Hello Brian,
As directed I'm able to remove almost all softwares from my notebook except following few:
Symantec Endpoint Protection -
this seems to be removed but it's still showing in the list.
Ask toolbar - I get following error when trying to remove ask toolbar
-- Error 2738. Coult not access VBScript run time for custom action.
Facebook video calling 1.2.0.287 - I get following error when trying to remove this
--The installer has encountered and unexpected error installing this package. This may indicate a problem with this package. The error code is 2738.
Fix log
************************************************************************************************************
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Abhishek at 2015-03-15 15:06:48 Run:1
Running from C:\Users\Abhishek\Desktop
Loaded Profiles: Abhishek (Available profiles: Abhishek)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CreateRestorePoint:
(Crawler.com) C:\Program Files\Spyware Terminator\sp_rsser.exe
() C:\ProgramData\Trusted Publisher\SW-Booster\SW-Booster.exe
C:\ProgramData\Trusted Publisher
() C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe
C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AnyProtect Scanner] => "C:\Program Files\AnyProtectEx\AnyProtect.exe"
C:\Program Files\AnyProtectEx
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [se] => C:\Users\user\AppData\Roaming\SkypEmoticons\SE.exe /minimized
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {125455f7-730c-11e1-b195-fe93e5c86024} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {12545601-730c-11e1-b195-810d70a76acb} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {12545671-730c-11e1-b195-c85622b6b4be} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {1d5b41de-e447-11e1-b0c6-fd68a3cebc60} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {1d5b41e7-e447-11e1-b0c6-ce3d81501a1b} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {5b7a2728-ff3b-11e0-906f-823332b82114} - F:\Setup.exe /Auto
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {9dd422bd-6701-11dd-81bc-001d09b30651} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Sys.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {acc5c1d9-1f88-11e4-a92f-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {adf0e9fe-2749-11e4-9ac2-001d09b30651} - E:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {b0d1cfb3-7a14-11e1-b5e3-d760c0553e51} - F:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {b6d8a72f-e9df-11e1-b68f-fdbd6f5861f1} - G:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {cb2824ac-1ec7-11e4-b21b-001dd9e8829b} - E:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\MountPoints2: {e28707c4-e56f-11e1-af60-d142243269b5} - G:\AutoRun.exe
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2926592 2009-04-11] (Microsoft Corporation) <==== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
URLSearchHook: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 - SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll (Spigot, Inc.)
SearchScopes: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
BHO: NewSaver -> {06f6f85c-bac2-43be-bece-e15eb4c475e8} -> C:\ProgramData\NewSaver\tzwCSK8UufN0Xr.dll [2014-11-22] ()
BHO: SaveLots -> {48910c32-ad9e-4c84-8b67-adc12dd96b33} -> C:\ProgramData\SaveLots\h3pa0wL8juCiLv.dll [2014-11-20] ()
BHO: SaverExtension -> {4c282ea3-6f71-42c7-bb27-d21973d82f4c} -> C:\ProgramData\SaverExtension\juoCGNsZDb21JF.dll [2014-11-22] ()
BHO: CoupExtension -> {5c614e31-e6b7-452d-b9ac-84c4aa2fcb0a} -> C:\ProgramData\CoupExtension\dljAtBLwlPxX5B.dll [2014-11-20] ()
Toolbar: HKU\.DEFAULT -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
C:\ProgramData\NewSaver
C:\ProgramData\SaveLots
C:\ProgramData\SaverExtension
C:\ProgramData\CoupExtension
Toolbar: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File
CHR HKLM\...\Chrome\Extension: [cgpnojibjokpoghebklhkdeijehkohhb] - C:\Users\Abhishek\AppData\Local\Temp\tbch.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [mpjidcokcfencofcmondgimdoobddnoe] - C:\Users\Abhishek\AppData\Local\CRE\mpjidcokcfencofcmondgimdoobddnoe.crx [2012-05-08]
R2 24c54e38; c:\Program Files\DeltaFix\DeltaFix.dll [3906048 2014-11-16] () [File not signed] <==== ATTENTION
c:\Program Files\DeltaFix\DeltaFix.dll
R2 MaintainerSvc2.02.5636706; C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe [123632 2015-03-14] ()
C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8
R2 sp_rssrv; C:\Program Files\Spyware Terminator\sp_rsser.exe [570880 2008-08-30] (Crawler.com) [File not signed]
C:\Program Files\Spyware Terminator
2015-03-14 18:02 - 2014-11-16 22:10 - 00000482 ____H () C:\Windows\Tasks\SW-Booster-S-792098896.job
2014-09-09 07:23 - 2014-09-09 07:23 - 0000000 _____ () C:\Users\Abhishek\AppData\Local\{53F4DD30-6599-4858-AC72-0DA3ECAD8514}
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{000209F0-0000-4b30-A977-D214852036FF}\InprocServer32 -> No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{45540086-5750-5300-4B49-4E47534F4655}\InprocServer32 -> No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{91493443-94BF-4940-926D-4F38FECF2A48}\InprocServer32 -> No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{B6CE1A28-A831-43E4-A81F-E2B429D66231}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\AskToolbar\Downloaded Program Files\Nero.dll (Ask.com)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Abhishek\AppData\Local\Temp\e1605937\temp\Download.exe No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {2487AE63-6C7A-4479-9ABD-1E7C8B06AE88} - \{35DC3473-A719-4d14-B7C1-FD326CA84A0C} No Task File <==== ATTENTION
Task: {2EE2027E-415B-4A49-BABD-947193469DB0} - System32\Tasks\SW-Booster-S-792098896 => c:\programdata\trusted publisher\sw-booster\SW-Booster.exe [2014-11-16] () <==== ATTENTION
Task: {48A1C5B8-70E1-400A-895D-FF14337BD979} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {59C5AF6B-06D2-4B46-8392-73D58A8AD652} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {8D03BECD-CE00-41FD-A701-9A337B93B57E} - \{66BA574B-1E11-49b8-909C-8CC9E0E8E015} No Task File <==== ATTENTION
Task: {97E4E69E-19EC-4C83-8ABF-10483E4C0D98} - System32\Tasks\APSnotifierPP3 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {9D454D67-0B49-4FA0-A2C9-52651399FED3} - \ASP No Task File <==== ATTENTION
Task: {B08BEFB2-8905-46BB-8E23-FB99ECF897F7} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\SW-Booster-S-792098896.job => c:\programdata\trusted publisher\sw-booster\SW-Booster.exeO/schedule /profile c:\programdata\trusted publisher\sw-booster\792098896.ini <==== ATTENTION
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
cmd: bitsadmin /reset /allusers
EmptyTemp:
*****************
Restore point was successfully created.
