Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My memory card shows USBCαÇ and does not show any files [Closed]

Started by khalid34 , Apr 18 2015 02:44 AM

  • This topic is locked This topic is locked

#1
khalid34
Posted 18 April 2015 - 02:44 AM

khalid34

    New Member

  • Member
  • Pip
  • 1 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by Himel (administrator) on HIMEL-PC on 18-04-2015 14:39:32
Running from C:\Users\Himel\Desktop
Loaded Profiles: Himel (Available profiles: Himel)
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
() C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(BitTorrent Inc.) C:\Users\Himel\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Toolwiz) C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Program Files (x86)\Banglalion WiMAX CM\cm\ssax226.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
() C:\Program Files (x86)\Banglalion WiMAX CM\cm\UIExec.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Dropbox, Inc.) C:\Users\Himel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ACD Systems, Ltd.) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Toolwiz.com) C:\Program Files (x86)\ToolwizCareFree\ToolwizTools.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2014-12-09] (Bitdefender)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Device Detector] => C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe [212992 2003-09-17] (ACD Systems, Ltd.)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [CamWizard] => C:\Program Files (x86)\Common Files\Logitech\QCDRV\BIN\CamWizrd.exe [180224 2004-10-08] (Logitech Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [33792 2003-12-13] ()
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [933640 2012-01-19] (ABBYY.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [TWC.Win7] => C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe [48128 2015-03-19] ()
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3524032 2012-09-05] (Tonec Inc.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [BitTorrent] => C:\Users\Himel\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Avro Keyboard] => C:\Program Files (x86)\Avro Keyboard\Avro Keyboard.exe [4703600 2014-02-22] (OmicronLab)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [ToolwizCareFree] => C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe [5286672 2014-04-15] (Toolwiz)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Facebook Update] => C:\Users\Himel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-07] (Facebook Inc.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-17] (Bitdefender)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-09] (Bitdefender)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-17] (Bitdefender)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [UIExec] => C:\Program Files (x86)\Banglalion WiMAX CM\cm\UIExec.exe [138240 2011-04-26] ()
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-09] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-17] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-17] (Bitdefender)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Himel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Himel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [MountOverlayIcon] -> {0F49CF41-FD97-4942-9F2A-35E8B489E7FB} => C:\Program Files\WinMount\WinMTExt3.dll (WinMount International Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-508991936-2902249004-412030178-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-508991936-2902249004-412030178-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2012-08-28] (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-08-17] (Bitdefender)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2012-09-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll [2014-08-17] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-16] (Oracle Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-16] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Toolbar: HKLM-x32 - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Himel\AppData\Roaming\Mozilla\Firefox\Profiles\1eoypucu.default-1425965987724
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-508991936-2902249004-412030178-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Himel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2014-05-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Himel\AppData\Roaming\Mozilla\Firefox\Profiles\1eoypucu.default-1425965987724\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-03-13]
FF Extension: Adblock Plus - C:\Users\Himel\AppData\Roaming\Mozilla\Firefox\Profiles\1eoypucu.default-1425965987724\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-07-09]
FF HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Himel\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Himel\AppData\Roaming\IDM\idmmzcc5 [2014-01-21]
FF HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Himel\AppData\Roaming\IDM\idmmzcc5

