Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by Himel (administrator) on HIMEL-PC on 18-04-2015 14:39:32
Running from C:\Users\Himel\Desktop
Loaded Profiles: Himel (Available profiles: Himel)
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
() C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(BitTorrent Inc.) C:\Users\Himel\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Toolwiz) C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
() C:\Program Files (x86)\Banglalion WiMAX CM\cm\ssax226.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
() C:\Program Files (x86)\Banglalion WiMAX CM\cm\UIExec.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Dropbox, Inc.) C:\Users\Himel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ACD Systems, Ltd.) C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
() C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Toolwiz.com) C:\Program Files (x86)\ToolwizCareFree\ToolwizTools.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1757520 2014-12-09] (Bitdefender)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Device Detector] => C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe [212992 2003-09-17] (ACD Systems, Ltd.)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [CamWizard] => C:\Program Files (x86)\Common Files\Logitech\QCDRV\BIN\CamWizrd.exe [180224 2004-10-08] (Logitech Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [33792 2003-12-13] ()
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [933640 2012-01-19] (ABBYY.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [TWC.Win7] => C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe [48128 2015-03-19] ()
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3524032 2012-09-05] (Tonec Inc.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [BitTorrent] => C:\Users\Himel\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Avro Keyboard] => C:\Program Files (x86)\Avro Keyboard\Avro Keyboard.exe [4703600 2014-02-22] (OmicronLab)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [ToolwizCareFree] => C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe [5286672 2014-04-15] (Toolwiz)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Facebook Update] => C:\Users\Himel\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-07] (Facebook Inc.)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-17] (Bitdefender)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-09] (Bitdefender)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-17] (Bitdefender)
HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Run: [UIExec] => C:\Program Files (x86)\Banglalion WiMAX CM\cm\UIExec.exe [138240 2011-04-26] ()
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-12-09] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-17] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-17] (Bitdefender)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Himel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Himel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: [MountOverlayIcon] -> {0F49CF41-FD97-4942-9F2A-35E8B489E7FB} => C:\Program Files\WinMount\WinMTExt3.dll (WinMount International Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Himel\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-508991936-2902249004-412030178-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-508991936-2902249004-412030178-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2012-08-28] (Internet Download Manager, Tonec Inc.)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll [2014-08-17] (Bitdefender)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2012-09-05] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll [2014-08-17] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-16] (Oracle Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-16] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Toolbar: HKLM-x32 - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Himel\AppData\Roaming\Mozilla\Firefox\Profiles\1eoypucu.default-1425965987724
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-508991936-2902249004-412030178-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Himel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2014-05-29]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Himel\AppData\Roaming\Mozilla\Firefox\Profiles\1eoypucu.default-1425965987724\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-03-13]
FF Extension: Adblock Plus - C:\Users\Himel\AppData\Roaming\Mozilla\Firefox\Profiles\1eoypucu.default-1425965987724\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-07-09]
FF HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\Himel\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Himel\AppData\Roaming\IDM\idmmzcc5 [2014-01-21]
FF HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-508991936-2902249004-412030178-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Himel\AppData\Roaming\IDM\idmmzcc5
Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1415655261&from=smt&uid=HitachiXHDS721050CLA660_JP1572FL2R9P1K2R9P1KX
CHR StartupUrls: Default -> "hxxp://www.mystartsearch.com/?type=hp&ts=1415655261&from=smt&uid=HitachiXHDS721050CLA660_JP1572FL2R9P1K2R9P1KX"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-02]
CHR Extension: (Google Drive) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-02]
CHR Extension: (YouTube) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-02]
CHR Extension: (Google Search) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-02]
CHR Extension: (AdBlock) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Simple Sudoku) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhocoooidbfjgijmjkgmklomffoomeah [2015-01-06]
CHR Extension: (Skype Click to Call) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-20]
CHR Extension: (ljppcglljemjablfhgjdhndlpallobpl) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljppcglljemjablfhgjdhndlpallobpl [2015-02-09]
CHR Extension: (MailTrack for Gmail) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-02]
CHR Extension: (BrowseStudio) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdeochpnfpgmlahnhgohibmdefadjlka [2014-11-12]
CHR Extension: (Gmail) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-02]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-12-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [818952 2011-12-22] (ABBYY)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-06] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 ssax226; C:\Program Files (x86)\Banglalion WiMAX CM\cm\ssax226.exe [61440 2011-04-26] () [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-31] (TuneUp Software)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-17] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1538672 2014-12-09] (Bitdefender)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1288472 2014-12-09] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [263032 2014-12-09] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-17] (BitDefender)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [382464 2011-04-26] (Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [60416 2011-04-26] (Beceem communications pvt ltd.)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-07-09] (BitDefender SRL)
R1 BTOWSFF; C:\Windows\System32\Drivers\BTOWSFF.sys [33024 2014-04-15] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [52480 2014-04-15] (Toolwiz.com)
S3 CT_QUALCOMM_U_drv; C:\Windows\System32\DRIVERS\CT_QUALCOMM_U_drv.sys [118016 2009-04-27] (QUALCOMM Incorporated) [File not signed]
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2014-07-09] (BitDefender LLC)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52992 2014-04-15] (Toolwiz.com)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [9856 2013-06-18] (Padus, Inc.) [File not signed]
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-12-09] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R2 WMDrive; C:\Windows\SysWOW64\drivers\WMDrive.sys [63968 2013-06-18] (WinMount International Inc) [File not signed]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}w64; system32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 14:39 - 2015-04-18 14:39 - 00000000 ____D () C:\Users\Himel\Desktop\FRST-OlderVersion
2015-04-18 12:20 - 2015-04-18 13:06 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-18 12:20 - 2009-02-12 15:11 - 00026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2015-04-18 12:19 - 2015-04-18 12:58 - 00000000 ____D () C:\Program Files\Yodot Photo Recovery
2015-04-18 12:19 - 2015-04-18 12:19 - 00000871 _____ () C:\Users\Himel\Desktop\Yodot Photo Recovery.lnk
2015-04-18 12:19 - 2015-04-18 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yodot Photo Recovery
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\Users\Himel\Documents\R-TT
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R-Studio
2015-04-18 12:03 - 2015-04-18 12:03 - 00000000 ____D () C:\Program Files (x86)\R-Studio
2015-04-18 04:54 - 2015-04-18 04:56 - 00026039 _____ () C:\Users\Himel\Desktop\Addition.txt
2015-04-18 04:53 - 2015-04-18 14:39 - 00025426 _____ () C:\Users\Himel\Desktop\FRST.txt
2015-04-18 04:52 - 2015-04-18 14:39 - 00000000 ____D () C:\FRST
2015-04-18 04:51 - 2015-04-18 14:39 - 02098176 _____ (Farbar) C:\Users\Himel\Desktop\FRST64.exe
2015-04-15 00:26 - 2015-04-15 00:29 - 00000000 ____D () C:\Users\Himel\Desktop\InSHaAllah
2015-04-13 10:04 - 2015-04-13 10:05 - 50691128 _____ () C:\Users\Himel\Downloads\Staying True to yourself in the Film Industry w_ Meosha Bean.mp4
2015-04-13 00:58 - 2015-04-13 00:59 - 17945591 _____ () C:\Users\Himel\Downloads\SYMPHONY_60 sec.mp4
2015-04-12 12:06 - 2015-04-12 12:06 - 13733915 _____ () C:\Users\Himel\Downloads\AnwarPipe.mp4
2015-04-12 11:24 - 2015-04-12 11:26 - 72853379 _____ () C:\Users\Himel\Downloads\How to Cut a Film - The Secrets of Editing - Film School'd.mp4
2015-04-12 10:31 - 2015-04-12 10:31 - 14218240 _____ () C:\Users\Himel\Downloads\Anwar_pipes_Elephant_anim_v003_001.avi
2015-04-11 21:57 - 2015-04-11 22:06 - 00000000 ____D () C:\Users\Himel\Desktop\contract
2015-04-11 11:22 - 2015-04-11 11:23 - 73909493 _____ () C:\Users\Himel\Downloads\How To Be A Filmmaker.mp4
2015-04-11 11:22 - 2015-04-11 11:23 - 42878006 _____ () C:\Users\Himel\Downloads\How To Be A Filmmaker - Behind the Scenes.mp4
2015-04-10 03:18 - 2015-04-10 03:18 - 00024093 _____ () C:\Users\Himel\Downloads\eligible_countries_04082015.xlsx
2015-04-10 01:36 - 2015-04-10 01:36 - 00008714 _____ () C:\Users\Himel\Desktop\New Microsoft Office Excel Worksheet.xlsx
2015-04-08 02:25 - 2015-04-08 02:25 - 00000263 _____ () C:\Users\Himel\Downloads\tmp00297.ris
2015-04-07 02:36 - 2015-04-07 02:36 - 00000000 ____D () C:\Users\Himel\Downloads\Compressed
2015-04-06 13:46 - 2015-04-06 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-04 11:43 - 2015-04-04 11:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-04-04 11:43 - 2015-04-04 11:43 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2015-03-28 11:20 - 2015-04-04 11:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-26 22:09 - 2015-03-26 22:09 - 00002845 _____ () C:\Users\Public\Desktop\ABBYY FineReader 11.lnk
2015-03-26 22:09 - 2015-03-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 11
2015-03-25 11:00 - 2015-03-25 11:00 - 00000000 ____D () C:\Users\Himel\Desktop\Anwar A1
2015-03-24 21:26 - 2015-04-11 03:13 - 00000000 ____D () C:\Users\Himel\Desktop\Now_Work
2015-03-24 07:16 - 2015-03-24 07:16 - 00000000 ____D () C:\Users\Himel\Downloads\Torrent
2015-03-24 07:15 - 2015-03-24 07:15 - 00016366 _____ () C:\Users\Himel\Downloads\[kickass.to]life.in.a.metro.2007.hindi.720p.hdrip.x264.ac3.hon3y.torrent
2015-03-22 00:33 - 2015-03-22 00:33 - 00000000 ____D () C:\Users\Himel\Downloads\New folder
2015-03-21 01:09 - 2015-03-21 01:18 - 63765057 _____ () C:\Users\Himel\Downloads\Fazle Hasan Abed interviewed by BBC on Hard Talk.mp4
2015-03-20 19:24 - 2015-04-12 20:15 - 00000000 ____D () C:\Users\Himel\Desktop\Further work_CSD
2015-03-19 12:05 - 2015-03-19 12:05 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\FlvPlayer
2015-03-19 12:05 - 2015-03-19 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-18 14:37 - 2014-02-12 21:59 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\BitTorrent
2015-04-18 14:36 - 2009-07-14 11:13 - 00847856 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-18 14:30 - 2013-08-28 12:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 14:20 - 2014-11-13 11:16 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff00fd3c5038.job
2015-04-18 14:15 - 2013-10-02 19:35 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-18 13:32 - 2013-06-18 22:54 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Skype
2015-04-18 13:09 - 2014-02-07 16:01 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-508991936-2902249004-412030178-1000UA.job
2015-04-18 12:59 - 2014-09-27 21:38 - 00000000 ____D () C:\Users\Himel\Desktop\Himel_2
2015-04-18 12:02 - 2013-06-18 18:18 - 01851210 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 12:01 - 2014-08-03 05:12 - 00122923 _____ () C:\Windows\setupact.log
2015-04-18 10:04 - 2009-07-14 10:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 10:04 - 2009-07-14 10:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 09:57 - 2014-11-13 11:16 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfff00fc0ccc77.job
2015-04-18 09:57 - 2014-01-21 16:12 - 00000000 ___RD () C:\Users\Himel\Dropbox
2015-04-18 09:57 - 2014-01-21 16:09 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Dropbox
2015-04-18 09:57 - 2013-10-02 19:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-18 09:56 - 2014-08-17 12:00 - 00023508 _____ () C:\Windows\PFRO.log
2015-04-18 09:56 - 2009-07-14 11:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-18 05:02 - 2014-01-21 16:13 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\DMCache
2015-04-18 05:00 - 2014-06-06 01:55 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\vlc
2015-04-18 04:37 - 2015-03-13 04:44 - 00000000 ____D () C:\UsbFix
2015-04-17 16:09 - 2014-02-07 16:01 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-508991936-2902249004-412030178-1000Core.job
2015-04-17 10:16 - 2013-10-02 19:39 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-15 17:46 - 2013-08-28 12:34 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 17:46 - 2013-08-28 12:34 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 17:46 - 2013-07-20 01:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 00:15 - 2015-02-08 22:56 - 00000000 ____D () C:\Users\Himel\Desktop\NOW_Apply
2015-04-13 23:01 - 2014-02-02 11:06 - 00000000 ____D () C:\Users\Himel\Desktop\Opportunity_main
2015-04-10 11:43 - 2014-01-21 16:10 - 00000000 ____D () C:\Users\Himel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-07 19:59 - 2014-02-08 10:45 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-04-06 23:14 - 2014-01-21 16:31 - 00000000 ____D () C:\Users\Himel\Desktop\Hillol
2015-04-06 18:50 - 2013-06-18 22:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-31 03:32 - 2013-06-18 22:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-28 11:21 - 2013-07-08 14:49 - 00000000 ____D () C:\Users\Himel\AppData\Local\Adobe
2015-03-26 22:10 - 2014-10-05 01:22 - 00000000 ____D () C:\Program Files (x86)\ABBYY FineReader 11
2015-03-26 22:05 - 2014-10-05 01:52 - 00000000 ____D () C:\Users\Himel\AppData\Local\ABBYY
2015-03-26 22:05 - 2014-10-05 01:52 - 00000000 ____D () C:\ProgramData\ABBYY
2015-03-25 23:53 - 2013-06-18 22:41 - 00000000 ____D () C:\Users\Himel\AppData\Local\Microsoft Help
2015-03-25 09:16 - 2009-07-14 11:08 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-24 21:25 - 2014-10-04 02:47 - 00000000 ____D () C:\Users\Himel\Desktop\Env governenace
2015-03-24 06:56 - 2014-02-01 13:46 - 00000000 ____D () C:\temp
==================== Files in the root of some directories =======
2014-02-13 13:36 - 2014-02-13 13:36 - 0003584 _____ () C:\Users\Himel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-09 10:06 - 2014-07-09 10:06 - 0386687 _____ () C:\ProgramData\1404878512.bdinstall.bin
Some content of TEMP:
====================
C:\Users\Himel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw4tpxp.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-14 11:23
==================== End Of Log ============================
My memory card shows USBCαÇ and does not show any files [Closed]
#1
Posted 18 April 2015 - 02:44 AM
#2
Posted 18 April 2015 - 07:18 AM
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosear...4_ctrl&tsp=5269
SearchScopes: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-508991936-2902249004-412030178-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
CHR Extension: (ljppcglljemjablfhgjdhndlpallobpl) - C:\Users\Himel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljppcglljemjablfhgjdhndlpallobpl [2015-02-09]
S1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}w64; system32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}w64.sys [X]
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Download MCShield to your desktop and install
It will initially run a scan and show the result as a toaster by the system clock
Then in the control centre select scanner and tick unhide items on flash drives
Plug in the drive and McShield will start a scan
Then get the log which will be located under the logs tab on the main page
And post that
#3
Posted 22 April 2015 - 01:34 PM
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users