C:\Program Files\Spyware Terminator\sp_rsser.exe => No running process found
C:\ProgramData\Trusted Publisher\SW-Booster\SW-Booster.exe => No running process found
C:\ProgramData\Trusted Publisher => Moved successfully.
[3412] C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8\maintainer.exe => Process closed successfully.
C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8 => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AnyProtect Scanner => value deleted successfully.
C:\Program Files\AnyProtectEx => Moved successfully.
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Windows\CurrentVersion\Run\\se => Value not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{125455f7-730c-11e1-b195-fe93e5c86024}" => Key deleted successfully.
HKCR\CLSID\{125455f7-730c-11e1-b195-fe93e5c86024} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12545601-730c-11e1-b195-810d70a76acb}" => Key deleted successfully.
HKCR\CLSID\{12545601-730c-11e1-b195-810d70a76acb} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12545671-730c-11e1-b195-c85622b6b4be}" => Key deleted successfully.
HKCR\CLSID\{12545671-730c-11e1-b195-c85622b6b4be} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d5b41de-e447-11e1-b0c6-fd68a3cebc60}" => Key deleted successfully.
HKCR\CLSID\{1d5b41de-e447-11e1-b0c6-fd68a3cebc60} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d5b41e7-e447-11e1-b0c6-ce3d81501a1b}" => Key deleted successfully.
HKCR\CLSID\{1d5b41e7-e447-11e1-b0c6-ce3d81501a1b} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b7a2728-ff3b-11e0-906f-823332b82114}" => Key deleted successfully.
HKCR\CLSID\{5b7a2728-ff3b-11e0-906f-823332b82114} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dd422bd-6701-11dd-81bc-001d09b30651}" => Key deleted successfully.
HKCR\CLSID\{9dd422bd-6701-11dd-81bc-001d09b30651} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{acc5c1d9-1f88-11e4-a92f-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{acc5c1d9-1f88-11e4-a92f-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{adf0e9fe-2749-11e4-9ac2-001d09b30651}" => Key deleted successfully.
HKCR\CLSID\{adf0e9fe-2749-11e4-9ac2-001d09b30651} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0d1cfb3-7a14-11e1-b5e3-d760c0553e51}" => Key deleted successfully.
HKCR\CLSID\{b0d1cfb3-7a14-11e1-b5e3-d760c0553e51} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b6d8a72f-e9df-11e1-b68f-fdbd6f5861f1}" => Key deleted successfully.
HKCR\CLSID\{b6d8a72f-e9df-11e1-b68f-fdbd6f5861f1} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb2824ac-1ec7-11e4-b21b-001dd9e8829b}" => Key deleted successfully.
HKCR\CLSID\{cb2824ac-1ec7-11e4-b21b-001dd9e8829b} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e28707c4-e56f-11e1-af60-d142243269b5}" => Key deleted successfully.
HKCR\CLSID\{e28707c4-e56f-11e1-af60-d142243269b5} => Key not found.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => value deleted successfully.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => value deleted successfully.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}" => Key deleted successfully.
HKCR\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key not found.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B8DCF56-50E2-494C-A325-E0BD2C6B5126}" => Key deleted successfully.
HKCR\CLSID\{0B8DCF56-50E2-494C-A325-E0BD2C6B5126} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}" => Key deleted successfully.
HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}" => Key deleted successfully.
HKCR\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}" => Key deleted successfully.
HKCR\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{837120EB-FFE3-48FD-8F7B-F2761B06F918}" => Key deleted successfully.
HKCR\CLSID\{837120EB-FFE3-48FD-8F7B-F2761B06F918} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" => Key deleted successfully.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06f6f85c-bac2-43be-bece-e15eb4c475e8} => Key not found.
"HKCR\CLSID\{06f6f85c-bac2-43be-bece-e15eb4c475e8}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48910c32-ad9e-4c84-8b67-adc12dd96b33} => Key not found.
"HKCR\CLSID\{48910c32-ad9e-4c84-8b67-adc12dd96b33}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4c282ea3-6f71-42c7-bb27-d21973d82f4c} => Key not found.
"HKCR\CLSID\{4c282ea3-6f71-42c7-bb27-d21973d82f4c}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5c614e31-e6b7-452d-b9ac-84c4aa2fcb0a} => Key not found.
"HKCR\CLSID\{5c614e31-e6b7-452d-b9ac-84c4aa2fcb0a}" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => value deleted successfully.
HKCR\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => Key not found.
C:\ProgramData\NewSaver => Moved successfully.
C:\ProgramData\SaveLots => Moved successfully.
C:\ProgramData\SaverExtension => Moved successfully.
C:\ProgramData\CoupExtension => Moved successfully.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => value deleted successfully.
HKCR\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} => Key not found.
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => value deleted successfully.
HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key not found.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\cgpnojibjokpoghebklhkdeijehkohhb" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\mpjidcokcfencofcmondgimdoobddnoe" => Key deleted successfully.
C:\Users\Abhishek\AppData\Local\CRE\mpjidcokcfencofcmondgimdoobddnoe.crx => Moved successfully.
24c54e38 => Service not found.
"c:\Program Files\DeltaFix\DeltaFix.dll" => File/Directory not found.
MaintainerSvc2.02.5636706 => Service deleted successfully.
"C:\ProgramData\d7a0fe93-7bf3-4f3d-89c3-fe4e144b2eb8" => File/Directory not found.
sp_rssrv => Service not found.
"C:\Program Files\Spyware Terminator" => File/Directory not found.
"C:\Windows\Tasks\SW-Booster-S-792098896.job" => File/Directory not found.
C:\Users\Abhishek\AppData\Local\{53F4DD30-6599-4858-AC72-0DA3ECAD8514} => Moved successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{000209F0-0000-4b30-A977-D214852036FF}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{45540086-5750-5300-4B49-4E47534F4655}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{91493443-94BF-4940-926D-4F38FECF2A48}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{B6CE1A28-A831-43E4-A81F-E2B429D66231}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => Key deleted successfully.
"HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2487AE63-6C7A-4479-9ABD-1E7C8B06AE88}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2487AE63-6C7A-4479-9ABD-1E7C8B06AE88}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EE2027E-415B-4A49-BABD-947193469DB0} => Key not found.
C:\Windows\System32\Tasks\SW-Booster-S-792098896 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SW-Booster-S-792098896 => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48A1C5B8-70E1-400A-895D-FF14337BD979}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48A1C5B8-70E1-400A-895D-FF14337BD979}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59C5AF6B-06D2-4B46-8392-73D58A8AD652}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59C5AF6B-06D2-4B46-8392-73D58A8AD652}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D03BECD-CE00-41FD-A701-9A337B93B57E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D03BECD-CE00-41FD-A701-9A337B93B57E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97E4E69E-19EC-4C83-8ABF-10483E4C0D98}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97E4E69E-19EC-4C83-8ABF-10483E4C0D98}" => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierPP3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D454D67-0B49-4FA0-A2C9-52651399FED3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D454D67-0B49-4FA0-A2C9-52651399FED3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASP" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B08BEFB2-8905-46BB-8E23-FB99ECF897F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B08BEFB2-8905-46BB-8E23-FB99ECF897F7}" => Key deleted successfully.
C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar" => Key deleted successfully.
C:\Windows\Tasks\APSnotifierPP1.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP2.job => Moved successfully.
C:\Windows\Tasks\APSnotifierPP3.job => Moved successfully.
C:\Windows\Tasks\SW-Booster-S-792098896.job not found.
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F =========
The operation completed successfully.
========= End of Reg: =========
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services" /F =========
The operation completed successfully.
========= End of Reg: =========
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
The operation completed successfully.
========= End of Reg: =========
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
The operation completed successfully.
========= End of Reg: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.0.6001 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
Unable to cancel {EB5AAB70-007A-4722-95FA-20061BAE5DA0}.
Unable to cancel {1E8D263B-CA69-4423-ABE0-1E5964F4193E}.
{D78E6FA5-56C0-4A31-89F0-7D60F6230812} canceled.
{C4D364F5-C4D5-48F2-B8CC-6C97902768AD} canceled.
{E9F625F0-7A82-4A54-A977-4A49CD52D183} canceled.
{EEAFC5DE-9F62-4C23-B049-8B4CADFA659D} canceled.
{B887E4F2-7CD0-4D64-A080-84AF908DE00A} canceled.
{CDD23D4D-2C68-47E6-B39E-101F123F0F95} canceled.
{C68A81F9-73F4-43BC-91C6-EEBE43D1EEE3} canceled.
7 out of 9 jobs canceled.
========= End of CMD: =========
EmptyTemp: => Removed 457.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 15:08:33 ====
AdwCleaner log
************************************************************************************************************
# AdwCleaner v4.112 - Logfile created 15/03/2015 at 16:19:48
# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Local]
# Operating system : Windows Vista Home Basic Service Pack 2 (x86)
# Username : Abhishek - ABHISHEK-PC
# Running from : C:\Users\Abhishek\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
[#] Service Deleted : Application Updater
Service Deleted : YahooAUService
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Vaudix
Folder Deleted : C:\ProgramData\4c4ff94ef16cb24a
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Vaudix
Folder Deleted : C:\Program Files\Veoh_Web_Player
Folder Deleted : C:\Program Files\YoutubeAdBlocke
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Abhishek\AppData\Local\AskToolbar
Folder Deleted : C:\Users\Abhishek\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Abhishek\AppData\Local\Conduit
Folder Deleted : C:\Users\Abhishek\AppData\Local\torch
Folder Deleted : C:\Users\Abhishek\AppData\Local\MaxiGet Download Manager
Folder Deleted : C:\Users\Abhishek\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Abhishek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Abhishek\AppData\LocalLow\Veoh_Web_Player
Folder Deleted : C:\Users\Abhishek\AppData\Roaming\ap_logs
Folder Deleted : C:\Users\Abhishek\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Abhishek\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
Folder Deleted : C:\Users\Abhishek\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
Folder Deleted : C:\Users\Abhishek\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgdjcclbaackjcjhgmljnjdjdjdmdkjm
File Deleted : C:\Users\Abhishek\AppData\Roaming\aps.uninstall.scan.results
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\Vaudix.Vaudix
Key Deleted : HKLM\SOFTWARE\Classes\Vaudix.Vaudix.9
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1784788
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2653012
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3106777
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2229cece-f520-4d91-afbd-aba3b10921ff}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{beda7ac1-7def-4c0b-a9c7-0e1d3da8dca5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260E0CC-0F75-462E-88A3-1E05C248BF4C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2229cece-f520-4d91-afbd-aba3b10921ff}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{beda7ac1-7def-4c0b-a9c7-0e1d3da8dca5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Vittalia
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Safer-Surf
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\APN
Key Deleted : HKLM\SOFTWARE\AskToolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GamePlayLabs
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{681002C6-5019-81A2-7871-A43754F71E56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Deal Keeper
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VOPackage
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Web browsers ] *****
-\\ Internet Explorer v9.0.8112.16633
-\\ Google Chrome v38.0.2125.111
[C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ocphobfcfafpclibolpjdafgaffkaoci
[C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://websearch.search-plaza.info/?pid=20420&r=2014/11/16&hid=13704040672545076610&lg=EN&cc=IN&unqvl=69
[C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://websearch.search-plaza.info/?pid=20420&r=2014/11/16&hid=13704040672545076610&lg=EN&cc=IN&unqvl=69
-\\ Comodo Dragon v
-\\ Chrome Canary v
*************************
AdwCleaner[R0].txt - [12893 bytes] - [15/03/2015 16:14:27]
AdwCleaner[S0].txt - [12859 bytes] - [15/03/2015 16:19:48]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12919 bytes] ##########
FRST log
************************************************************************************************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Abhishek (administrator) on ABHISHEK-PC on 15-03-2015 16:38:20
Running from C:\Users\Abhishek\Desktop
Loaded Profiles: Abhishek (Available profiles: Abhishek)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(SingleClick Systems) C:\Program Files\Dell Network Assistant\hnm_svc.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(SigmaTel, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Gteko Ltd.) C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-06-27] (SigmaTel, Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\real\realplayer\update\realsched.exe [296096 2012-08-14] (RealNetworks, Inc.)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [DellAutomatedPCTuneUp] => C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe [465136 2007-10-11] (Gteko Ltd.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [5244216 2010-02-17] (Yahoo! Inc.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [Facebook Update] => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-17] (Facebook Inc.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
AppInit_DLLs: c:\progra~1\google\google~2\goec62~1.dll => c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-16] (Google)
BootExecute:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-05] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2010-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-04-26] (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 -> C:\Windows\system32\npdeployJava1.dll [2012-09-24] (Sun Microsystems, Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2010-02-17] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-08-14] (RealPlayer)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc;version=0.8.6f -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin HKU\S-1-5-21-4265441916-1708264049-1492465063-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Abhishek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-28]
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-05-01]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-14]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-05-01]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (TheFreeDictionarycom Extension) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgabimphpgkjochcoogplolgpcagmap [2014-11-22]
CHR Extension: (Google Docs) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-09]
CHR Extension: (eRail.in) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopfgjfeiimeioiajeknfidlljpoebgc [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-09]
CHR Extension: (NickelBlock) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpmbhfdelldocceoekndfaholphcobg [2014-11-20]
CHR Extension: (Google Wallet) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-09]
CHR Extension: (Gmail) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-09]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-03-02] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2010-03-02] (Symantec Corporation)
S3 DellAMBrokerService; C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe [76016 2007-10-11] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-16] (Google)
R2 hnmsvc; C:\Program Files\Dell Network Assistant\hnm_svc.exe [112176 2007-05-25] (SingleClick Systems)
R2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1864888 2010-03-02] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [341320 2010-03-02] (Symantec Corporation)
R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-06-27] (SigmaTel, Inc.)
R2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2477304 2010-03-02] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1724416 2007-03-22] (Dell Inc.) [File not signed]
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [23888 2010-03-02] (Symantec Corporation)
R2 datunidr; C:\Windows\System32\DRIVERS\datunidr.sys [5376 2007-08-24] (Gteko Ltd.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-06-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2012-06-17] (Symantec Corporation)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [125728 2007-07-13] (McAfee, Inc.)
R3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20120617.009\NAVENG.SYS [87928 2012-05-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20120617.009\NAVEX15.SYS [1589752 2012-05-16] (Symantec Corporation)
R2 Packet; C:\Windows\System32\DRIVERS\packet.sys [12672 2006-12-19] (SingleClick Systems)
R3 PTproct; C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys [4736 2006-10-06] (Gteko Ltd.) [File not signed]
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [File not signed]
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2010-03-02] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [281648 2010-03-02] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [320560 2010-03-02] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2010-03-02] (Symantec Corporation)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-27] (SigmaTel, Inc.)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2015-03-15] (Symantec Corporation)
S3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [26416 2010-03-02] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [188080 2010-03-02] (Symantec Corporation)
R3 Teefer2; C:\Windows\System32\DRIVERS\teefer2.sys [50064 2010-03-02] (Symantec Corporation)
R1 WPS; C:\Windows\system32\drivers\wpsdrvnt.sys [42312 2010-03-02] (Symantec Corporation)
S3 WpsHelper; C:\Windows\system32\drivers\WpsHelper.sys [167936 2011-06-21] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 ztemtusbser; system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [X]
S3 zteusbser; system32\DRIVERS\ztemtusbser.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 16:14 - 2015-03-15 16:19 - 00000000 ____D () C:\AdwCleaner
2015-03-15 16:11 - 2015-03-15 16:13 - 02171392 _____ () C:\Users\Abhishek\Desktop\AdwCleaner.exe
2015-03-15 15:05 - 2015-03-15 15:06 - 02171392 _____ () C:\Users\Abhishek\Desktop\Unconfirmed 444166.crdownload