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1415655261&from=smt&uid=HitachiXHDS721050CLA660_JP1572FL2R9P1K2R9P1KX
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1415655261&from=smt&uid=HitachiXHDS721050CLA660_JP1572FL2R9P1K2R9P1KX"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-02]
CHR Extension: (Google Drive) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-02]
CHR Extension: (YouTube) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-02]
CHR Extension: (Google Search) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-02]
CHR Extension: (AdBlock) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Simple Sudoku) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhocoooidbfjgijmjkgmklomffoomeah [2015-01-06]
CHR Extension: (Skype Click to Call) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-20]
CHR Extension: (ljppcglljemjablfhgjdhndlpallobpl) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljppcglljemjablfhgjdhndlpallobpl [2015-02-09]
CHR Extension: (MailTrack for Gmail) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-02]
CHR Extension: (BrowseStudio) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdeochpnfpgmlahnhgohibmdefadjlka [2014-11-12]
CHR Extension: (Gmail) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-02]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-12-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-06] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 ssax226; C:\Program Files (x86)\Banglalion WiMAX CM\cm\ssax226.exe [61440 2011-04-26] () [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-31] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-17] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2014-12-09] (Bitdefender)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-12-09] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-12-09] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-17] (BitDefender)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [382464 2011-04-26] (Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [60416 2011-04-26] (Beceem communications pvt ltd.)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-07-09] (BitDefender SRL)
R1 BTOWSFF; C:\Windows\System32\Drivers\BTOWSFF.sys [33024 2014-04-15] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [52480 2014-04-15] (Toolwiz.com)
S3 CT_QUALCOMM_U_drv; C:\Windows\System32\DRIVERS\CT_QUALCOMM_U_drv.sys [118016 2009-04-27] (QUALCOMM Incorporated) [File not signed]
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2014-07-09] (BitDefender LLC)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52992 2014-04-15] (Toolwiz.com)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2013-06-18] (Padus, Inc.) [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-09] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R2 WMDrive; C:\Windows\SysWOW64\drivers\WMDrive.sys [63968 2013-06-18] (WinMount International Inc) [File not signed]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}w64; system32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-18 14:39 - 2015-04-18 14:39 - 00000000 ____D () C:\Users\Himel\Desktop\FRST-OlderVersion
2015-04-18 12:20 - 2015-04-18 13:06 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-18 12:20 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2015-04-18 12:19 - 2015-04-18 12:58 - 00000000 ____D () C:\Program Files\Yodot Photo Recovery
2015-04-18 12:19 - 2015-04-18 12:19 - 00000871 _____ () C:\Users\Himel\Desktop\Yodot Photo Recovery.lnk
2015-04-18 12:19 - 2015-04-18 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yodot Photo Recovery
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\Users\Himel\Documents\R-TT
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R-Studio
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\Program Files (x86)\R-Studio
2015-04-18 04:54 - 2015-04-18 04:56 - 00026039 _____ () C:\Users\Himel\Desktop\Addition.txt
2015-04-18 04:53 - 2015-04-18 14:39 - 00025426 _____ () C:\Users\Himel\Desktop\FRST.txt
2015-04-18 04:52 - 2015-04-18 14:39 - 00000000 ____D () C:\FRST
2015-04-18 04:51 - 2015-04-18 14:39 - 02098176 _____ (Farbar) C:\Users\Himel\Desktop\FRST64.exe
2015-04-15 00:26 - 2015-04-15 00:29 - 00000000 ____D () C:\Users\Himel\Desktop\InSHaAllah
2015-04-13 10:04 - 2015-04-13 10:05 - 50691128 _____ () C:\Users\Himel\Downloads\Staying True to yourself in the Film Industry w_ Meosha Bean.mp4
2015-04-13 00:58 - 2015-04-13 00:59 - 17945591 _____ () C:\Users\Himel\Downloads\SYMPHONY_60 sec.mp4
2015-04-12 12:06 - 2015-04-12 12:06 - 13733915 _____ () C:\Users\Himel\Downloads\AnwarPipe.mp4
2015-04-12 11:24 - 2015-04-12 11:26 - 72853379 _____ () C:\Users\Himel\Downloads\How to Cut a Film - The Secrets of Editing - Film School'd.mp4
2015-04-12 10:31 - 2015-04-12 10:31 - 14218240 _____ () C:\Users\Himel\Downloads\Anwar_pipes_Elephant_anim_v003_001.avi
2015-04-11 21:57 - 2015-04-11 22:06 - 00000000 ____D () C:\Users\Himel\Desktop\contract
2015-04-11 11:22 - 2015-04-11 11:23 - 73909493 _____ () C:\Users\Himel\Downloads\How To Be A Filmmaker.mp4
2015-04-11 11:22 - 2015-04-11 11:23 - 42878006 _____ () C:\Users\Himel\Downloads\How To Be A Filmmaker - Behind the Scenes.mp4
2015-04-10 03:18 - 2015-04-10 03:18 - 00024093 _____ () C:\Users\Himel\Downloads\eligible_countries_04082015.xlsx
2015-04-10 01:36 - 2015-04-10 01:36 - 00008714 _____ () C:\Users\Himel\Desktop\New Microsoft Office Excel Worksheet.xlsx
2015-04-08 02:25 - 2015-04-08 02:25 - 00000263 _____ () C:\Users\Himel\Downloads\tmp00297.ris
2015-04-07 02:36 - 2015-04-07 02:36 - 00000000 ____D () C:\Users\Himel\Downloads\Compressed
2015-04-06 13:46 - 2015-04-06 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-04 11:43 - 2015-04-04 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-04-04 11:43 - 2015-04-04 11:43 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-03-28 11:20 - 2015-04-04 11:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-26 22:09 - 2015-03-26 22:09 - 00002845 _____ () C:\Users\Public\Desktop\ABBYY FineReader 11.lnk
2015-03-26 22:09 - 2015-03-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 11
