Jump to content

Infected: Onelike.in, onlinehelpdesk.co.in


Recommended Posts

I'm posting here for the first time. Infact I have just created an account here. Going through the old threads here, it really fills me with hope that I can get rid of this virus.

 

I use Firefox. The home page has changed to some "http://www.onlinehelpdesk.co.in/Google/Default.aspx" on it's own.

 

I take good care of my laptop (both software and hardware) and it's really bothering me that I have this threat now. I never click on suspicious links. I gave a pen drive to a friend, got an infected one back, accidentally opened a suspicious file, which later turned out to be a virus.

 

I ran a couple of Anti-Virus scans. Windows Defender did detect this, said will remove after the restart, but still nothing. It still is the same, laggy browsing experience, but lags when opening new applications. I have a i5 third generation, 6 GB RAM, it ran pretty fast. It has slowed down now.

 

Any help would be appreciated. Thank you so much. :)

 

Here's the link to a screenshot: http://postimg.org/image/gedmr5yap/

 

 

post-169897-0-15169900-1406399994_thumb.

Link to post
Share on other sites

Hello,
    

They call me TwinHeadedEagle around here, and I'll be working with you.

    

    
Before we start please read and note the following:
    
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.
icon_arrow.gif Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.
icon_arrow.gif Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
icon_arrow.gif If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
    
icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
 
P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

Link to post
Share on other sites

Hi T,

 

Thanks for the swift reply, really aprpeciate it.

 

1. I have uninstalled uTorrent. But I think I do have cracked softwares of high utility. I would surely remove them if you say so, but if I may ask, if I do not remove them, what repercussions am I looking at?

 

2. The Malwarebytes Anti-Malware link that is in the post is not accessible. It is not opening for me, it says Server not Found. Is there an alternative?

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.

Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

1. For some reason, the wifi on this laptop has stopped working. I'm connected via LAN now.

 

2. Browsing speed on Firefox (the only browser I use) has decreased drastically. A webpage, which used to open in 3-5 seconds is taking atleast 20 seconds now 9with undivided bandwidth). And doesn't even load fully.

 

3. I was reading the forums and had run FRST scan earlier, and accidentally deleted the "Addition.txt" file. I hope it doesn't turn out to be a problem.

 

4. I cannot find the option to attach a file here, I'm really sorry. I'll just copy paste, if that's okay.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Kabir (administrator) on KABIR-PC on 27-07-2014 18:24:31
Running from C:\Users\Kabir\Downloads
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(App Services) C:\ProgramData\Application\ApplicationService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\idmBroker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2877192 2013-12-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-02-01] (Dell Inc.)
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-20] (Logitech, Inc.)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2007392 2014-04-01] (Wondershare)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Application Service] => C:\ProgramData\Application\ApplicationService.exe [50688 2014-07-25] (App Services)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [DellSystemDetect] => C:\Users\Kabir\AppData\Local\Apps\2.0\BXMV6R77.69P\G0B8O4TE.1NO\dell..tion_0f612f649c4a10af_0005.000 (the data entry has 40 more characters).
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3837520 2014-06-22] (Tonec Inc.)
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [Google Update] => C:\Users\Kabir\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-04] (Google Inc.)
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [Application Service] => C:\ProgramData\Application\ApplicationService.exe [50688 2014-07-25] (App Services)
Startup: C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,FirstHomePage = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://onelike.in/google/?ie=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 59.179.243.70 203.94.243.70

FireFox:
========
FF ProfilePath: C:\Users\Kabir\AppData\Roaming\Mozilla\Firefox\Profiles\9ic98b21.default
FF NewTab: hxxp://onelike.in/google/?newtab=
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://onelike.in/google/?keyWord=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Kabir\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Kabir\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kabir\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kabir\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kabir\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kabir\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Adblock Plus - C:\Users\Kabir\AppData\Roaming\Mozilla\Firefox\Profiles\9ic98b21.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-07]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kabir\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Kabir\AppData\Roaming\IDM\idmmzcc5 [2014-06-22]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kabir\AppData\Roaming\IDM\idmmzcc5