2015-03-15 13:05 - 2015-03-15 13:31 - 11530032 _____ (Microsoft Corporation) C:\Users\Abhishek\Desktop\mseinstall.exe
2015-03-15 12:14 - 2015-03-15 15:07 - 00000000 ____D () C:\ProgramData\23405448
2015-03-15 11:28 - 2015-03-15 11:28 - 00000000 ____D () C:\Users\Abhishek\AppData\Local\Facebook
2015-03-14 23:49 - 2015-03-14 23:52 - 00064361 _____ () C:\Users\Abhishek\Desktop\Addition.txt
2015-03-14 23:47 - 2015-03-15 16:42 - 00016251 _____ () C:\Users\Abhishek\Desktop\FRST.txt
2015-03-14 23:46 - 2015-03-15 16:38 - 00000000 ____D () C:\FRST
2015-03-14 09:54 - 2015-03-14 09:55 - 01135104 _____ (Farbar) C:\Users\Abhishek\Desktop\FRST.exe
2015-03-12 08:25 - 2015-01-29 07:05 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-12 08:24 - 2015-02-26 05:48 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-12 08:24 - 2015-01-29 07:05 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-12 03:09 - 2015-02-20 07:33 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-12 03:09 - 2015-02-20 05:58 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-12 03:08 - 2015-02-26 07:31 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-12 03:08 - 2015-02-26 07:31 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-12 03:08 - 2015-01-09 07:34 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-12 03:08 - 2015-01-09 05:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-12 03:07 - 2015-01-21 07:32 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-12 03:06 - 2015-03-06 09:31 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 03:04 - 2014-10-13 06:42 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-03-12 03:03 - 2015-02-18 07:32 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 12:24 - 2015-02-21 23:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-03-11 12:24 - 2015-02-21 22:59 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 12:24 - 2015-02-21 22:58 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 12:24 - 2015-02-21 22:52 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 12:24 - 2015-02-21 22:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 12:24 - 2015-02-21 22:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 12:24 - 2015-02-21 22:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-03-11 12:24 - 2015-02-21 22:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-11 12:24 - 2015-02-21 22:49 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 12:24 - 2015-02-21 22:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 12:24 - 2015-02-21 22:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 12:24 - 2015-02-21 22:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 12:24 - 2015-02-21 22:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-11 12:24 - 2015-02-21 22:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-11 12:24 - 2015-02-21 22:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-11 12:24 - 2015-02-21 22:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 12:24 - 2015-02-21 22:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-03-11 12:24 - 2015-02-21 22:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-03-11 12:24 - 2015-02-21 22:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-03-11 12:24 - 2015-02-21 22:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-11 12:23 - 2015-02-21 23:07 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 12:23 - 2015-02-21 22:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-09 23:32 - 2015-03-09 23:32 - 00143720 _____ () C:\Windows\Minidump\Mini030915-01.dmp
2015-03-07 00:40 - 2015-03-07 00:40 - 00143720 _____ () C:\Windows\Minidump\Mini030715-01.dmp
2015-02-26 11:19 - 2015-02-26 11:19 - 00087040 _____ () C:\Users\Abhishek\Downloads\DISTRIBUTION SCHEDULE MAR15.xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 16:41 - 2007-12-28 13:46 - 01718840 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 16:38 - 2014-08-11 00:19 - 00000400 _____ () C:\Windows\Tasks\WpsNotifyTask_Abhishek.job
2015-03-15 16:34 - 2008-08-11 22:32 - 00000000 ____D () C:\Users\Abhishek\AppData\Roaming\Skype
2015-03-15 16:32 - 2014-05-09 11:25 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 16:32 - 2008-09-17 23:12 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-15 16:32 - 2006-11-02 18:28 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-15 16:32 - 2006-11-02 18:15 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 16:32 - 2006-11-02 18:15 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-15 16:23 - 2014-08-17 16:13 - 00000400 _____ () C:\Windows\Tasks\WpsUpdateTask_Abhishek.job
2015-03-15 16:20 - 2007-12-28 13:46 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-03-15 16:20 - 2006-11-02 18:28 - 00032542 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-15 16:19 - 2011-12-19 14:05 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000UA.job
2015-03-15 16:15 - 2012-03-30 08:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-15 16:14 - 2006-11-02 16:48 - 00000000 ____D () C:\Windows\tracing
2015-03-15 15:57 - 2014-05-09 11:25 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-15 15:25 - 2008-04-09 10:45 - 00006324 _____ () C:\Users\Abhishek\AppData\Local\d3d9caps.dat
2015-03-15 15:22 - 2014-08-07 09:58 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-03-15 15:22 - 2007-12-28 14:12 - 00184992 _____ () C:\Windows\PFRO.log
2015-03-15 15:22 - 2007-12-28 14:04 - 00000000 ____D () C:\Program Files\Google
2015-03-15 15:07 - 2012-05-14 16:18 - 00000000 ____D () C:\Users\Abhishek\AppData\Local\CRE
2015-03-15 15:07 - 2008-08-22 00:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-15 15:07 - 2006-11-02 16:48 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-15 14:02 - 2012-06-18 09:41 - 00124976 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2015-03-15 14:02 - 2012-06-18 09:41 - 00007456 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2015-03-15 14:02 - 2012-06-18 09:24 - 00000000 ____D () C:\Program Files\Symantec
2015-03-15 13:13 - 2009-12-19 09:59 - 00149942 _____ () C:\Windows\DPINST.LOG
2015-03-15 13:03 - 2012-03-14 21:58 - 00000000 ____D () C:\Users\Abhishek\AppData\Local\RockMelt
2015-03-15 13:03 - 2010-08-26 00:07 - 00000000 ____D () C:\Users\Abhishek\AppData\Roaming\BitTorrent
2015-03-15 13:01 - 2013-08-05 23:19 - 00000000 ____D () C:\mvs
2015-03-15 13:01 - 2008-01-04 09:26 - 00137216 _____ () C:\Users\Abhishek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-15 12:26 - 2012-03-21 09:46 - 00000000 ____D () C:\ProgramData\DatacardService
2015-03-15 12:13 - 2009-12-19 09:56 - 00000000 ____D () C:\Program Files\Nokia
2015-03-15 12:10 - 2011-02-01 20:14 - 00000000 ____D () C:\ProgramData\Nero
2015-03-15 12:09 - 2009-12-20 13:46 - 00000000 ____D () C:\Program Files\Common Files\Nokia
2015-03-15 12:06 - 2007-12-28 14:04 - 00000000 ____D () C:\ProgramData\Google
2015-03-15 12:05 - 2007-12-28 13:56 - 00000000 ____D () C:\Program Files\Java
2015-03-15 12:05 - 2007-12-28 13:56 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-15 11:47 - 2008-08-22 00:23 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2015-03-14 22:18 - 2011-12-19 14:05 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000Core.job
2015-03-13 22:19 - 2006-11-02 18:19 - 00137834 _____ () C:\Windows\setupact.log
2015-03-12 08:45 - 2006-11-02 18:14 - 00299240 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 08:24 - 2013-07-22 22:24 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 08:06 - 2006-11-02 15:54 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-09 23:32 - 2012-08-12 00:50 - 232144477 _____ () C:\Windows\MEMORY.DMP
2015-03-09 23:32 - 2008-07-19 12:11 - 00000000 ____D () C:\Windows\Minidump
2015-03-09 00:36 - 2015-01-24 22:53 - 00000561 _____ () C:\Users\Abhishek\Desktop\weekend getaways.txt
2015-03-05 23:33 - 2015-02-09 10:07 - 00000277 _____ () C:\Users\Abhishek\Desktop\cover letter.txt
2015-03-02 13:59 - 2015-01-25 00:53 - 00000493 _____ () C:\Users\Abhishek\Desktop\onsite consultants.txt
2015-02-24 03:23 - 2014-03-10 01:21 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-16 17:53 - 2012-01-09 15:05 - 11600557 _____ () C:\Users\Abhishek\Downloads\Invitation card (1).rar
==================== Files in the root of some directories =======
2014-09-28 14:06 - 2014-09-28 14:10 - 6010880 _____ () C:\Program Files\GUT80A5.tmp
2008-08-09 15:15 - 2012-08-13 00:44 - 0000568 _____ () C:\Users\Abhishek\AppData\Roaming\wklnhst.dat
2008-04-09 10:45 - 2015-03-15 15:25 - 0006324 _____ () C:\Users\Abhishek\AppData\Local\d3d9caps.dat
2008-01-04 09:26 - 2015-03-15 13:01 - 0137216 _____ () C:\Users\Abhishek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-07 13:01 - 2014-08-07 13:01 - 0575544 _____ (ClickMeIn Limited) C:\Users\Abhishek\AppData\Local\nscB950.tmp
2014-08-07 12:49 - 2014-08-07 12:49 - 0591056 _____ (ClickMeIn Limited) C:\Users\Abhishek\AppData\Local\nsh752B.tmp
2008-08-11 22:33 - 2008-08-11 22:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some content of TEMP:
====================
C:\Users\Abhishek\AppData\Local\Temp\Quarantine.exe
C:\Users\Abhishek\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 16:38
==================== End Of Log ============================
Addition log
************************************************************************************************************
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Abhishek at 2015-03-15 16:43:33
Running from C:\Users\Abhishek\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Symantec Endpoint Protection (Enabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Out of date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Symantec Endpoint Protection (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\{C7888C3F-0506-555F-7907-CDD3F81719A5}) (Version: 1.5 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Dell Automated PC TuneUp (HKLM\...\{FE34691C-4298-4667-9758-D7F534DD0B94}) (Version: 1.0.3085 - Dell)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Network Assistant (HKLM\...\{0240BDFB-2995-4A3F-8C96-18D41282B716}) (Version: 3.0.0.0 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.0.07282 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 9.1.18.6 - Synaptics)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.102.15.61 - Dell Inc.)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileZilla Client 3.1.1.1 (HKLM\...\FileZilla Client) (Version: 3.1.1.1 - )
Free Download Manager 2.5 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Laptop Integrated Webcam Driver (1.03.02.0719) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.5.3104.1 - Creative)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
OpenOffice.org 3.1 (HKLM\...\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}) (Version: 3.1.9420 - OpenOffice.org)
Ovi Desktop Sync Engine (Version: 1.5.161.0 - Nokia) Hidden
OviMPlatform (Version: 2.7.44.2 - Nokia) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
QuickSet (HKLM\...\{7F0C4457-8E64-491B-8D7B-991504365D1E}) (Version: 8.0.13 - Dell Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 2.0.06.13151 - Sony Corporation)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Symantec Endpoint Protection (HKLM\...\{2EFCC193-D915-4CCB-9201-31773A27BC06}) (Version: 11.0.5002.333 - Symantec Corporation)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WPS Office (9.1.0.4746) (HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\WPS Office) (Version: 9.1.0.4746 - Kingsoft Corp.)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Internet Mail (HKLM\...\Yahoo! Internet Mail) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020812-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020820-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020821-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020830-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020832-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020900-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020906-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020906-0000-4b30-A977-D214852036FF}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020907-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{000209FF-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{000209FF-0000-4b30-A977-D214852036FF}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00024500-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{0002CE21-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\ksee\EqnEdit.exe (Design Science, Inc.)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{048EB43E-2059-422F-95E0-557DA96038AF}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{18A06B6B-2F3F-4E2B-A611-52BE631B2D22}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{3C18EAE4-BC25-4134-B7DF-1ECA1337DDDC}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{44720441-94BF-4940-926D-4F38FECF2A48}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{44720444-94BF-4940-926D-4F38FECF2A48}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{45540001-5750-5300-4B49-4E47534F4655}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{45540003-5750-5300-4B49-4E47534F4655}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{4D4E0078-1386-4536-BD05-3E1013F17116}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\oledefaulthandler.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{64818D10-4F9B-11CF-86EA-00AA00B929E8}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{64818D11-4F9B-11CF-86EA-00AA00B929E8}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{75D01070-1234-44E9-82F6-DB5B39A47C13}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{8A624388-AA27-43E0-89F8-2A12BFF7BCCD}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{912ABC52-36E2-4714-8E62-A8B73CA5E390}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{91493441-5A91-11CF-8700-00AA0060263B}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{CF4F55F4-8F87-4D47-80BB-5808164BB3F8}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{DC020317-E6E2-4A62-B9FA-B3EFE16626F4}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{F4754C9B-64F5-4B40-8AF4-679732AC0607}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
==================== Restore Points =========================
09-03-2015 12:02:41 Scheduled Checkpoint
10-03-2015 08:33:07 Scheduled Checkpoint
10-03-2015 12:01:10 Windows Update
12-03-2015 03:00:22 Windows Update
12-03-2015 08:04:20 Windows Update
14-03-2015 11:52:48 Scheduled Checkpoint
15-03-2015 11:48:59 Removed Symantec Endpoint Protection.
15-03-2015 12:01:02 Removed Ask Toolbar.
15-03-2015 12:02:50 Removed Facebook Video Calling 1.2.0.287
15-03-2015 12:03:26 Removed Java 6 Update 37
15-03-2015 12:04:34 Removed Java SE Runtime Environment 6
15-03-2015 12:05:53 Removed Google Toolbar for Internet Explorer
15-03-2015 12:09:46 Removed Nero BurnLite 10.
15-03-2015 12:10:56 Removed Nero BurnLite 10.
15-03-2015 12:12:41 Removed Nokia Connectivity Cable Driver
15-03-2015 12:15:02 Removed Search Settings v1.2.3.
15-03-2015 12:15:57 Removed Symantec Endpoint Protection.
15-03-2015 12:30:38 Removed Zoozoo widget
15-03-2015 12:32:29 Removed Symantec Endpoint Protection.
15-03-2015 13:10:10 Removed PC Connectivity Solution
15-03-2015 13:23:08 Removed Symantec Endpoint Protection.
15-03-2015 13:26:53 Removed Ask Toolbar.
15-03-2015 13:29:59 Removed Facebook Video Calling 1.2.0.287
15-03-2015 13:36:55 Removed Symantec Endpoint Protection.
15-03-2015 13:55:25 Removed Symantec Endpoint Protection.
15-03-2015 15:06:52 Restore Point Created by FRST
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 15:53 - 2008-08-22 01:11 - 00259901 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 1001-search.info
127.0.0.1 www.1001-search.info
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
127.0.0.1 123topsearch.com
127.0.0.1 www.132.com
127.0.0.1 132.com
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 www.139mm.com
127.0.0.1 139mm.com
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {001B59FC-7DCC-4D33-A2ED-15182A2F5686} - System32\Tasks\{2CD37C56-66DD-4BDE-B7B9-492866C3E6C4} => pcalua.exe -a C:\Users\Abhishek\Desktop\OOo_3.2.0_Win32Intel_install_wJRE_en-US.exe -d "C:\Program Files\OpenOffice.org 3\program"
Task: {084AD666-F8B5-4090-9C38-CFFF8D6C4E67} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {15859CE5-7BDD-48CB-9612-007393573DFF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {1AB3785F-41B9-45D2-9979-9BB9785E9602} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4265441916-1708264049-1492465063-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {239F1C0C-DBFE-4EA8-861A-B7E44453A2DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {23AD59E5-7B45-4DAE-97D1-96FDD0308AD7} - System32\Tasks\WpsUpdateTask_Abhishek => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsupdate.exe [2014-08-17] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {33009D32-EEF0-44B4-8975-E7C369FD6136} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000Core => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17] (Facebook Inc.)
Task: {959C5621-FAB9-4A3A-9C23-922E309F6213} - System32\Tasks\{39C5E658-A847-4D3C-9BE1-8932FB0C83ED} => pcalua.exe -a C:\Users\Abhishek\Downloads\Cleanup.exe -d C:\Users\Abhishek\Downloads
Task: {B5E80C9A-78B6-4B1D-B89E-B6B2B8EF0956} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {C22D95F8-BEAC-4087-93D5-B9137B7160C3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4265441916-1708264049-1492465063-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E1575974-A5DD-496D-8DAC-F91AE17A5AF6} - System32\Tasks\WpsNotifyTask_Abhishek => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsnotify.exe [2014-08-17] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {ED0D0DE3-CAAC-4954-B6A5-339256A524FE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000UA => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17] (Facebook Inc.)
Task: {EF98DFEF-37BA-4345-B88B-AC78C08D03D4} - System32\Tasks\{70D6C1BD-CE5A-4232-85BB-A37964871491} => pcalua.exe -a "C:\Users\Abhishek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MVG1Q4W\RealPlayer11GOLD[2].exe" -d C:\Users\Abhishek
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000Core.job => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000UA.job => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WpsNotifyTask_Abhishek.job => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Abhishek.job => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsupdate.exe
==================== Loaded Modules (whitelisted) ==============
2007-12-28 13:59 - 2007-03-22 01:03 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2007-12-28 13:59 - 2007-03-22 01:03 - 00065536 _____ () C:\Windows\System32\bcmwlrmt.dll
2007-12-28 21:40 - 2007-06-29 14:52 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2008-08-11 20:18 - 2008-08-11 20:18 - 00094720 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2008-08-09 22:59 - 2007-05-22 10:59 - 00128512 _____ () C:\Program Files\WinRAR\rarext.dll
2014-10-29 23:45 - 2014-10-22 09:34 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-29 23:45 - 2014-10-22 09:34 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-29 23:45 - 2014-10-22 09:35 - 14902600 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:62E2D794
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\Vostro_NB_1280x864_02.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk => C:\Windows\pss\$McRebootA5E6DEAA56$.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Network Assistant.lnk => C:\Windows\pss\Dell Network Assistant.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk => C:\Windows\pss\QuickSet.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Abhishek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Abhishek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk => C:\Windows\pss\Picture Motion Browser Media Check Tool.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Abhishek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zoozoo widget.lnk => C:\Windows\pss\Zoozoo widget.lnk.Startup
==================== Accounts: =============================
Abhishek (S-1-5-21-4265441916-1708264049-1492465063-1000 - Administrator - Enabled) => C:\Users\Abhishek
Administrator (S-1-5-21-4265441916-1708264049-1492465063-500 - Administrator - Disabled)
Guest (S-1-5-21-4265441916-1708264049-1492465063-501 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft 6to4 Adapter #2
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft 6to4 Adapter #14
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #15
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft 6to4 Adapter #15
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft 6to4 Adapter #16
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft 6to4 Adapter #16
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{C3A4FEAA-4B57-4B7E-9001-D075AF9FDEFB}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{F4F704F8-A7E0-4717-BBE5-4D458E54592B}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{F4F704F8-A7E0-4717-BBE5-4D458E54592B}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/15/2015 03:06:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {29e40aa1-7293-42ce-88bc-b84b22a883cc}
Error: (03/15/2015 01:31:46 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Facebook Video Calling 1.2.0.287 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. The arguments are: , ,
Error: (03/15/2015 01:27:54 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .
Error: (03/15/2015 00:06:52 PM) (Source: Automatic LiveUpdate Scheduler) (EventID: 101) (User: Abhishek-PC)
Description: errorFailed unregistering service.
Error: (03/15/2015 00:03:21 PM) (Source: Google Update) (EventID: 20) (User: Abhishek-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (03/15/2015 00:03:10 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Facebook Video Calling 1.2.0.287 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. The arguments are: , ,
Error: (03/15/2015 00:01:43 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .
Error: (03/15/2015 11:53:38 AM) (Source: Symantec AntiVirus) (EventID: 74) (User: )
Description: TruScan has generated an error: code 11: description: Whitelist Failure
Error: (03/15/2015 11:18:40 AM) (Source: Google Update) (EventID: 20) (User: Abhishek-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (03/15/2015 11:05:40 AM) (Source: Google Update) (EventID: 20) (User: Abhishek-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
System errors:
=============
Error: (01/26/2009 09:53:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:51:28 on 26-01-2009 was unexpected.
Error: (01/26/2009 09:51:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Schedule
Error: (01/26/2009 04:36:42 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (01/25/2009 10:02:25 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (01/24/2009 02:31:41 PM) (Source: W32Time) (EventID: 34) (User: )
Description: The time service has detected that the system time needs to be changed by +86535 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.197.32:123) is working properly.
Error: (01/24/2009 02:16:14 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (01/24/2009 00:18:13 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
Error: (01/23/2009 03:05:34 PM) (Source: W32Time) (EventID: 34) (User: )
Description: The time service has detected that the system time needs to be changed by +86534 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.197.32:123) is working properly.
Error: (01/23/2009 02:50:16 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (01/22/2009 11:09:05 PM) (Source: W32Time) (EventID: 34) (User: )
Description: The time service has detected that the system time needs to be changed by +86534 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->207.46.232.182:123) is working properly.
Microsoft Office Sessions:
=========================
Error: (03/15/2015 03:06:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {29e40aa1-7293-42ce-88bc-b84b22a883cc}
Error: (03/15/2015 01:31:46 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Facebook Video Calling 1.2.0.287 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. The arguments are: , , (NULL)(NULL)(NULL)(NULL)
Error: (03/15/2015 01:27:54 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .(NULL)(NULL)(NULL)(NULL)
Error: (03/15/2015 00:06:52 PM) (Source: Automatic LiveUpdate Scheduler) (EventID: 101) (User: Abhishek-PC)
Description: errorFailed unregistering service.
Error: (03/15/2015 00:03:21 PM) (Source: Google Update) (EventID: 20) (User: Abhishek-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (03/15/2015 00:03:10 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Facebook Video Calling 1.2.0.287 -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2738. The arguments are: , , (NULL)(NULL)(NULL)(NULL)
Error: (03/15/2015 00:01:43 PM) (Source: MsiInstaller) (EventID: 10005) (User: Abhishek-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .(NULL)(NULL)(NULL)(NULL)
Error: (03/15/2015 11:53:38 AM) (Source: Symantec AntiVirus) (EventID: 74) (User: )
Description: TruScan has generated an error: code 11: description: Whitelist Failure
Error: (03/15/2015 11:18:40 AM) (Source: Google Update) (EventID: 20) (User: Abhishek-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (03/15/2015 11:05:40 AM) (Source: Google Update) (EventID: 20) (User: Abhishek-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
CodeIntegrity Errors:
===================================
Date: 2015-03-15 16:43:19.737
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 16:43:19.302
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 16:43:18.854
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 16:43:18.419
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 16:42:36.447
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 16:42:36.056
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 16:42:35.568
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 16:42:35.173
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 14:02:42.799
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-03-15 14:02:42.300
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T7250 @ 2.00GHz
Percentage of memory in use: 81%
Total physical RAM: 2037.45 MB
Available physical RAM: 378.53 MB
Total Pagefile: 4320.18 MB
Available Pagefile: 2529.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.38 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:138.97 GB) (Free:36.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 10000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=139 GB) - (Type=07 NTFS)
==================== End Of Log ============================