2015-03-25 11:00 - 2015-03-25 11:00 - 00000000 ____D () C:\Users\Himel\Desktop\Anwar A1
2015-03-24 21:26 - 2015-04-11 03:13 - 00000000 ____D () C:\Users\Himel\Desktop\Now_Work
2015-03-24 07:16 - 2015-03-24 07:16 - 00000000 ____D () C:\Users\Himel\Downloads\Torrent
2015-03-24 07:15 - 2015-03-24 07:15 - 00016366 _____ () C:\Users\Himel\Downloads\[kickass.to]life.in.a.metro.2007.hindi.720p.hdrip.x264.ac3.hon3y.torrent
2015-03-22 00:33 - 2015-03-22 00:33 - 00000000 ____D () C:\Users\Himel\Downloads\New folder
2015-03-21 01:09 - 2015-03-21 01:18 - 63765057 _____ () C:\Users\Himel\Downloads\Fazle Hasan Abed interviewed by BBC on Hard Talk.mp4
2015-03-20 19:24 - 2015-04-12 20:15 - 00000000 ____D () C:\Users\Himel\Desktop\Further work_CSD
2015-03-19 12:05 - 2015-03-19 12:05 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\FlvPlayer
2015-03-19 12:05 - 2015-03-19 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-18 14:37 - 2014-02-12 21:59 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\BitTorrent
2015-04-18 14:36 - 2009-07-14 11:13 - 00847856 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-18 14:30 - 2013-08-28 12:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 14:20 - 2014-11-13 11:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff00fd3c5038.job
2015-04-18 14:15 - 2013-10-02 19:35 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-18 13:32 - 2013-06-18 22:54 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Skype
2015-04-18 13:09 - 2014-02-07 16:01 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-508991936-2902249004-412030178-1000UA.job
2015-04-18 12:59 - 2014-09-27 21:38 - 00000000 ____D () C:\Users\Himel\Desktop\Himel_2
2015-04-18 12:02 - 2013-06-18 18:18 - 01851210 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 12:01 - 2014-08-03 05:12 - 00122923 _____ () C:\Windows\setupact.log
2015-04-18 10:04 - 2009-07-14 10:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 10:04 - 2009-07-14 10:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 09:57 - 2014-11-13 11:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff00fc0ccc77.job
2015-04-18 09:57 - 2014-01-21 16:12 - 00000000 ___RD () C:\Users\Himel\Dropbox
2015-04-18 09:57 - 2014-01-21 16:09 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Dropbox
2015-04-18 09:57 - 2013-10-02 19:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-18 09:56 - 2014-08-17 12:00 - 00023508 _____ () C:\Windows\PFRO.log
2015-04-18 09:56 - 2009-07-14 11:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-18 05:02 - 2014-01-21 16:13 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\DMCache
2015-04-18 05:00 - 2014-06-06 01:55 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\vlc
2015-04-18 04:37 - 2015-03-13 04:44 - 00000000 ____D () C:\UsbFix
2015-04-17 16:09 - 2014-02-07 16:01 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-508991936-2902249004-412030178-1000Core.job
2015-04-17 10:16 - 2013-10-02 19:39 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-15 17:46 - 2013-08-28 12:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 17:46 - 2013-08-28 12:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 17:46 - 2013-07-20 01:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 00:15 - 2015-02-08 22:56 - 00000000 ____D () C:\Users\Himel\Desktop\NOW_Apply
2015-04-13 23:01 - 2014-02-02 11:06 - 00000000 ____D () C:\Users\Himel\Desktop\Opportunity_main
2015-04-10 11:43 - 2014-01-21 16:10 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-07 19:59 - 2014-02-08 10:45 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-04-06 23:14 - 2014-01-21 16:31 - 00000000 ____D () C:\Users\Himel\Desktop\Hillol
2015-04-06 18:50 - 2013-06-18 22:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-31 03:32 - 2013-06-18 22:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-28 11:21 - 2013-07-08 14:49 - 00000000 ____D () C:\Users\Himel\AppData\Local\Adobe
2015-03-26 22:10 - 2014-10-05 01:22 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 11
2015-03-26 22:05 - 2014-10-05 01:52 - 00000000 ____D () C:\Users\Himel\AppData\Local\ABBYY
2015-03-26 22:05 - 2014-10-05 01:52 - 00000000 ____D () C:\ProgramData\ABBYY
2015-03-25 23:53 - 2013-06-18 22:41 - 00000000 ____D () C:\Users\Himel\AppData\Local\Microsoft Help
2015-03-25 09:16 - 2009-07-14 11:08 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-24 21:25 - 2014-10-04 02:47 - 00000000 ____D () C:\Users\Himel\Desktop\Env governenace
2015-03-24 06:56 - 2014-02-01 13:46 - 00000000 ____D () C:\temp

==================== Files in the root of some directories =======

2014-02-13 13:36 - 2014-02-13 13:36 - 0003584 _____ () C:\Users\Himel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-09 10:06 - 2014-07-09 10:06 - 0386687 _____ () C:\ProgramData\1404878512.bdinstall.bin

Some content of TEMP:
====================
C:\Users\Himel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw4tpxp.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 11:23

==================== End Of Log ============================

Attached Files

  • Attached File  FRST.txt   35.04KB   139 downloads

  • 0

Advertisements

#2
Essexboy
Posted 18 April 2015 - 07:18 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Let me know if this restores the files on the card

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
CHR Extension: (ljppcglljemjablfhgjdhndlpallobpl) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljppcglljemjablfhgjdhndlpallobpl [2015-02-09]
S1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}w64; system32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w64.sys [X]
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download MCShield to your desktop and install
It will initially run a scan and show the result as a toaster by the system clock
Then in the control centre select scanner and tick unhide items on flash drives
mcshield%20unhide.JPG
Plug in the drive and McShield will start a scan

Then get the log which will be located under the logs tab on the main page

And post that
  • 0

#3
Essexboy
Posted 22 April 2015 - 01:34 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP