us/en
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\Services, Software, and Accessories.url -> hxxp://www.lenovo.com/accessories
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\Support and Downloads.url -> hxxp://www.lenovo.com/support
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\The Intel WiMAX website.url -> hxxp://www.intel.com/go/getwimax
    InternetURL: C:\Users\arun\Favorites\Lenovo Recommended Websites\ThinkVantage Technologies.url -> hxxp://www.lenovo.com/thinkvantage
    InternetURL: C:\Users\arun\Desktop\Sid Meier's Civilization V (DirectX 9).url -> steam://rungameid/8930//%5Cdx9
    InternetURL: C:\Users\arun\Desktop\Sid Meier's Civilization V.url -> steam://rungameid/8930
    InternetURL: C:\Users\arun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Sid Meier's Civilization V.url -> steam://rungameid/8930

    ==================== End of log =============================
     
  4. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015 01
    Ran by arun at 2015-01-16 21:10:13
    Running from C:\Users\arun\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
    AMD Catalyst Install Manager (HKLM\...\{097BF68F-8FA2-2E59-6FE1-3684D6A27684}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.58.0 - Conexant)
    Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
    Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{405EF630-AF8C-4A69-9CAF-6D5B8C1C005B}) (Version: 4.1.40.2143 - Intel)
    Intel(R) Update Manager (x32 Version: 1.6.0.56 - Intel Corporation) Hidden
    Intel(R) WiDi (HKLM\...\{AD5700DA-F9C5-432B-9927-F555204E38CE}) (Version: 4.1.52.0 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
    Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.01 - )
    Lenovo Dependency Package (HKLM-x32\...\Lenovo Dependency Package_is1) (Version: 1.5.37.0 - Lenovo Group Limited)
    Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.5.0 - Lenovo)
    Lenovo Fingerprint Manager (HKLM\...\{F7AB2C19-6A27-4C75-A92A-8CC7C59E5FA2}) (Version: 4.5.131.0 - Validity Sensors, Inc.)
    Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
    Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
    Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
    Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 1.10 - Lenovo Group Limited)
    Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.1.3.0 - Lenovo Corporation)
    Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 1.2.5.7 - Lenovo Group Limited)
    Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 1.2.0.80 - Lenovo)
    Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
    Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.02.0018 - Lenovo)
    Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
    Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
    OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    On Screen Display (HKLM\...\OnScreenDisplay) (Version: 7.12.21 - )
    Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.107 - Panda Security)
    PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
    RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 2.1.1.0 - Lenovo)
    Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.13.314.2013 - Realtek)
    Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
    Start Menu (HKU\S-1-5-21-2917679876-1677656169-376132391-1001\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
    Start Menu (HKU\S-1-5-21-2917679876-1677656169-376132391-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Pokki_Start_Menu) (Version: 0.269.5.367 - Pokki)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.80.99066 - SugarSync, Inc.)
    ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.12.68 - )
    ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    Windows Driver Package - Intel Corporation (iaStorA) HDC (04/29/2013 12.5.4.1001) (HKLM\...\64C5B2577D321E8D30DF813803EF008F338A0B1E) (Version: 04/29/2013 12.5.4.1001 - Intel Corporation)
    Windows Driver Package - Lenovo 1.67.00.02 (04/17/2013 1.67.00.02) (HKLM\...\907DA143458FE258EFEB416B946DE8DF2B87A0BA) (Version: 04/17/2013 1.67.00.02 - Lenovo)
    WinZip 19.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E6}) (Version: 19.0.11294 - WinZip Computing, S.L. )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-2917679876-1677656169-376132391-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

    ==================== Restore Points =========================

    16-01-2015 20:27:59 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 17:25 - 2013-08-22 17:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {06D121F5-CE02-45F2-8C1B-4635FA5A4371} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
    Task: {33AA5F7B-DC05-447A-A7D1-3E8EBC4E29C3} - System32\Tasks\Lenovo\LenovoMachineInformation => C:\Program Files\lenovo\SystemAgent\MachineInformation.exe [2013-06-06] ()
    Task: {4CCD01D3-FA88-4A0B-9154-78D5352B91A4} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
    Task: {55219BAB-D888-4A72-A9CA-03CAEF6728B1} - System32\Tasks\Lenovo\LenovoWarrantyChinaTask => C:\Program Files\lenovo\SystemAgent\ChinaWarrantyService.exe [2013-06-06] ()
    Task: {5933F84C-0049-41C1-8578-20E811742452} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
    Task: {759436F7-8555-47CA-8381-ACD424DE8F40} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-13] (Microsoft Corporation)
    Task: {796ACF27-7A7F-4207-8C21-265D8F71044F} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
    Task: {829E7D09-8285-4AA2-B754-D0F4DC0393E4} - System32\Tasks\Lenovo\Run TVSU Once => C:\ProgramData\Lenovo\Updates\TVSUHook.exe [2013-03-28] (Lenovo)
    Task: {8FA91C61-C931-40AD-B8CD-DF326545F567} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
    Task: {949E3861-EC8E-41BC-811B-09486A492337} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-15] (AVAST Software)
    Task: {985F4A64-35C2-4D65-A82D-07DCF01BADF4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
    Task: {A33CFB7E-0512-4331-8AB7-9E6FEF416F91} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-06] (Synaptics Incorporated)
    Task: {AB4EF32E-81A2-4C8A-B488-9C994B40F8D0} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-03-08] (Intel Corporation)
    Task: {B29E4262-1134-48EC-928C-051C2ACC304D} - System32\Tasks\Lenovo\LenovoUserguidesCopy => C:\Program Files\lenovo\SystemAgent\UserguidesCopy.exe [2013-06-06] ()
    Task: {BD8265AE-AD4E-45E2-9B00-B0CBC1402B8E} - System32\Tasks\PMTask => C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe
    Task: {C1DFF57C-2513-4EC4-B7A0-911A5F2EC06B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
    Task: {C6353AA5-DF20-44EC-98A7-976BECFAD749} - System32\Tasks\Lenovo\LenovoDependencyVersionTask => C:\Program Files\lenovo\SystemAgent\DependencyVersion.exe [2013-06-06] ()
    Task: {D0C4E00F-EE0D-49AD-8AC4-F09C2BE58B21} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
    Task: {D3B474A6-CDBB-41B5-BA5F-76DD46BAAEAB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-06-27] ()
    Task: {EF31E6CA-8FAD-499E-9F9A-E1E0FAFB57DC} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-09-06] (Lenovo)
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-03-22 05:47 - 2013-07-17 18:42 - 00104960 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
    2013-03-15 01:42 - 2013-03-15 01:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    2013-03-15 01:42 - 2013-03-15 01:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
    2013-06-22 02:42 - 2013-06-22 02:42 - 00465912 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
    2013-06-22 02:42 - 2013-06-22 02:42 - 00014328 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
    2014-10-03 17:36 - 2014-10-03 17:36 - 00457616 _____ () C:\WINDOWS\system32\igfxTray.exe
    2014-03-22 05:28 - 2010-10-26 08:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
    2015-01-16 17:29 - 2015-01-16 17:29 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011600\algo.dll
    2014-03-22 05:43 - 2014-03-22 05:43 - 00033520 _____ () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
    2014-03-22 05:22 - 2013-05-09 00:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2015-01-15 00:15 - 2015-01-15 00:15 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2015-01-16 20:00 - 2015-01-09 13:05 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
    AlternateDataStreams: C:\Users\arun\OneDrive:ms-properties
    AlternateDataStreams: C:\Users\arun\OneDrive.old:ms-properties
    AlternateDataStreams: C:\Users\arun\Downloads\AdwCleaner.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\avast_free_antivirus_setup_online.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\avg_free_stb_all_2015_5557_cnet.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\Download Volvo The Game.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\Firefox Setup Stub 33.1.1.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\giqc96ww_w8(1).exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\giqc96ww_w8(2).exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\giqc96ww_w8.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\InstallIMVU_509.0_st_c.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\InstallIMVU_513.0_st_c.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\jdk-8u25-windows-x64.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\jxpiinstall(1).exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\jxpiinstall.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\Phoenix-FirestormOS-Releasex64-4-6-7-42398_Setup.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\Second_Life_3_7_15_293376_i686_Setup.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\SteamSetup.exe:BDU
    AlternateDataStreams: C:\Users\arun\Downloads\torbrowser-install-4.0_en-US.exe:BDU

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    HKLM\...\StartupApproved\Run32: => "PWMTRV"

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-2917679876-1677656169-376132391-500 - Administrator - Disabled) => C:\Users\Administrator
    arun (S-1-5-21-2917679876-1677656169-376132391-1001 - Administrator - Enabled) => C:\Users\arun
    Guest (S-1-5-21-2917679876-1677656169-376132391-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2917679876-1677656169-376132391-1005 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================