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2014-05-24] (Conexant Systems, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-04-22] (ELAN Microelectronics Corp.)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U0 67357244; C:\Windows\System32\drivers\48243764.sys [241248 2014-07-26] (Kaspersky Lab, Yury Parshin)
U0 79057781; C:\Windows\System32\drivers\96475711.sys [241248 2014-07-26] (Kaspersky Lab, Yury Parshin)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-31] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-04-19] (Realsil Semiconductor Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 18:24 - 2014-07-27 18:24 - 00016914 _____ () C:\Users\Kabir\Downloads\FRST.txt
2014-07-27 18:22 - 2014-07-27 18:22 - 02093568 _____ (Farbar) C:\Users\Kabir\Downloads\FRST64.exe
2014-07-27 11:44 - 2014-07-27 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-07-26 08:28 - 2014-07-26 08:28 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\96475711.sys
2014-07-26 08:26 - 2014-07-26 21:31 - 00000000 ____D () C:\Users\Kabir\Downloads\Incomplete Torrents
2014-07-26 00:43 - 2014-07-26 08:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-07-26 00:43 - 2014-07-26 00:43 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\48243764.sys
2014-07-25 23:21 - 2014-07-25 23:22 - 04161313 _____ () C:\Users\Kabir\Downloads\tdsskiller.zip
2014-07-25 23:16 - 2014-07-27 18:24 - 00000000 ____D () C:\FRST
2014-07-25 22:39 - 2014-07-27 18:18 - 00000000 ____D () C:\Users\Kabir\Desktop\Auditions
2014-07-25 22:01 - 2014-07-27 18:23 - 00000088 _____ () C:\Users\Kabir\AppData\Local\nd.am
2014-07-25 22:01 - 2014-07-25 22:02 - 00000000 ____D () C:\ProgramData\Libraries
2014-07-25 22:01 - 2014-07-25 22:01 - 00000240 _____ () C:\Users\Kabir\AppData\Local\cg.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000044 _____ () C:\Users\Kabir\AppData\Local\hd.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000000 ____D () C:\ProgramData\Application
2014-07-25 16:45 - 2014-07-25 18:27 - 00013636 _____ () C:\Users\Kabir\Desktop\Round 2.xlsx
2014-07-25 16:42 - 2014-07-25 16:42 - 00020427 _____ () C:\Users\Kabir\Downloads\Fourth Wall Auditions FINAL.xlsx
2014-07-25 16:39 - 2014-07-25 16:39 - 00015789 _____ () C:\Users\Kabir\Downloads\Auditions 2014.xlsx
2014-07-25 11:25 - 2014-07-25 11:31 - 1286304735 _____ () C:\Users\Kabir\Downloads\Comedy Nights With Kapil - Virat Kohli - Full episode - 20th July 2014 (HD) - YouTube.mp4
2014-07-25 11:25 - 2014-07-25 11:25 - 120651343 _____ () C:\Users\Kabir\Downloads\Update- iGyaan Rants, iGyaan Magazine, Xiaomi Mi3 Give-away and Mega Expansions! - YouTube.mp4
2014-07-25 11:24 - 2014-07-25 11:24 - 82594525 _____ () C:\Users\Kabir\Downloads\Xiaomi Mi3 Benchmarks and Hardware Tests - YouTube.mp4
2014-07-25 11:23 - 2014-07-25 11:23 - 73159542 _____ () C:\Users\Kabir\Downloads\Mary Kom - Official Trailer - Priyanka Chopra in & as Mary Kom - 5th Sept - YouTube_2.mp4
2014-07-25 11:21 - 2014-07-25 11:21 - 14405132 _____ () C:\Users\Kabir\Downloads\Soccer Celebration Fail.mp4
2014-07-24 23:47 - 2014-07-24 23:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Video Talkies
2014-07-24 23:15 - 2014-07-24 23:15 - 00022092 _____ () C:\Users\Kabir\Downloads\[kickass.to]suits.s04e06.hdtv.x264.killers.ettv.torrent
2014-07-24 08:46 - 2014-07-24 08:47 - 06539817 _____ () C:\Users\Kabir\Downloads\Final PPT.pptx
2014-07-23 22:56 - 2014-07-24 21:41 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars Trilogy (The Original Unaltered Trilogy)
2014-07-23 21:02 - 2014-07-26 13:28 - 00000000 ____D () C:\Users\Kabir\Downloads\Database
2014-07-22 23:32 - 2014-07-23 00:02 - 00000000 ____D () C:\Users\Kabir\Downloads\Wall Street Money Never Sleeps (2010)
2014-07-22 23:32 - 2014-07-22 23:55 - 00000000 ____D () C:\Users\Kabir\Downloads\Race 2008 DvDrip x264 AAC Subs
2014-07-22 23:30 - 2014-07-22 23:30 - 00018031 _____ () C:\Users\Kabir\Downloads\[kickass.to]wall.street.money.never.sleeps.2010.720p.brrip.x264.yify.torrent
2014-07-22 23:30 - 2014-07-22 23:30 - 00014852 _____ () C:\Users\Kabir\Downloads\[kickass.to]race.2008.hindi.dvdrip.x264.aac.esub.torrent
2014-07-22 21:50 - 2014-07-22 21:50 - 00000000 ____D () C:\Users\Kabir\Downloads\Fourth Wall Orientation for Freshers
2014-07-22 19:57 - 2014-07-22 22:26 - 00000000 ____D () C:\Users\Kabir\Desktop\Zindagi Na Milegi Dobara 2011 Hindi DvDRip XviD AC5.1 xRG
2014-07-22 19:29 - 2014-07-23 00:02 - 00000000 ____D () C:\Users\Kabir\Downloads\Skyfall 2012 BRRip 720p x264 AAC - PRiSTiNE [P2PDL]
2014-07-22 18:51 - 2014-07-22 18:53 - 1513941945 _____ () C:\Users\Kabir\Downloads\Star Wars original version.mp4
2014-07-22 01:32 - 2014-07-25 01:21 - 00000000 ____D () C:\Users\Kabir\Desktop\New folder (2)
2014-07-21 22:51 - 2014-07-22 00:04 - 29177420 _____ () C:\Users\Kabir\Downloads\Desimpedidos FX #1 - Goal Celebrations FX.mp4
2014-07-21 00:12 - 2014-07-21 00:17 - 05012628 _____ () C:\Users\Kabir\Downloads\Only Fourth Wall (Corrected).pptx
2014-07-20 22:15 - 2014-07-20 22:20 - 18850678 _____ () C:\Users\Kabir\Downloads\Bracket 4-Darkroom Fourth Wall Kriti Verve.pptx
2014-07-20 14:28 - 2014-07-22 18:50 - 00000000 ____D () C:\Users\Kabir\Downloads\All Cheerleaders Die (2013)
2014-07-19 23:29 - 2014-07-19 23:29 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-19 23:29 - 2014-07-19 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 23:29 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-19 23:29 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-19 23:29 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-19 23:29 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-19 21:08 - 2014-07-19 21:08 - 523120145 _____ () C:\Windows\MEMORY.DMP
2014-07-19 21:08 - 2014-07-19 21:08 - 00424384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 21:08 - 2014-07-19 21:08 - 00290928 _____ () C:\Windows\Minidump\071914-46187-01.dmp
2014-07-19 21:08 - 2014-07-19 21:08 - 00000000 ____D () C:\Windows\Minidump
2014-07-15 23:07 - 2014-07-27 17:12 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA.job
2014-07-15 23:07 - 2014-07-26 23:12 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core.job
2014-07-15 23:07 - 2014-07-15 23:07 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA
2014-07-15 23:07 - 2014-07-15 23:07 - 00003492 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core
2014-07-15 22:41 - 2014-07-19 00:54 - 00000000 ____D () C:\Users\Kabir\Desktop\Magazines
2014-07-15 18:36 - 2014-07-15 18:37 - 00002809 _____ () C:\Users\Kabir\Downloads\[kickass.to]time.of.your.life.tackle.time.wasters.and.use.your.energy.to.full.effect.pdf.torrent
2014-07-13 18:45 - 2014-07-16 01:29 - 00000000 ____D () C:\Users\Kabir\Desktop\Semester V
2014-07-13 17:39 - 2014-07-13 17:46 - 00000000 ___RD () C:\Users\Kabir\Downloads\AFF540DC.Unpacker_v7353qx4kg3sa!App
2014-07-13 05:22 - 2014-07-19 15:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Need for Speed (2014)
2014-07-13 05:18 - 2014-07-13 12:00 - 00000000 ____D () C:\Users\Kabir\Downloads\Humpty Sharma Ki Dulhania (2014) [1CD] DVDSCR Rip Xvid Mp3 TeamTNT Exclusive
2014-07-13 01:01 - 2014-07-19 15:58 - 00000000 ____D () C:\Users\Kabir\Downloads\Holiday (2014) DVDScr - 1CD - Xvid - Team IcTv
2014-07-12 00:50 - 2014-07-12 00:52 - 12378192 _____ () C:\Users\Kabir\Downloads\Brasil vs Germany (1-7) Real Match.mp4
2014-07-10 22:11 - 2014-07-12 16:51 - 2836661792 ____R () C:\Users\Kabir\Downloads\fifa.world.cup.2014.semi.final.brazil.vs.germany.720p.hdtv.x264-w4f.mkv
2014-07-10 21:29 - 2014-06-27 02:23 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 21:29 - 2014-06-27 02:23 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 21:26 - 2014-07-10 21:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kabir\Desktop\TDSSKiller.exe
2014-07-09 17:05 - 2014-06-19 07:42 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 17:05 - 2014-06-19 07:41 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 17:05 - 2014-06-19 07:41 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 17:05 - 2014-06-19 07:41 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 17:05 - 2014-06-19 07:39 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 17:05 - 2014-06-19 06:23 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 17:05 - 2014-06-19 06:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 17:05 - 2014-06-19 06:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 17:05 - 2014-06-19 06:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 17:05 - 2014-06-19 03:35 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 16:55 - 2014-06-18 04:57 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 16:55 - 2014-06-18 04:54 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 16:55 - 2014-06-11 09:48 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 16:49 - 2014-07-01 04:12 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 16:49 - 2014-07-01 04:12 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-09 16:49 - 2014-07-01 04:12 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-09 16:49 - 2014-06-28 09:05 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 16:48 - 2014-05-30 05:01 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 16:48 - 2014-05-30 04:33 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 16:48 - 2014-05-30 04:32 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 16:48 - 2014-05-30 04:32 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 16:42 - 2014-06-03 04:03 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 16:16 - 2014-05-30 03:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 16:11 - 2014-06-06 19:36 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 16:11 - 2014-06-06 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-08 15:07 - 2014-07-19 15:54 - 00000000 ____D () C:\Users\Kabir\Downloads\Under the Skin (2013)
2014-07-06 17:47 - 2014-07-09 03:33 - 00000000 ____D () C:\Users\Kabir\Downloads\Bobby Jasoos (2014) 1CD DvDScrRip XviD MP3 Team ExDR
2014-07-05 16:46 - 2014-07-19 23:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-05 16:46 - 2014-07-19 23:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-05 16:46 - 2014-07-05 16:46 - 00000000 ____D () C:\ProgramData\Sun
2014-07-04 18:40 - 2014-07-04 18:44 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-07-04 17:39 - 2013-07-20 03:43 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-04 17:39 - 2013-07-20 03:43 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-03 21:12 - 2014-07-03 21:21 - 00000000 ____D () C:\Users\Kabir\Downloads\Don_Bradman_Cricket_14-FLT
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-03 20:44 - 2014-07-03 20:44 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-03 20:43 - 2014-07-03 20:43 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-03 20:32 - 2012-07-06 07:32 - 01166440 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-03 20:32 - 2012-07-06 07:32 - 00778856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-07-03 20:32 - 2012-07-06 07:32 - 00035400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-07-03 20:32 - 2012-07-06 07:32 - 00035400 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-07-03 18:24 - 2014-07-04 23:45 - 00000000 ____D () C:\Users\Kabir\Downloads\American Psycho [uncut Version].2000.BRRip.x264-VLiS
2014-07-03 16:36 - 2014-07-03 16:36 - 00000000 ____D () C:\Users\Kabir\Documents\OneNote Notebooks
2014-07-03 16:13 - 2014-07-03 16:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Adobe
2014-07-03 16:07 - 2014-07-03 16:07 - 00001107 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2014-07-03 16:07 - 2014-07-03 16:07 - 00000975 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent.lnk
2014-07-03 13:56 - 2014-07-04 23:36 - 00000000 ____D () C:\Users\Kabir\Downloads\Gun Woman (2014) [1080p]
2014-07-03 13:11 - 2014-07-03 13:11 - 00000000 ____D () C:\Users\Kabir\Downloads\MotioninJoy Version 0.7.1001 (DS3 Tool)
2014-07-02 22:32 - 2014-07-02 22:32 - 00005813 _____ () C:\Users\Kabir\Downloads\[kickass.to]motioninjoy.version.0.7.1001.ds3.tool.mu.torrent
2014-07-02 21:36 - 2014-07-02 22:08 - 00000000 ____D () C:\Users\Kabir\Downloads\Xpadder-v2014.01.01-Retail-CRD
2014-07-02 18:13 - 2014-07-02 18:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\WSHelper
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\WinRAR
2014-07-01 19:13 - 2014-07-25 22:58 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-01 19:12 - 2014-07-01 19:13 - 01913936 _____ () C:\Users\Kabir\Downloads\winrar-x64-510.exe
2014-07-01 01:17 - 2014-07-01 19:09 - 00000000 ____D () C:\Users\Kabir\Downloads\E.T The Extra Terrestrial (1982)
2014-07-01 01:10 - 2014-07-01 01:17 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars I, II, III, IV, V, VI
2014-06-30 19:24 - 2014-07-26 00:46 - 00000000 ____D () C:\Users\Kabir\Desktop\Wondershare PDF Editor & OCR Plugin 3.9.0.9
2014-06-30 19:23 - 2014-06-30 19:23 - 00022715 _____ () C:\Users\Kabir\Downloads\[kickass.to]wondershare.pdf.editor.ocr.plugin.3.9.0.9.torrent
2014-06-30 19:11 - 2014-06-30 19:11 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Wondershare
2014-06-30 19:10 - 2014-06-30 19:11 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\Wondershare
2014-06-28 19:44 - 2014-07-19 15:52 - 00000000 ____D () C:\Users\Kabir\Downloads\Hannibal.Rising[2007]UNRATED.720p[Eng.Rus]-Junoon
2014-06-28 17:49 - 2014-07-20 14:41 - 00000000 ____D () C:\Users\Kabir\Downloads\Red Dragon (2002)
2014-06-28 15:45 - 2014-07-19 15:54 - 00000000 ____D () C:\Users\Kabir\Downloads\Boogie Nights (1997)
2014-06-28 12:15 - 2014-06-28 15:55 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 18:24 - 2014-07-27 18:24 - 00016914 _____ () C:\Users\Kabir\Downloads\FRST.txt
2014-07-27 18:24 - 2014-07-25 23:16 - 00000000 ____D () C:\FRST
2014-07-27 18:23 - 2014-07-25 22:01 - 00000088 _____ () C:\Users\Kabir\AppData\Local\nd.am
2014-07-27 18:23 - 2014-04-22 23:08 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Google
2014-07-27 18:23 - 2014-04-22 23:08 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-27 18:22 - 2014-07-27 18:22 - 02093568 _____ (Farbar) C:\Users\Kabir\Downloads\FRST64.exe
2014-07-27 18:18 - 2014-07-25 22:39 - 00000000 ____D () C:\Users\Kabir\Desktop\Auditions
2014-07-27 18:16 - 2012-07-26 12:58 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 17:30 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\sru
2014-07-27 17:20 - 2014-04-19 20:29 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\vlc
2014-07-27 17:12 - 2014-07-15 23:07 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA.job
2014-07-27 12:14 - 2014-04-18 16:56 - 01784402 _____ () C:\Windows\WindowsUpdate.log
2014-07-27 11:44 - 2014-07-27 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-07-27 11:44 - 2014-06-22 09:49 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\DMCache
2014-07-27 09:25 - 2014-06-09 15:35 - 00000000 ___RD () C:\Users\Kabir\Desktop\PwC Kabir
2014-07-27 01:39 - 2014-04-19 19:52 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\uTorrent
2014-07-27 00:23 - 2014-04-22 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-26 23:12 - 2014-07-15 23:07 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core.job
2014-07-26 21:31 - 2014-07-26 08:26 - 00000000 ____D () C:\Users\Kabir\Downloads\Incomplete Torrents
2014-07-26 13:28 - 2014-07-23 21:02 - 00000000 ____D () C:\Users\Kabir\Downloads\Database
2014-07-26 08:28 - 2014-07-26 08:28 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\96475711.sys
2014-07-26 08:28 - 2014-07-26 00:43 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-07-26 00:46 - 2014-06-30 19:24 - 00000000 ____D () C:\Users\Kabir\Desktop\Wondershare PDF Editor & OCR Plugin 3.9.0.9
2014-07-26 00:43 - 2014-07-26 00:43 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\48243764.sys
2014-07-25 23:22 - 2014-07-25 23:21 - 04161313 _____ () C:\Users\Kabir\Downloads\tdsskiller.zip
2014-07-25 22:58 - 2014-07-01 19:13 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-25 22:02 - 2014-07-25 22:01 - 00000000 ____D () C:\ProgramData\Libraries
2014-07-25 22:01 - 2014-07-25 22:01 - 00000240 _____ () C:\Users\Kabir\AppData\Local\cg.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000044 _____ () C:\Users\Kabir\AppData\Local\hd.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000000 ____D () C:\ProgramData\Application
2014-07-25 18:27 - 2014-07-25 16:45 - 00013636 _____ () C:\Users\Kabir\Desktop\Round 2.xlsx
2014-07-25 16:42 - 2014-07-25 16:42 - 00020427 _____ () C:\Users\Kabir\Downloads\Fourth Wall Auditions FINAL.xlsx
2014-07-25 16:42 - 2014-04-18 16:56 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Packages
2014-07-25 16:39 - 2014-07-25 16:39 - 00015789 _____ () C:\Users\Kabir\Downloads\Auditions 2014.xlsx
2014-07-25 13:34 - 2012-07-26 12:51 - 00029043 _____ () C:\Windows\setupact.log
2014-07-25 12:54 - 2014-04-23 01:26 - 00454144 ___SH () C:\Users\Kabir\Desktop\Thumbs.db
2014-07-25 11:31 - 2014-07-25 11:25 - 1286304735 _____ () C:\Users\Kabir\Downloads\Comedy Nights With Kapil - Virat Kohli - Full episode - 20th July 2014 (HD) - YouTube.mp4
2014-07-25 11:25 - 2014-07-25 11:25 - 120651343 _____ () C:\Users\Kabir\Downloads\Update- iGyaan Rants, iGyaan Magazine, Xiaomi Mi3 Give-away and Mega Expansions! - YouTube.mp4
2014-07-25 11:24 - 2014-07-25 11:24 - 82594525 _____ () C:\Users\Kabir\Downloads\Xiaomi Mi3 Benchmarks and Hardware Tests - YouTube.mp4
2014-07-25 11:23 - 2014-07-25 11:23 - 73159542 _____ () C:\Users\Kabir\Downloads\Mary Kom - Official Trailer - Priyanka Chopra in & as Mary Kom - 5th Sept - YouTube_2.mp4
2014-07-25 11:21 - 2014-07-25 11:21 - 14405132 _____ () C:\Users\Kabir\Downloads\Soccer Celebration Fail.mp4
2014-07-25 01:21 - 2014-07-22 01:32 - 00000000 ____D () C:\Users\Kabir\Desktop\New folder (2)
2014-07-24 23:47 - 2014-07-24 23:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Video Talkies
2014-07-24 23:15 - 2014-07-24 23:15 - 00022092 _____ () C:\Users\Kabir\Downloads\[kickass.to]suits.s04e06.hdtv.x264.killers.ettv.torrent
2014-07-24 21:41 - 2014-07-23 22:56 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars Trilogy (The Original Unaltered Trilogy)
2014-07-24 08:47 - 2014-07-24 08:46 - 06539817 _____ () C:\Users\Kabir\Downloads\Final PPT.pptx
2014-07-23 19:36 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-23 00:02 - 2014-07-22 23:32 - 00000000 ____D () C:\Users\Kabir\Downloads\Wall Street Money Never Sleeps (2010)
2014-07-23 00:02 - 2014-07-22 19:29 - 00000000 ____D () C:\Users\Kabir\Downloads\Skyfall 2012 BRRip 720p x264 AAC - PRiSTiNE [P2PDL]
2014-07-22 23:55 - 2014-07-22 23:32 - 00000000 ____D () C:\Users\Kabir\Downloads\Race 2008 DvDrip x264 AAC Subs
2014-07-22 23:30 - 2014-07-22 23:30 - 00018031 _____ () C:\Users\Kabir\Downloads\[kickass.to]wall.street.money.never.sleeps.2010.720p.brrip.x264.yify.torrent
2014-07-22 23:30 - 2014-07-22 23:30 - 00014852 _____ () C:\Users\Kabir\Downloads\[kickass.to]race.2008.hindi.dvdrip.x264.aac.esub.torrent
2014-07-22 22:44 - 2014-04-23 20:15 - 00268800 ___SH () C:\Users\Kabir\Downloads\Thumbs.db
2014-07-22 22:26 - 2014-07-22 19:57 - 00000000 ____D () C:\Users\Kabir\Desktop\Zindagi Na Milegi Dobara 2011 Hindi DvDRip XviD AC5.1 xRG
2014-07-22 21:50 - 2014-07-22 21:50 - 00000000 ____D () C:\Users\Kabir\Downloads\Fourth Wall Orientation for Freshers
2014-07-22 21:48 - 2014-03-02 18:53 - 00000000 ____D () C:\Users\Kabir\Documents\Virtua Tennis 4
2014-07-22 21:39 - 2014-06-22 20:59 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\IDM
2014-07-22 18:53 - 2014-07-22 18:51 - 1513941945 _____ () C:\Users\Kabir\Downloads\Star Wars original version.mp4
2014-07-22 18:50 - 2014-07-20 14:28 - 00000000 ____D () C:\Users\Kabir\Downloads\All Cheerleaders Die (2013)
2014-07-22 00:04 - 2014-07-21 22:51 - 29177420 _____ () C:\Users\Kabir\Downloads\Desimpedidos FX #1 - Goal Celebrations FX.mp4
2014-07-21 00:17 - 2014-07-21 00:12 - 05012628 _____ () C:\Users\Kabir\Downloads\Only Fourth Wall (Corrected).pptx
2014-07-20 22:20 - 2014-07-20 22:15 - 18850678 _____ () C:\Users\Kabir\Downloads\Bracket 4-Darkroom Fourth Wall Kriti Verve.pptx
2014-07-20 14:51 - 2014-04-24 15:11 - 00000000 ____D () C:\Users\Kabir\Downloads\Zew
2014-07-20 14:41 - 2014-06-28 17:49 - 00000000 ____D () C:\Users\Kabir\Downloads\Red Dragon (2002)
2014-07-19 23:29 - 2014-07-19 23:29 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-19 23:29 - 2014-07-19 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 23:29 - 2014-07-05 16:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-19 23:29 - 2014-07-05 16:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-19 21:09 - 2012-07-26 12:52 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-19 21:08 - 2014-07-19 21:08 - 523120145 _____ () C:\Windows\MEMORY.DMP
2014-07-19 21:08 - 2014-07-19 21:08 - 00424384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 21:08 - 2014-07-19 21:08 - 00290928 _____ () C:\Windows\Minidump\071914-46187-01.dmp
2014-07-19 21:08 - 2014-07-19 21:08 - 00000000 ____D () C:\Windows\Minidump
2014-07-19 15:58 - 2014-07-13 01:01 - 00000000 ____D () C:\Users\Kabir\Downloads\Holiday (2014) DVDScr - 1CD - Xvid - Team IcTv
2014-07-19 15:56 - 2014-04-12 14:49 - 00000000 ____D () C:\Users\Kabir\Downloads\The Best Offer (2013)
2014-07-19 15:54 - 2014-07-08 15:07 - 00000000 ____D () C:\Users\Kabir\Downloads\Under the Skin (2013)
2014-07-19 15:54 - 2014-06-28 15:45 - 00000000 ____D () C:\Users\Kabir\Downloads\Boogie Nights (1997)
2014-07-19 15:52 - 2014-06-28 19:44 - 00000000 ____D () C:\Users\Kabir\Downloads\Hannibal.Rising[2007]UNRATED.720p[Eng.Rus]-Junoon
2014-07-19 15:47 - 2014-07-13 05:22 - 00000000 ____D () C:\Users\Kabir\Downloads\Need for Speed (2014)
2014-07-19 00:54 - 2014-07-15 22:41 - 00000000 ____D () C:\Users\Kabir\Desktop\Magazines
2014-07-16 02:13 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-16 01:29 - 2014-07-13 18:45 - 00000000 ____D () C:\Users\Kabir\Desktop\Semester V
2014-07-15 23:08 - 2014-04-19 20:05 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\Mozilla
2014-07-15 23:07 - 2014-07-15 23:07 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA
2014-07-15 23:07 - 2014-07-15 23:07 - 00003492 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core
2014-07-15 18:37 - 2014-07-15 18:36 - 00002809 _____ () C:\Users\Kabir\Downloads\[kickass.to]time.of.your.life.tackle.time.wasters.and.use.your.energy.to.full.effect.pdf.torrent
2014-07-14 21:08 - 2014-04-18 17:04 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2386249659-1010326145-3195725929-1001
2014-07-14 20:53 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-13 17:46 - 2014-07-13 17:39 - 00000000 ___RD () C:\Users\Kabir\Downloads\AFF540DC.Unpacker_v7353qx4kg3sa!App
2014-07-13 12:00 - 2014-07-13 05:18 - 00000000 ____D () C:\Users\Kabir\Downloads\Humpty Sharma Ki Dulhania (2014) [1CD] DVDSCR Rip Xvid Mp3 TeamTNT Exclusive
2014-07-12 23:08 - 2014-04-24 18:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-12 23:08 - 2014-04-24 18:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 16:51 - 2014-07-10 22:11 - 2836661792 ____R () C:\Users\Kabir\Downloads\fifa.world.cup.2014.semi.final.brazil.vs.germany.720p.hdtv.x264-w4f.mkv
2014-07-12 00:52 - 2014-07-12 00:50 - 12378192 _____ () C:\Users\Kabir\Downloads\Brasil vs Germany (1-7) Real Match.mp4
2014-07-11 22:54 - 2012-10-12 00:27 - 00000000 ____D () C:\Users\Kabir\Desktop\DHRUV NARULA
2014-07-11 22:05 - 2014-04-24 18:41 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Microsoft Help
2014-07-11 21:20 - 2014-06-07 16:06 - 00000000 ____D () C:\Users\Kabir\Downloads\PwC
2014-07-11 03:02 - 2014-07-19 23:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-19 23:29 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-19 23:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-19 23:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 22:25 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\rescache
2014-07-10 21:27 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-10 21:26 - 2014-07-10 21:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 21:26 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 21:26 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 21:26 - 2012-07-26 13:22 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 21:25 - 2012-07-26 13:29 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kabir\Desktop\TDSSKiller.exe
2014-07-09 17:49 - 2014-04-19 00:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:48 - 2014-04-19 00:45 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 03:33 - 2014-07-06 17:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Bobby Jasoos (2014) 1CD DvDScrRip XviD MP3 Team ExDR
2014-07-08 15:39 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-08 14:39 - 2014-06-02 23:16 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-07-08 14:39 - 2014-06-02 23:16 - 00001256 _____ () C:\Windows\LkmdfCoInst.log
2014-07-07 00:49 - 2014-05-21 01:42 - 00000000 ____D () C:\Users\Kabir\Downloads\Anna (2013)
2014-07-06 12:47 - 2014-04-19 05:13 - 00034326 _____ () C:\Windows\PFRO.log
2014-07-05 16:46 - 2014-07-05 16:46 - 00000000 ____D () C:\ProgramData\Sun
2014-07-04 23:45 - 2014-07-03 18:24 - 00000000 ____D () C:\Users\Kabir\Downloads\American Psycho [uncut Version].2000.BRRip.x264-VLiS
2014-07-04 23:36 - 2014-07-03 13:56 - 00000000 ____D () C:\Users\Kabir\Downloads\Gun Woman (2014) [1080p]
2014-07-04 18:44 - 2014-07-04 18:40 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-07-03 22:05 - 2014-04-24 19:08 - 00000000 ____D () C:\Windows\AutoKMS
2014-07-03 21:21 - 2014-07-03 21:12 - 00000000 ____D () C:\Users\Kabir\Downloads\Don_Bradman_Cricket_14-FLT
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-03 20:44 - 2014-07-03 20:44 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-03 20:43 - 2014-07-03 20:43 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-03 17:29 - 2014-06-12 19:56 - 00000000 ____D () C:\Users\Kabir\Downloads\Enemy (2013)
2014-07-03 17:09 - 2014-04-12 14:46 - 00000000 ____D () C:\Users\Kabir\Downloads\Prisoners (2013)
2014-07-03 16:36 - 2014-07-03 16:36 - 00000000 ____D () C:\Users\Kabir\Documents\OneNote Notebooks
2014-07-03 16:13 - 2014-07-03 16:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Adobe
2014-07-03 16:07 - 2014-07-03 16:07 - 00001107 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2014-07-03 16:07 - 2014-07-03 16:07 - 00000975 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent.lnk
2014-07-03 13:11 - 2014-07-03 13:11 - 00000000 ____D () C:\Users\Kabir\Downloads\MotioninJoy Version 0.7.1001 (DS3 Tool)
2014-07-03 13:04 - 2014-04-24 21:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-03 12:28 - 2012-07-26 13:42 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-02 22:32 - 2014-07-02 22:32 - 00005813 _____ () C:\Users\Kabir\Downloads\[kickass.to]motioninjoy.version.0.7.1001.ds3.tool.mu.torrent
2014-07-02 22:08 - 2014-07-02 21:36 - 00000000 ____D () C:\Users\Kabir\Downloads\Xpadder-v2014.01.01-Retail-CRD
2014-07-02 18:13 - 2014-07-02 18:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\WSHelper
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\WinRAR
2014-07-01 19:13 - 2014-07-01 19:12 - 01913936 _____ () C:\Users\Kabir\Downloads\winrar-x64-510.exe
2014-07-01 19:09 - 2014-07-01 01:17 - 00000000 ____D () C:\Users\Kabir\Downloads\E.T The Extra Terrestrial (1982)
2014-07-01 04:12 - 2014-07-09 16:49 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 04:12 - 2014-07-09 16:49 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 04:12 - 2014-07-09 16:49 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-01 01:17 - 2014-07-01 01:10 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars I, II, III, IV, V, VI
2014-06-30 19:23 - 2014-06-30 19:23 - 00022715 _____ () C:\Users\Kabir\Downloads\[kickass.to]wondershare.pdf.editor.ocr.plugin.3.9.0.9.torrent
2014-06-30 19:11 - 2014-06-30 19:11 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Wondershare
2014-06-30 19:11 - 2014-06-30 19:10 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\Wondershare
2014-06-28 15:55 - 2014-06-28 12:15 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-28 14:21 - 2014-04-28 22:02 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-28 14:21 - 2014-04-28 22:02 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-28 09:05 - 2014-07-09 16:49 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 02:23 - 2014-07-10 21:29 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-27 02:23 - 2014-07-10 21:29 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Kabir\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Kabir\AppData\Local\Temp\{410E5D48-3CC8-4B70-9921-9A29DBACA787}.exe
C:\Users\Kabir\AppData\Local\Temp\{E05DB55C-3B0E-4308-B02F-5478BB7057B7}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 13:21

==================== End Of Log ============================

Link to post
Share on other sites

I just noticed I had run FRST from the 'Downloads' folder. Here's from the Desktop, if it makes a difference.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Kabir (administrator) on KABIR-PC on 27-07-2014 18:32:42
Running from C:\Users\Kabir\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(App Services) C:\ProgramData\Application\ApplicationService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2877192 2013-12-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-02-01] (Dell Inc.)
HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-20] (Logitech, Inc.)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2007392 2014-04-01] (Wondershare)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Application Service] => C:\ProgramData\Application\ApplicationService.exe [50688 2014-07-25] (App Services)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [DellSystemDetect] => C:\Users\Kabir\AppData\Local\Apps\2.0\BXMV6R77.69P\G0B8O4TE.1NO\dell..tion_0f612f649c4a10af_0005.000 (the data entry has 40 more characters).
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [iDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3837520 2014-06-22] (Tonec Inc.)
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [Google Update] => C:\Users\Kabir\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-04] (Google Inc.)
HKU\S-1-5-21-2386249659-1010326145-3195725929-1001\...\Run: [Application Service] => C:\ProgramData\Application\ApplicationService.exe [50688 2014-07-25] (App Services)
Startup: C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,FirstHomePage = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://onelike.in/google/?ie=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://onelike.in/google/?ie=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 59.179.243.70 203.94.243.70

FireFox:
========
FF ProfilePath: C:\Users\Kabir\AppData\Roaming\Mozilla\Firefox\Profiles\9ic98b21.default
FF NewTab: hxxp://onelike.in/google/?newtab=
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://onelike.in/google/?keyWord=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Kabir\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Kabir\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Kabir\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Kabir\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kabir\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kabir\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Adblock Plus - C:\Users\Kabir\AppData\Roaming\Mozilla\Firefox\Profiles\9ic98b21.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-05]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-07]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kabir\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Kabir\AppData\Roaming\IDM\idmmzcc5 [2014-06-22]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kabir\AppData\Roaming\IDM\idmmzcc5

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2014-05-24] (Conexant Systems, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-04-22] (ELAN Microelectronics Corp.)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U0 67357244; C:\Windows\System32\drivers\48243764.sys [241248 2014-07-26] (Kaspersky Lab, Yury Parshin)
U0 79057781; C:\Windows\System32\drivers\96475711.sys [241248 2014-07-26] (Kaspersky Lab, Yury Parshin)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-31] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-04-19] (Realsil Semiconductor Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 18:32 - 2014-07-27 18:32 - 00016610 _____ () C:\Users\Kabir\Desktop\FRST.txt
2014-07-27 18:24 - 2014-07-27 18:24 - 00053782 _____ () C:\Users\Kabir\Downloads\FRST.txt
2014-07-27 18:22 - 2014-07-27 18:22 - 02093568 _____ (Farbar) C:\Users\Kabir\Desktop\FRST64.exe
2014-07-27 11:44 - 2014-07-27 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-07-26 08:28 - 2014-07-26 08:28 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\96475711.sys
2014-07-26 08:26 - 2014-07-26 21:31 - 00000000 ____D () C:\Users\Kabir\Downloads\Incomplete Torrents
2014-07-26 00:43 - 2014-07-26 08:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-07-26 00:43 - 2014-07-26 00:43 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\48243764.sys
2014-07-25 23:21 - 2014-07-25 23:22 - 04161313 _____ () C:\Users\Kabir\Downloads\tdsskiller.zip
2014-07-25 23:16 - 2014-07-27 18:32 - 00000000 ____D () C:\FRST
2014-07-25 22:39 - 2014-07-27 18:18 - 00000000 ____D () C:\Users\Kabir\Desktop\Auditions
2014-07-25 22:01 - 2014-07-27 18:31 - 00000088 _____ () C:\Users\Kabir\AppData\Local\nd.am
2014-07-25 22:01 - 2014-07-25 22:02 - 00000000 ____D () C:\ProgramData\Libraries
2014-07-25 22:01 - 2014-07-25 22:01 - 00000240 _____ () C:\Users\Kabir\AppData\Local\cg.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000044 _____ () C:\Users\Kabir\AppData\Local\hd.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000000 ____D () C:\ProgramData\Application
2014-07-25 16:45 - 2014-07-25 18:27 - 00013636 _____ () C:\Users\Kabir\Desktop\Round 2.xlsx
2014-07-25 16:42 - 2014-07-25 16:42 - 00020427 _____ () C:\Users\Kabir\Downloads\Fourth Wall Auditions FINAL.xlsx
2014-07-25 16:39 - 2014-07-25 16:39 - 00015789 _____ () C:\Users\Kabir\Downloads\Auditions 2014.xlsx
2014-07-25 11:25 - 2014-07-25 11:31 - 1286304735 _____ () C:\Users\Kabir\Downloads\Comedy Nights With Kapil - Virat Kohli - Full episode - 20th July 2014 (HD) - YouTube.mp4
2014-07-25 11:25 - 2014-07-25 11:25 - 120651343 _____ () C:\Users\Kabir\Downloads\Update- iGyaan Rants, iGyaan Magazine, Xiaomi Mi3 Give-away and Mega Expansions! - YouTube.mp4
2014-07-25 11:24 - 2014-07-25 11:24 - 82594525 _____ () C:\Users\Kabir\Downloads\Xiaomi Mi3 Benchmarks and Hardware Tests - YouTube.mp4
2014-07-25 11:23 - 2014-07-25 11:23 - 73159542 _____ () C:\Users\Kabir\Downloads\Mary Kom - Official Trailer - Priyanka Chopra in & as Mary Kom - 5th Sept - YouTube_2.mp4
2014-07-25 11:21 - 2014-07-25 11:21 - 14405132 _____ () C:\Users\Kabir\Downloads\Soccer Celebration Fail.mp4
2014-07-24 23:47 - 2014-07-24 23:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Video Talkies
2014-07-24 23:15 - 2014-07-24 23:15 - 00022092 _____ () C:\Users\Kabir\Downloads\[kickass.to]suits.s04e06.hdtv.x264.killers.ettv.torrent
2014-07-24 08:46 - 2014-07-24 08:47 - 06539817 _____ () C:\Users\Kabir\Downloads\Final PPT.pptx
2014-07-23 22:56 - 2014-07-24 21:41 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars Trilogy (The Original Unaltered Trilogy)
2014-07-23 21:02 - 2014-07-26 13:28 - 00000000 ____D () C:\Users\Kabir\Downloads\Database
2014-07-22 23:32 - 2014-07-23 00:02 - 00000000 ____D () C:\Users\Kabir\Downloads\Wall Street Money Never Sleeps (2010)
2014-07-22 23:32 - 2014-07-22 23:55 - 00000000 ____D () C:\Users\Kabir\Downloads\Race 2008 DvDrip x264 AAC Subs
2014-07-22 23:30 - 2014-07-22 23:30 - 00018031 _____ () C:\Users\Kabir\Downloads\[kickass.to]wall.street.money.never.sleeps.2010.720p.brrip.x264.yify.torrent
2014-07-22 23:30 - 2014-07-22 23:30 - 00014852 _____ () C:\Users\Kabir\Downloads\[kickass.to]race.2008.hindi.dvdrip.x264.aac.esub.torrent
2014-07-22 21:50 - 2014-07-22 21:50 - 00000000 ____D () C:\Users\Kabir\Downloads\Fourth Wall Orientation for Freshers
2014-07-22 19:57 - 2014-07-22 22:26 - 00000000 ____D () C:\Users\Kabir\Desktop\Zindagi Na Milegi Dobara 2011 Hindi DvDRip XviD AC5.1 xRG
2014-07-22 19:29 - 2014-07-23 00:02 - 00000000 ____D () C:\Users\Kabir\Downloads\Skyfall 2012 BRRip 720p x264 AAC - PRiSTiNE [P2PDL]
2014-07-22 18:51 - 2014-07-22 18:53 - 1513941945 _____ () C:\Users\Kabir\Downloads\Star Wars original version.mp4
2014-07-22 01:32 - 2014-07-25 01:21 - 00000000 ____D () C:\Users\Kabir\Desktop\New folder (2)
2014-07-21 22:51 - 2014-07-22 00:04 - 29177420 _____ () C:\Users\Kabir\Downloads\Desimpedidos FX #1 - Goal Celebrations FX.mp4
2014-07-21 00:12 - 2014-07-21 00:17 - 05012628 _____ () C:\Users\Kabir\Downloads\Only Fourth Wall (Corrected).pptx
2014-07-20 22:15 - 2014-07-20 22:20 - 18850678 _____ () C:\Users\Kabir\Downloads\Bracket 4-Darkroom Fourth Wall Kriti Verve.pptx
2014-07-20 14:28 - 2014-07-22 18:50 - 00000000 ____D () C:\Users\Kabir\Downloads\All Cheerleaders Die (2013)
2014-07-19 23:29 - 2014-07-19 23:29 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-19 23:29 - 2014-07-19 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 23:29 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-19 23:29 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-19 23:29 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-19 23:29 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-19 21:08 - 2014-07-19 21:08 - 523120145 _____ () C:\Windows\MEMORY.DMP
2014-07-19 21:08 - 2014-07-19 21:08 - 00424384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 21:08 - 2014-07-19 21:08 - 00290928 _____ () C:\Windows\Minidump\071914-46187-01.dmp
2014-07-19 21:08 - 2014-07-19 21:08 - 00000000 ____D () C:\Windows\Minidump
2014-07-15 23:07 - 2014-07-27 17:12 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA.job
2014-07-15 23:07 - 2014-07-26 23:12 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core.job
2014-07-15 23:07 - 2014-07-15 23:07 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA
2014-07-15 23:07 - 2014-07-15 23:07 - 00003492 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core
2014-07-15 22:41 - 2014-07-19 00:54 - 00000000 ____D () C:\Users\Kabir\Desktop\Magazines
2014-07-15 18:36 - 2014-07-15 18:37 - 00002809 _____ () C:\Users\Kabir\Downloads\[kickass.to]time.of.your.life.tackle.time.wasters.and.use.your.energy.to.full.effect.pdf.torrent
2014-07-13 18:45 - 2014-07-16 01:29 - 00000000 ____D () C:\Users\Kabir\Desktop\Semester V
2014-07-13 17:39 - 2014-07-13 17:46 - 00000000 ___RD () C:\Users\Kabir\Downloads\AFF540DC.Unpacker_v7353qx4kg3sa!App
2014-07-13 05:22 - 2014-07-19 15:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Need for Speed (2014)
2014-07-13 05:18 - 2014-07-13 12:00 - 00000000 ____D () C:\Users\Kabir\Downloads\Humpty Sharma Ki Dulhania (2014) [1CD] DVDSCR Rip Xvid Mp3 TeamTNT Exclusive
2014-07-13 01:01 - 2014-07-19 15:58 - 00000000 ____D () C:\Users\Kabir\Downloads\Holiday (2014) DVDScr - 1CD - Xvid - Team IcTv
2014-07-12 00:50 - 2014-07-12 00:52 - 12378192 _____ () C:\Users\Kabir\Downloads\Brasil vs Germany (1-7) Real Match.mp4
2014-07-10 22:11 - 2014-07-12 16:51 - 2836661792 ____R () C:\Users\Kabir\Downloads\fifa.world.cup.2014.semi.final.brazil.vs.germany.720p.hdtv.x264-w4f.mkv
2014-07-10 21:29 - 2014-06-27 02:23 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 21:29 - 2014-06-27 02:23 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 21:26 - 2014-07-10 21:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kabir\Desktop\TDSSKiller.exe
2014-07-09 17:05 - 2014-06-19 07:42 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 17:05 - 2014-06-19 07:42 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 17:05 - 2014-06-19 07:41 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 17:05 - 2014-06-19 07:41 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 17:05 - 2014-06-19 07:41 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 17:05 - 2014-06-19 07:40 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 17:05 - 2014-06-19 07:39 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 17:05 - 2014-06-19 06:23 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 17:05 - 2014-06-19 06:23 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 17:05 - 2014-06-19 06:22 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 17:05 - 2014-06-19 06:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 17:05 - 2014-06-19 06:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 17:05 - 2014-06-19 06:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 17:05 - 2014-06-19 03:35 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 16:55 - 2014-06-18 04:57 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 16:55 - 2014-06-18 04:54 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 16:55 - 2014-06-11 09:48 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 16:49 - 2014-07-01 04:12 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 16:49 - 2014-07-01 04:12 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-09 16:49 - 2014-07-01 04:12 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-09 16:49 - 2014-06-28 09:05 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 16:48 - 2014-05-30 05:01 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 16:48 - 2014-05-30 04:33 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 16:48 - 2014-05-30 04:32 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 16:48 - 2014-05-30 04:32 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 16:42 - 2014-06-03 04:03 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 16:16 - 2014-05-30 03:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 16:11 - 2014-06-06 19:36 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 16:11 - 2014-06-06 15:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-08 15:07 - 2014-07-19 15:54 - 00000000 ____D () C:\Users\Kabir\Downloads\Under the Skin (2013)
2014-07-06 17:47 - 2014-07-09 03:33 - 00000000 ____D () C:\Users\Kabir\Downloads\Bobby Jasoos (2014) 1CD DvDScrRip XviD MP3 Team ExDR
2014-07-05 16:46 - 2014-07-19 23:29 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-05 16:46 - 2014-07-19 23:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-05 16:46 - 2014-07-05 16:46 - 00000000 ____D () C:\ProgramData\Sun
2014-07-04 18:40 - 2014-07-04 18:44 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-07-04 17:39 - 2013-07-20 03:43 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-04 17:39 - 2013-07-20 03:43 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-03 21:12 - 2014-07-03 21:21 - 00000000 ____D () C:\Users\Kabir\Downloads\Don_Bradman_Cricket_14-FLT
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-03 20:44 - 2014-07-03 20:44 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-03 20:43 - 2014-07-03 20:43 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-03 20:32 - 2012-07-06 07:32 - 01166440 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-03 20:32 - 2012-07-06 07:32 - 00778856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2014-07-03 20:32 - 2012-07-06 07:32 - 00035400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-07-03 20:32 - 2012-07-06 07:32 - 00035400 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-07-03 18:24 - 2014-07-04 23:45 - 00000000 ____D () C:\Users\Kabir\Downloads\American Psycho [uncut Version].2000.BRRip.x264-VLiS
2014-07-03 16:36 - 2014-07-03 16:36 - 00000000 ____D () C:\Users\Kabir\Documents\OneNote Notebooks
2014-07-03 16:13 - 2014-07-03 16:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Adobe
2014-07-03 16:07 - 2014-07-03 16:07 - 00001107 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2014-07-03 16:07 - 2014-07-03 16:07 - 00000975 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent.lnk
2014-07-03 13:56 - 2014-07-04 23:36 - 00000000 ____D () C:\Users\Kabir\Downloads\Gun Woman (2014) [1080p]
2014-07-03 13:11 - 2014-07-03 13:11 - 00000000 ____D () C:\Users\Kabir\Downloads\MotioninJoy Version 0.7.1001 (DS3 Tool)
2014-07-02 22:32 - 2014-07-02 22:32 - 00005813 _____ () C:\Users\Kabir\Downloads\[kickass.to]motioninjoy.version.0.7.1001.ds3.tool.mu.torrent
2014-07-02 21:36 - 2014-07-02 22:08 - 00000000 ____D () C:\Users\Kabir\Downloads\Xpadder-v2014.01.01-Retail-CRD
2014-07-02 18:13 - 2014-07-02 18:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\WSHelper
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\WinRAR
2014-07-01 19:13 - 2014-07-25 22:58 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-01 19:12 - 2014-07-01 19:13 - 01913936 _____ () C:\Users\Kabir\Downloads\winrar-x64-510.exe
2014-07-01 01:17 - 2014-07-01 19:09 - 00000000 ____D () C:\Users\Kabir\Downloads\E.T The Extra Terrestrial (1982)
2014-07-01 01:10 - 2014-07-01 01:17 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars I, II, III, IV, V, VI
2014-06-30 19:24 - 2014-07-26 00:46 - 00000000 ____D () C:\Users\Kabir\Desktop\Wondershare PDF Editor & OCR Plugin 3.9.0.9
2014-06-30 19:23 - 2014-06-30 19:23 - 00022715 _____ () C:\Users\Kabir\Downloads\[kickass.to]wondershare.pdf.editor.ocr.plugin.3.9.0.9.torrent
2014-06-30 19:11 - 2014-06-30 19:11 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Wondershare
2014-06-30 19:10 - 2014-06-30 19:11 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\Wondershare
2014-06-28 19:44 - 2014-07-19 15:52 - 00000000 ____D () C:\Users\Kabir\Downloads\Hannibal.Rising[2007]UNRATED.720p[Eng.Rus]-Junoon
2014-06-28 17:49 - 2014-07-20 14:41 - 00000000 ____D () C:\Users\Kabir\Downloads\Red Dragon (2002)
2014-06-28 15:45 - 2014-07-19 15:54 - 00000000 ____D () C:\Users\Kabir\Downloads\Boogie Nights (1997)
2014-06-28 12:15 - 2014-06-28 15:55 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 18:32 - 2014-07-27 18:32 - 00016610 _____ () C:\Users\Kabir\Desktop\FRST.txt
2014-07-27 18:32 - 2014-07-25 23:16 - 00000000 ____D () C:\FRST
2014-07-27 18:32 - 2014-04-18 16:56 - 01784779 _____ () C:\Windows\WindowsUpdate.log
2014-07-27 18:31 - 2014-07-25 22:01 - 00000088 _____ () C:\Users\Kabir\AppData\Local\nd.am
2014-07-27 18:30 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\sru
2014-07-27 18:24 - 2014-07-27 18:24 - 00053782 _____ () C:\Users\Kabir\Downloads\FRST.txt
2014-07-27 18:23 - 2014-04-22 23:08 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Google
2014-07-27 18:23 - 2014-04-22 23:08 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-27 18:22 - 2014-07-27 18:22 - 02093568 _____ (Farbar) C:\Users\Kabir\Desktop\FRST64.exe
2014-07-27 18:18 - 2014-07-25 22:39 - 00000000 ____D () C:\Users\Kabir\Desktop\Auditions
2014-07-27 18:16 - 2012-07-26 12:58 - 00848230 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 17:20 - 2014-04-19 20:29 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\vlc
2014-07-27 17:12 - 2014-07-15 23:07 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA.job
2014-07-27 11:44 - 2014-07-27 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2014-07-27 11:44 - 2014-06-22 09:49 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\DMCache
2014-07-27 09:25 - 2014-06-09 15:35 - 00000000 ___RD () C:\Users\Kabir\Desktop\PwC Kabir
2014-07-27 01:39 - 2014-04-19 19:52 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\uTorrent
2014-07-27 00:23 - 2014-04-22 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-07-26 23:12 - 2014-07-15 23:07 - 00000874 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core.job
2014-07-26 21:31 - 2014-07-26 08:26 - 00000000 ____D () C:\Users\Kabir\Downloads\Incomplete Torrents
2014-07-26 13:28 - 2014-07-23 21:02 - 00000000 ____D () C:\Users\Kabir\Downloads\Database
2014-07-26 08:28 - 2014-07-26 08:28 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\96475711.sys
2014-07-26 08:28 - 2014-07-26 00:43 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-07-26 00:46 - 2014-06-30 19:24 - 00000000 ____D () C:\Users\Kabir\Desktop\Wondershare PDF Editor & OCR Plugin 3.9.0.9
2014-07-26 00:43 - 2014-07-26 00:43 - 00241248 _____ (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\48243764.sys
2014-07-25 23:22 - 2014-07-25 23:21 - 04161313 _____ () C:\Users\Kabir\Downloads\tdsskiller.zip
2014-07-25 22:58 - 2014-07-01 19:13 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-25 22:02 - 2014-07-25 22:01 - 00000000 ____D () C:\ProgramData\Libraries
2014-07-25 22:01 - 2014-07-25 22:01 - 00000240 _____ () C:\Users\Kabir\AppData\Local\cg.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000044 _____ () C:\Users\Kabir\AppData\Local\hd.am
2014-07-25 22:01 - 2014-07-25 22:01 - 00000000 ____D () C:\ProgramData\Application
2014-07-25 18:27 - 2014-07-25 16:45 - 00013636 _____ () C:\Users\Kabir\Desktop\Round 2.xlsx
2014-07-25 16:42 - 2014-07-25 16:42 - 00020427 _____ () C:\Users\Kabir\Downloads\Fourth Wall Auditions FINAL.xlsx
2014-07-25 16:42 - 2014-04-18 16:56 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Packages
2014-07-25 16:39 - 2014-07-25 16:39 - 00015789 _____ () C:\Users\Kabir\Downloads\Auditions 2014.xlsx
2014-07-25 13:34 - 2012-07-26 12:51 - 00029043 _____ () C:\Windows\setupact.log
2014-07-25 12:54 - 2014-04-23 01:26 - 00454144 ___SH () C:\Users\Kabir\Desktop\Thumbs.db
2014-07-25 11:31 - 2014-07-25 11:25 - 1286304735 _____ () C:\Users\Kabir\Downloads\Comedy Nights With Kapil - Virat Kohli - Full episode - 20th July 2014 (HD) - YouTube.mp4
2014-07-25 11:25 - 2014-07-25 11:25 - 120651343 _____ () C:\Users\Kabir\Downloads\Update- iGyaan Rants, iGyaan Magazine, Xiaomi Mi3 Give-away and Mega Expansions! - YouTube.mp4
2014-07-25 11:24 - 2014-07-25 11:24 - 82594525 _____ () C:\Users\Kabir\Downloads\Xiaomi Mi3 Benchmarks and Hardware Tests - YouTube.mp4
2014-07-25 11:23 - 2014-07-25 11:23 - 73159542 _____ () C:\Users\Kabir\Downloads\Mary Kom - Official Trailer - Priyanka Chopra in & as Mary Kom - 5th Sept - YouTube_2.mp4
2014-07-25 11:21 - 2014-07-25 11:21 - 14405132 _____ () C:\Users\Kabir\Downloads\Soccer Celebration Fail.mp4
2014-07-25 01:21 - 2014-07-22 01:32 - 00000000 ____D () C:\Users\Kabir\Desktop\New folder (2)
2014-07-24 23:47 - 2014-07-24 23:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Video Talkies
2014-07-24 23:15 - 2014-07-24 23:15 - 00022092 _____ () C:\Users\Kabir\Downloads\[kickass.to]suits.s04e06.hdtv.x264.killers.ettv.torrent
2014-07-24 21:41 - 2014-07-23 22:56 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars Trilogy (The Original Unaltered Trilogy)
2014-07-24 08:47 - 2014-07-24 08:46 - 06539817 _____ () C:\Users\Kabir\Downloads\Final PPT.pptx
2014-07-23 19:36 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-23 00:02 - 2014-07-22 23:32 - 00000000 ____D () C:\Users\Kabir\Downloads\Wall Street Money Never Sleeps (2010)
2014-07-23 00:02 - 2014-07-22 19:29 - 00000000 ____D () C:\Users\Kabir\Downloads\Skyfall 2012 BRRip 720p x264 AAC - PRiSTiNE [P2PDL]
2014-07-22 23:55 - 2014-07-22 23:32 - 00000000 ____D () C:\Users\Kabir\Downloads\Race 2008 DvDrip x264 AAC Subs
2014-07-22 23:30 - 2014-07-22 23:30 - 00018031 _____ () C:\Users\Kabir\Downloads\[kickass.to]wall.street.money.never.sleeps.2010.720p.brrip.x264.yify.torrent
2014-07-22 23:30 - 2014-07-22 23:30 - 00014852 _____ () C:\Users\Kabir\Downloads\[kickass.to]race.2008.hindi.dvdrip.x264.aac.esub.torrent
2014-07-22 22:44 - 2014-04-23 20:15 - 00268800 ___SH () C:\Users\Kabir\Downloads\Thumbs.db
2014-07-22 22:26 - 2014-07-22 19:57 - 00000000 ____D () C:\Users\Kabir\Desktop\Zindagi Na Milegi Dobara 2011 Hindi DvDRip XviD AC5.1 xRG
2014-07-22 21:50 - 2014-07-22 21:50 - 00000000 ____D () C:\Users\Kabir\Downloads\Fourth Wall Orientation for Freshers
2014-07-22 21:48 - 2014-03-02 18:53 - 00000000 ____D () C:\Users\Kabir\Documents\Virtua Tennis 4
2014-07-22 21:39 - 2014-06-22 20:59 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\IDM
2014-07-22 18:53 - 2014-07-22 18:51 - 1513941945 _____ () C:\Users\Kabir\Downloads\Star Wars original version.mp4
2014-07-22 18:50 - 2014-07-20 14:28 - 00000000 ____D () C:\Users\Kabir\Downloads\All Cheerleaders Die (2013)
2014-07-22 00:04 - 2014-07-21 22:51 - 29177420 _____ () C:\Users\Kabir\Downloads\Desimpedidos FX #1 - Goal Celebrations FX.mp4
2014-07-21 00:17 - 2014-07-21 00:12 - 05012628 _____ () C:\Users\Kabir\Downloads\Only Fourth Wall (Corrected).pptx
2014-07-20 22:20 - 2014-07-20 22:15 - 18850678 _____ () C:\Users\Kabir\Downloads\Bracket 4-Darkroom Fourth Wall Kriti Verve.pptx
2014-07-20 14:51 - 2014-04-24 15:11 - 00000000 ____D () C:\Users\Kabir\Downloads\Zew
2014-07-20 14:41 - 2014-06-28 17:49 - 00000000 ____D () C:\Users\Kabir\Downloads\Red Dragon (2002)
2014-07-19 23:29 - 2014-07-19 23:29 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-19 23:29 - 2014-07-19 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 23:29 - 2014-07-05 16:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-19 23:29 - 2014-07-05 16:46 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-19 21:09 - 2012-07-26 12:52 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-19 21:08 - 2014-07-19 21:08 - 523120145 _____ () C:\Windows\MEMORY.DMP
2014-07-19 21:08 - 2014-07-19 21:08 - 00424384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 21:08 - 2014-07-19 21:08 - 00290928 _____ () C:\Windows\Minidump\071914-46187-01.dmp
2014-07-19 21:08 - 2014-07-19 21:08 - 00000000 ____D () C:\Windows\Minidump
2014-07-19 15:58 - 2014-07-13 01:01 - 00000000 ____D () C:\Users\Kabir\Downloads\Holiday (2014) DVDScr - 1CD - Xvid - Team IcTv
2014-07-19 15:56 - 2014-04-12 14:49 - 00000000 ____D () C:\Users\Kabir\Downloads\The Best Offer (2013)
2014-07-19 15:54 - 2014-07-08 15:07 - 00000000 ____D () C:\Users\Kabir\Downloads\Under the Skin (2013)
2014-07-19 15:54 - 2014-06-28 15:45 - 00000000 ____D () C:\Users\Kabir\Downloads\Boogie Nights (1997)
2014-07-19 15:52 - 2014-06-28 19:44 - 00000000 ____D () C:\Users\Kabir\Downloads\Hannibal.Rising[2007]UNRATED.720p[Eng.Rus]-Junoon
2014-07-19 15:47 - 2014-07-13 05:22 - 00000000 ____D () C:\Users\Kabir\Downloads\Need for Speed (2014)
2014-07-19 00:54 - 2014-07-15 22:41 - 00000000 ____D () C:\Users\Kabir\Desktop\Magazines
2014-07-16 02:13 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-16 01:29 - 2014-07-13 18:45 - 00000000 ____D () C:\Users\Kabir\Desktop\Semester V
2014-07-15 23:08 - 2014-04-19 20:05 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\Mozilla
2014-07-15 23:07 - 2014-07-15 23:07 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001UA
2014-07-15 23:07 - 2014-07-15 23:07 - 00003492 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2386249659-1010326145-3195725929-1001Core
2014-07-15 18:37 - 2014-07-15 18:36 - 00002809 _____ () C:\Users\Kabir\Downloads\[kickass.to]time.of.your.life.tackle.time.wasters.and.use.your.energy.to.full.effect.pdf.torrent
2014-07-14 21:08 - 2014-04-18 17:04 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2386249659-1010326145-3195725929-1001
2014-07-14 20:53 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-13 17:46 - 2014-07-13 17:39 - 00000000 ___RD () C:\Users\Kabir\Downloads\AFF540DC.Unpacker_v7353qx4kg3sa!App
2014-07-13 12:00 - 2014-07-13 05:18 - 00000000 ____D () C:\Users\Kabir\Downloads\Humpty Sharma Ki Dulhania (2014) [1CD] DVDSCR Rip Xvid Mp3 TeamTNT Exclusive
2014-07-12 23:08 - 2014-04-24 18:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-12 23:08 - 2014-04-24 18:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-12 16:51 - 2014-07-10 22:11 - 2836661792 ____R () C:\Users\Kabir\Downloads\fifa.world.cup.2014.semi.final.brazil.vs.germany.720p.hdtv.x264-w4f.mkv
2014-07-12 00:52 - 2014-07-12 00:50 - 12378192 _____ () C:\Users\Kabir\Downloads\Brasil vs Germany (1-7) Real Match.mp4
2014-07-11 22:54 - 2012-10-12 00:27 - 00000000 ____D () C:\Users\Kabir\Desktop\DHRUV NARULA
2014-07-11 22:05 - 2014-04-24 18:41 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Microsoft Help
2014-07-11 21:20 - 2014-06-07 16:06 - 00000000 ____D () C:\Users\Kabir\Downloads\PwC
2014-07-11 03:02 - 2014-07-19 23:29 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-19 23:29 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-19 23:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-19 23:29 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 22:25 - 2012-07-26 13:42 - 00000000 ____D () C:\Windows\rescache
2014-07-10 21:27 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-10 21:26 - 2014-07-10 21:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 21:26 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 21:26 - 2012-07-26 13:42 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 21:26 - 2012-07-26 13:22 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 21:25 - 2012-07-26 13:29 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Kabir\Desktop\TDSSKiller.exe
2014-07-09 17:49 - 2014-04-19 00:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:48 - 2014-04-19 00:45 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 03:33 - 2014-07-06 17:47 - 00000000 ____D () C:\Users\Kabir\Downloads\Bobby Jasoos (2014) 1CD DvDScrRip XviD MP3 Team ExDR
2014-07-08 15:39 - 2012-07-26 10:56 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-08 14:39 - 2014-06-02 23:16 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-07-08 14:39 - 2014-06-02 23:16 - 00001256 _____ () C:\Windows\LkmdfCoInst.log
2014-07-07 00:49 - 2014-05-21 01:42 - 00000000 ____D () C:\Users\Kabir\Downloads\Anna (2013)
2014-07-06 12:47 - 2014-04-19 05:13 - 00034326 _____ () C:\Windows\PFRO.log
2014-07-05 16:46 - 2014-07-05 16:46 - 00000000 ____D () C:\ProgramData\Sun
2014-07-04 23:45 - 2014-07-03 18:24 - 00000000 ____D () C:\Users\Kabir\Downloads\American Psycho [uncut Version].2000.BRRip.x264-VLiS
2014-07-04 23:36 - 2014-07-03 13:56 - 00000000 ____D () C:\Users\Kabir\Downloads\Gun Woman (2014) [1080p]
2014-07-04 18:44 - 2014-07-04 18:40 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-07-03 22:05 - 2014-04-24 19:08 - 00000000 ____D () C:\Windows\AutoKMS
2014-07-03 21:21 - 2014-07-03 21:12 - 00000000 ____D () C:\Users\Kabir\Downloads\Don_Bradman_Cricket_14-FLT
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-03 20:47 - 2014-07-03 20:47 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-03 20:44 - 2014-07-03 20:44 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-03 20:43 - 2014-07-03 20:43 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-03 17:29 - 2014-06-12 19:56 - 00000000 ____D () C:\Users\Kabir\Downloads\Enemy (2013)
2014-07-03 17:09 - 2014-04-12 14:46 - 00000000 ____D () C:\Users\Kabir\Downloads\Prisoners (2013)
2014-07-03 16:36 - 2014-07-03 16:36 - 00000000 ____D () C:\Users\Kabir\Documents\OneNote Notebooks
2014-07-03 16:13 - 2014-07-03 16:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Adobe
2014-07-03 16:07 - 2014-07-03 16:07 - 00001107 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2014-07-03 16:07 - 2014-07-03 16:07 - 00000975 _____ () C:\Users\Kabir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent.lnk
2014-07-03 13:11 - 2014-07-03 13:11 - 00000000 ____D () C:\Users\Kabir\Downloads\MotioninJoy Version 0.7.1001 (DS3 Tool)
2014-07-03 13:04 - 2014-04-24 21:01 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-03 12:28 - 2012-07-26 13:42 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-02 22:32 - 2014-07-02 22:32 - 00005813 _____ () C:\Users\Kabir\Downloads\[kickass.to]motioninjoy.version.0.7.1001.ds3.tool.mu.torrent
2014-07-02 22:08 - 2014-07-02 21:36 - 00000000 ____D () C:\Users\Kabir\Downloads\Xpadder-v2014.01.01-Retail-CRD
2014-07-02 18:13 - 2014-07-02 18:13 - 00000000 ____D () C:\Users\Kabir\AppData\Local\WSHelper
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\WinRAR
2014-07-01 19:13 - 2014-07-01 19:12 - 01913936 _____ () C:\Users\Kabir\Downloads\winrar-x64-510.exe
2014-07-01 19:09 - 2014-07-01 01:17 - 00000000 ____D () C:\Users\Kabir\Downloads\E.T The Extra Terrestrial (1982)
2014-07-01 04:12 - 2014-07-09 16:49 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-01 04:12 - 2014-07-09 16:49 - 00394240 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-01 04:12 - 2014-07-09 16:49 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-07-01 01:17 - 2014-07-01 01:10 - 00000000 ____D () C:\Users\Kabir\Downloads\Star Wars I, II, III, IV, V, VI
2014-06-30 19:23 - 2014-06-30 19:23 - 00022715 _____ () C:\Users\Kabir\Downloads\[kickass.to]wondershare.pdf.editor.ocr.plugin.3.9.0.9.torrent
2014-06-30 19:11 - 2014-06-30 19:11 - 00000000 ____D () C:\Users\Kabir\AppData\Local\Wondershare
2014-06-30 19:11 - 2014-06-30 19:10 - 00000000 ____D () C:\Users\Kabir\AppData\Roaming\Wondershare
2014-06-28 15:55 - 2014-06-28 12:15 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-28 14:21 - 2014-04-28 22:02 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-28 14:21 - 2014-04-28 22:02 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-06-28 09:05 - 2014-07-09 16:49 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-27 02:23 - 2014-07-10 21:29 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-27 02:23 - 2014-07-10 21:29 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Kabir\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Kabir\AppData\Local\Temp\{410E5D48-3CC8-4B70-9921-9A29DBACA787}.exe
C:\Users\Kabir\AppData\Local\Temp\{E05DB55C-3B0E-4308-B02F-5478BB7057B7}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 13:21

==================== End Of Log ============================

Link to post
Share on other sites

I think I have already warned you about piracy and your reports still show a lot of pirated content.

FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif

icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.
  • Please include the contents of that file in your reply.

fixlist.txt

Link to post
Share on other sites

Firstly, I would like to appreciate the time and effort you are spending to help my case here.

 

Secondly, I would surely remove all the pirated content, to the best of my knowledge. For my curiosity, could you tell me what would happen if I didn't remove the pirated content? Would my system not be completely cleaned?

Link to post
Share on other sites

I had run both the scans before you posted the hyperlinked post. Then after I saw your post, I removed all the pirated softwares, to the best of my knowledge.

 

There were two reports generated before the cleanup of pirated content.

 

 

After I removed the pirated content, I scanned again. I have attached those two reports as well.

AdwCleanerS1 (After Cleanup).txt

Fixlog (After Cleanup).txt

AdwCleanerS0.txt

Link to post
Share on other sites

When I open a new tab, the onlinehelpdesk page doesn't show up. The overall feeling is better now. It just may be a psychological phenomenon too :P

 

But I think everything is fine now. Couple of questions please:

 

1. I think when I connected my external hard drive, the infection must have transfered. How can I ensure that's clean?

 

2. I believe my computer previously had some virus, which was not intrusive and didn't cause much problems. Is that removed too now?

Link to post
Share on other sites

1. Follow my instruction below.

 

2. Yes, your PC is clean, I see nothing bad.

 

 

 

 

logoMcShield.png Scan with McShield

Please download McShield by dr_bora and save it to your desktop.
 

  • Install it on your machine.
  • It will initially run a scan and show the result as a toaster by the system clock.
  • Start the Control Centre by clicking on the logoMcShield.png icon in your system tray.
  • Go to the Scanner tab and tick unhide items on flash drives.
  • Plug in the drive and McShield will start a scan.
  • A logfile of this scan may be found in the Logs tab of the main screen.


Please include that log in your next reply.

Link to post
Share on other sites

1. I am planning to buy AVG 2014 for this system. Should I keep this McShield or delete it once I install AVG?

 

2. Here are the logs from the scan:

 


MCShield ::Anti-Malware Tool:: http://www.mcshield.net/

>>> v 3.0.5.28 / DB: 2014.7.28.1 / Windows 8 <<<


28-07-2014 22:36:19 > Drive G: - scan started (Kabir ~466 GB, NTFS HDD )...


>>> G:\my vedio clips 26-Jul-14.mp4                                                                                                                                 .exe - Malware > Deleted. (14.07.28. 22.36 my vedio clips 26-Jul-14.mp4                                                                                                                                 .exe.976803; MD5: 1730d402fc118892920653f799e8843c)


=> Malicious files   : 1/1 deleted.

____________________________________________

::::: Scan duration: 3sec ::::::::::::::::::
____________________________________________
 

Link to post
Share on other sites

Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.

 

 

Recommended reading:




icon_exclaim.gifMUST READ - general maintenance: What to do if your Computer is running slowly?

 

 

 

Recommended additional software:



icon_arrow.gifTFC - to clean unneeded temporary files.

icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.

icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.

icon_arrow.gifMcShield - to prevent infections spread by removable media.

icon_arrow.gifCryptoPrevent - to secure yourself from very severe CryptoLocker infection.

icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.

 

 

The following will implement some post-cleanup procedures:

 

=> Please download DelFix by Xplode to your Desktop.

 

Run the tool and check the following boxes below;

checkmark.png Remove disinfection tools

checkmark.png Create registry backup

checkmark.png Purge System Restore

Click Run button and wait a few seconds for the programme completes his work.

At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

 

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix

Tool deletes old system restore points and create a fresh system restore point after cleaning.

 

 

 

Stay safe,

TwinHeadedEagle :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.