    System errors:
    =============

    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
    Percentage of memory in use: 66%
    Total physical RAM: 4012 MB
    Available physical RAM: 1359.32 MB
    Total Pagefile: 5420 MB
    Available Pagefile: 2302.05 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.79 MB

    ==================== Drives ================================

    Drive c: (Windows8_OS) (Fixed) (Total:450.99 GB) (Free:405.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 69677AFB)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================
     
  5. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    i am attaching
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.1 (12.28.2014:1)
    OS: Windows 8.1 Pro x64
    Ran by arun on Fri 01/16/2015 at 20:58:18.62
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 01/16/2015 at 21:04:37.47
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  6. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    i have attached adware reports.

    # AdwCleaner v4.107 - Report created 16/01/2015 at 21:43:04
    # Updated 07/01/2015 by Xplode
    # Database : 2015-01-13.2 [Live]
    # Operating System : Windows 8.1 Pro (64 bits)
    # Username : arun - LENOVO-PC
    # Running from : C:\Users\arun\Downloads\AdwCleaner(1).exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Mozilla Firefox v35.0 (x86 en-US)


    *************************

    AdwCleaner[R0].txt - [7526 octets] - [22/11/2014 16:52:40]
    AdwCleaner[R1].txt - [655 octets] - [16/01/2015 21:43:04]
    AdwCleaner[S0].txt - [7071 octets] - [22/11/2014 16:54:56]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [774 octets] ##########
     
  7. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    i am now attaching malwarebytes anti-malware report:
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 1/16/2015
    Scan Time: 9:00:55 PM
    Logfile: mbm report.txt
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2015.01.16.09
    Rootkit Database: v2015.01.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: arun

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 395937
    Time Elapsed: 42 min, 30 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)
     
  8. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
  9. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
  10. valis

    valis Moderator

    Joined:
    Sep 24, 2004
    Messages:
    77,588
    Heyya Phoenix, happy 2015. Let me see if I can flag someone down for you.

    Been good? As in well? Know the answer otherwise my equally opinionated friend. ;)
     
  11. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    yes, I HAD great year and looking forward for blessed year again! I HOPE YOU TOO AND YOUR FAMILY HAVE wonderful year from my side.

    yes i have completely ignored my older rig and now i am using new rig.

    thank you so much

    phoenix:cool:
     
  12. valis

    valis Moderator

    Joined:
    Sep 24, 2004
    Messages:
    77,588
    let's just say I'm glad that 2014 is over....;)

    I've requested that a shield takes a look here, as it would appear to have fallen through the cracks. As usual, if no response in 24, type bump, and we'll go from there.

    Thanks, Phoenix.
     
  13. valis

    valis Moderator

    Joined:
    Sep 24, 2004
    Messages:
    77,588
    in the meantime, try the below, let me know if it helps. Pretty solid little app, good to keep around on a usb key. This is from fellow mod (and shield) JSntgRvr.

    Download AdwCleaner from here. Save the file to the desktop.


    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:
    [​IMG]
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be deleted.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
    [​IMG]
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt
     
  14. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    # AdwCleaner v4.108 - Report created 18/01/2015 at 06:22:24
    # Updated 17/01/2015 by Xplode
    # Database : 2015-01-13.2 [Live]
    # Operating System : Windows 8.1 Pro (64 bits)
    # Username : arun - LENOVO-PC
    # Running from : C:\Users\arun\Desktop\adwcleaner_4.108.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Pokki

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17416


    -\\ Mozilla Firefox v35.0 (x86 en-US)


    *************************

    AdwCleaner[R0].txt - [806 octets] - [18/01/2015 06:20:22]
    AdwCleaner[S0].txt - [691 octets] - [18/01/2015 06:22:24]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [750 octets] ##########
     
  15. PhoenixNEW

    PhoenixNEW Thread Starter

    Joined:
    Oct 30, 2006
    Messages:
    1,688
    i have done some error scan using scannow

    Microsoft Windows [Version 6.3.9600]
    (c) 2013 Microsoft Corporation. All rights reserved.

    C:\Users\arun>sfc /scannow

    Beginning system scan. This process will take some time.

    Beginning verification phase of system scan.
    Verification 100% complete.

    Windows Resource Protection did not find any integrity violations.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1141314

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice