Hi zep516,
Sincere thanks for your response. As asked copied below are both the logs:
FIRST.txt
***********************************************************************************************************************************************************************************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2015
Ran by Abhishek (administrator) on ABHISHEK-PC on 26-04-2015 23:26:21
Running from C:\Users\Abhishek\Desktop\lappy servicing\[bleep] 2
Loaded Profiles: Abhishek (Available profiles: Abhishek)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SingleClick Systems) C:\Program Files\Dell Network Assistant\hnm_svc.exe
(SigmaTel, Inc.) C:\Windows\System32\stacsv.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(SigmaTel, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Gteko Ltd.) C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-06-27] (SigmaTel, Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\real\realplayer\update\realsched.exe [296096 2012-08-14] (RealNetworks, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [3563520 2009-01-20] (Dell Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [DellAutomatedPCTuneUp] => C:\Program Files\DellAutomatedPCTuneUp\PTAgnt.exe [465136 2007-10-11] (Gteko Ltd.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [5244216 2010-02-17] (Yahoo! Inc.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [Facebook Update] => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-17] (Facebook Inc.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-03-25]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
BootExecute:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-05] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2010-02-17] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-08-14] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-22] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-22] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc;version=0.8.6f -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-28]
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2011-05-01]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-08-14]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2011-05-01]
Chrome:
=======
CHR Profile: C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-22]
CHR Extension: (PNR Status Watchlist) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\almdggoleggeecgelbjekpmefpohdjck [2015-04-19]
CHR Extension: (Google Docs) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-22]
CHR Extension: (eRail.in) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aopfgjfeiimeioiajeknfidlljpoebgc [2015-04-19]
CHR Extension: (Google Drive) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-22]
CHR Extension: (YouTube) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-22]
CHR Extension: (Google Search) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-22]
CHR Extension: (Google Sheets) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-22]
CHR Extension: (Bookmark Manager) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-03-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-22]
CHR Extension: (Google Wallet) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-22]
CHR Extension: (Gmail) - C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-22]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-08-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 DellAMBrokerService; C:\Program Files\DellAutomatedPCTuneUp\brkrsvc.exe [76016 2007-10-11] ()
R2 hnmsvc; C:\Program Files\Dell Network Assistant\hnm_svc.exe [112176 2007-05-25] (SingleClick Systems)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-06-27] (SigmaTel, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2009-01-20] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2009-01-20] (Broadcom Corporation)
R2 datunidr; C:\Windows\System32\DRIVERS\datunidr.sys [5376 2007-08-24] (Gteko Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKslf2e8b7a6; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD20BC29-AA24-4E0C-AAF5-F44855349B97}\MpKslf2e8b7a6.sys [39464 2015-04-26] (Microsoft Corporation)
R2 Packet; C:\Windows\System32\DRIVERS\packet.sys [12672 2006-12-19] (SingleClick Systems)
R3 PTproct; C:\Program Files\DellAutomatedPCTuneUp\GTAction\triggers\PTproct.sys [4736 2006-10-06] (Gteko Ltd.) [File not signed]
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions) [File not signed]
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-06-27] (SigmaTel, Inc.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
S3 ztemtusbser; system32\DRIVERS\CT_ZTEMT_U_USBSER.sys [X]
S3 zteusbser; system32\DRIVERS\ztemtusbser.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-25 19:43 - 2015-04-25 19:45 - 00000000 ____D () C:\Users\Abhishek\Downloads\CV healthcare
2015-04-25 19:42 - 2015-04-25 19:42 - 00000000 ____D () C:\Users\Abhishek\Downloads\CV airlines
2015-04-25 19:35 - 2015-04-25 19:38 - 00000000 ____D () C:\Users\Abhishek\Downloads\CV banking
2015-04-25 14:23 - 2015-04-25 14:23 - 00000000 ____D () C:\Program Files\MSECache
2015-04-25 14:22 - 2015-04-25 14:22 - 38808920 _____ (Microsoft Corporation) C:\Users\Abhishek\Downloads\FileFormatConverters.exe
2015-04-20 03:24 - 2015-03-09 06:31 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-20 03:10 - 2015-03-05 07:54 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-20 03:09 - 2015-03-14 07:51 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-20 03:09 - 2015-03-13 07:21 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-20 03:09 - 2015-03-13 07:21 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-20 03:09 - 2015-03-05 08:02 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-20 03:09 - 2015-03-05 07:53 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-19 17:49 - 2015-03-10 04:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-19 17:49 - 2015-03-10 04:32 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-19 17:49 - 2015-03-10 04:27 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-19 17:49 - 2015-03-10 04:27 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-19 17:49 - 2015-03-10 04:26 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-19 17:49 - 2015-03-10 04:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-19 17:49 - 2015-03-10 04:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-19 17:49 - 2015-03-10 04:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-19 17:49 - 2015-03-10 04:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-19 17:49 - 2015-03-10 04:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-19 17:49 - 2015-03-10 04:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-19 17:49 - 2015-03-10 04:25 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-19 17:49 - 2015-03-10 04:25 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-19 17:49 - 2015-03-10 04:25 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-19 17:49 - 2015-03-10 04:25 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-19 17:49 - 2015-03-10 04:25 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-19 17:49 - 2015-03-10 04:25 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-19 17:49 - 2015-03-10 04:25 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-19 17:49 - 2015-03-10 04:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-19 17:49 - 2015-03-10 04:25 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-19 17:48 - 2015-03-10 04:36 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-19 17:48 - 2015-03-10 04:30 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-18 13:24 - 2015-04-21 14:14 - 00000082 _____ () C:\Users\Abhishek\Desktop\you.txt
2015-04-18 13:05 - 2015-04-18 13:05 - 00000520 _____ () C:\Users\Abhishek\Desktop\Broadband Connection - Shortcut.lnk
2015-03-29 16:06 - 2015-03-29 21:59 - 00000000 ____D () C:\Users\Abhishek\Downloads\Attachments_2015329
2015-03-29 16:05 - 2015-03-29 16:05 - 00068653 _____ () C:\Users\Abhishek\Downloads\Attachments_2015329.zip
2015-03-28 21:40 - 2015-03-28 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2015-03-28 21:40 - 2015-03-28 21:40 - 00000000 ____D () C:\ProgramData\Foolish IT
2015-03-28 21:40 - 2015-03-28 21:40 - 00000000 ____D () C:\Program Files\Foolish IT
2015-03-28 21:38 - 2015-03-28 21:38 - 00000000 ____D () C:\Users\Abhishek\AppData\Local\Secunia PSI
2015-03-28 21:34 - 2015-03-28 21:34 - 00000000 ____D () C:\Program Files\Secunia
2015-03-28 20:08 - 2015-03-28 20:08 - 00781312 _____ () C:\Users\Abhishek\Downloads\delfix_10.9.exe
2015-03-28 19:54 - 2015-03-28 20:10 - 00000526 _____ () C:\DelFix.txt
2015-03-28 19:54 - 2015-03-28 19:54 - 00000000 ____D () C:\Windows\ERUNT
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-26 23:26 - 2015-03-14 23:46 - 00000000 ____D () C:\FRST
2015-04-26 23:26 - 2008-08-11 22:32 - 00000000 ____D () C:\Users\Abhishek\AppData\Roaming\Skype
2015-04-26 23:23 - 2014-08-17 16:13 - 00000400 _____ () C:\Windows\Tasks\WpsUpdateTask_Abhishek.job
2015-04-26 23:17 - 2007-12-28 13:46 - 01120210 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 22:41 - 2014-05-09 11:25 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-26 22:38 - 2014-08-11 00:19 - 00000400 _____ () C:\Windows\Tasks\WpsNotifyTask_Abhishek.job
2015-04-26 22:19 - 2011-12-19 14:05 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000UA.job
2015-04-26 22:18 - 2011-12-19 14:05 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000Core.job
2015-04-26 21:38 - 2006-11-02 18:15 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 21:38 - 2006-11-02 18:15 - 00003552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-25 14:24 - 2007-12-28 14:09 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-04-25 14:24 - 2006-11-02 16:48 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-23 15:01 - 2006-11-02 16:03 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 14:54 - 2008-09-17 23:12 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-04-23 14:54 - 2006-11-02 18:28 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-21 22:33 - 2006-11-02 18:28 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-21 22:32 - 2007-12-28 13:46 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-04-20 03:24 - 2013-07-22 22:24 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-20 03:19 - 2006-11-02 16:48 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-20 03:12 - 2006-11-02 15:54 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-19 12:55 - 2015-03-22 02:48 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-05 12:17 - 2015-01-24 22:53 - 00001063 _____ () C:\Users\Abhishek\Desktop\weekend getaways.txt
2015-04-01 11:15 - 2015-03-25 09:56 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-04-01 11:15 - 2009-11-20 11:27 - 00000000 ____D () C:\ProgramData\Real
2015-04-01 11:15 - 2008-01-03 04:31 - 00000000 ____D () C:\Users\Abhishek
2015-04-01 11:15 - 2006-11-02 16:48 - 00000000 ____D () C:\Windows\system32\spool
2015-04-01 11:15 - 2006-11-02 16:48 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-04-01 11:15 - 2006-11-02 16:48 - 00000000 ____D () C:\Windows\registration
2015-04-01 11:15 - 2006-11-02 15:52 - 47448064 _____ () C:\Windows\system32\config\software_previous
2015-04-01 11:15 - 2006-11-02 15:52 - 21757952 _____ () C:\Windows\system32\config\system_previous
2015-04-01 11:11 - 2006-11-02 15:52 - 41156608 _____ () C:\Windows\system32\config\components_previous
2015-04-01 11:11 - 2006-11-02 15:52 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-04-01 08:22 - 2015-03-25 09:53 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-04-01 08:21 - 2011-12-20 19:00 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-28 22:00 - 2006-11-02 15:52 - 01835008 _____ () C:\Windows\system32\config\default_previous
2015-03-28 22:00 - 2006-11-02 15:52 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-03-28 21:49 - 2007-12-28 14:12 - 00202544 _____ () C:\Windows\PFRO.log
2015-03-28 01:47 - 2006-11-02 15:53 - 00000342 _____ () C:\Windows\win.ini
2015-03-28 01:45 - 2015-03-25 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
==================== Files in the root of some directories =======
2014-09-28 14:06 - 2014-09-28 14:10 - 6010880 _____ () C:\Program Files\GUT80A5.tmp
2008-08-09 15:15 - 2012-08-13 00:44 - 0000568 _____ () C:\Users\Abhishek\AppData\Roaming\wklnhst.dat
2008-04-09 10:45 - 2015-03-15 15:25 - 0006324 _____ () C:\Users\Abhishek\AppData\Local\d3d9caps.dat
2008-01-04 09:26 - 2015-03-15 13:01 - 0137216 _____ () C:\Users\Abhishek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-08-11 22:33 - 2008-08-11 22:33 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-23 15:19
==================== End Of Log ============================
********************************************************************************************************************************************************************************************************
Addition.txt
********************************************************************************************************************************************************************************************************
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-04-2015
Ran by Abhishek at 2015-04-26 23:29:08
Running from C:\Users\Abhishek\Desktop\lappy servicing\[bleep] 2
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Abhishek (S-1-5-21-4265441916-1708264049-1492465063-1000 - Administrator - Enabled) => C:\Users\Abhishek
Administrator (S-1-5-21-4265441916-1708264049-1492465063-500 - Administrator - Disabled)
Guest (S-1-5-21-4265441916-1708264049-1492465063-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Cisco EAP-FAST Module (HKLM\...\{6D3963B0-E13B-4FC3-B0FF-506A304BB043}) (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Dell Automated PC TuneUp (HKLM\...\{FE34691C-4298-4667-9758-D7F534DD0B94}) (Version: 1.0.3085 - Dell)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Network Assistant (HKLM\...\{0240BDFB-2995-4A3F-8C96-18D41282B716}) (Version: 3.0.0.0 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.0.07282 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 9.1.18.6 - Synaptics)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.18 - Dell Inc.)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Facebook Video Calling 1.2.0.287 (HKLM\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileZilla Client 3.1.1.1 (HKLM\...\FileZilla Client) (Version: 3.1.1.1 - )
Free Download Manager 2.5 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Laptop Integrated Webcam Driver (1.03.02.0719) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.5.3104.1 - Creative)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
Ovi Desktop Sync Engine (Version: 1.5.161.0 - Nokia) Hidden
OviMPlatform (Version: 2.7.44.2 - Nokia) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)
QuickSet (HKLM\...\{7F0C4457-8E64-491B-8D7B-991504365D1E}) (Version: 8.0.13 - Dell Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Skype™ 7.2 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 2.0.06.13151 - Sony Corporation)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPS Office (9.1.0.4746) (HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\...\WPS Office) (Version: 9.1.0.4746 - Kingsoft Corp.)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Internet Mail (HKLM\...\Yahoo! Internet Mail) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020812-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020820-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020821-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020830-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020832-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020900-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020906-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020906-0000-4b30-A977-D214852036FF}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00020907-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{000209FF-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{000209FF-0000-4b30-A977-D214852036FF}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{00024500-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{0002CE21-0000-0000-C000-000000000046}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\ksee\EqnEdit.exe (Design Science, Inc.)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{048EB43E-2059-422F-95E0-557DA96038AF}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{18A06B6B-2F3F-4E2B-A611-52BE631B2D22}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{3C18EAE4-BC25-4134-B7DF-1ECA1337DDDC}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{44720441-94BF-4940-926D-4F38FECF2A48}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{44720444-94BF-4940-926D-4F38FECF2A48}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{45540001-5750-5300-4B49-4E47534F4655}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{45540003-5750-5300-4B49-4E47534F4655}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\et.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{4D4E0078-1386-4536-BD05-3E1013F17116}\InprocServer32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\oledefaulthandler.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{64818D10-4F9B-11CF-86EA-00AA00B929E8}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{64818D11-4F9B-11CF-86EA-00AA00B929E8}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{75D01070-1234-44E9-82F6-DB5B39A47C13}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{8A624388-AA27-43E0-89F8-2A12BFF7BCCD}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{912ABC52-36E2-4714-8E62-A8B73CA5E390}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{91493441-5A91-11CF-8700-00AA0060263B}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{CF4F55F4-8F87-4D47-80BB-5808164BB3F8}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\ProgramData\Skype\Plugins\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{DC020317-E6E2-4A62-B9FA-B3EFE16626F4}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wpp.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-4265441916-1708264049-1492465063-1000_Classes\CLSID\{F4754C9B-64F5-4B40-8AF4-679732AC0607}\localserver32 -> C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\office6\wps.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
==================== Restore Points =========================
07-04-2015 22:49:58 Scheduled Checkpoint
18-04-2015 13:54:43 Scheduled Checkpoint
19-04-2015 13:01:21 Windows Update
20-04-2015 03:00:21 Windows Update
21-04-2015 13:03:48 Scheduled Checkpoint
23-04-2015 15:22:10 Windows Update
25-04-2015 14:23:35 Installed Compatibility Pack for the 2007 Office system
26-04-2015 13:40:35 Scheduled Checkpoint
26-04-2015 16:46:02 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 15:53 - 2015-03-16 22:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {001B59FC-7DCC-4D33-A2ED-15182A2F5686} - System32\Tasks\{2CD37C56-66DD-4BDE-B7B9-492866C3E6C4} => pcalua.exe -a C:\Users\Abhishek\Desktop\OOo_3.2.0_Win32Intel_install_wJRE_en-US.exe -d "C:\Program Files\OpenOffice.org 3\program"
Task: {084AD666-F8B5-4090-9C38-CFFF8D6C4E67} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {1AB3785F-41B9-45D2-9979-9BB9785E9602} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4265441916-1708264049-1492465063-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {239F1C0C-DBFE-4EA8-861A-B7E44453A2DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {23AD59E5-7B45-4DAE-97D1-96FDD0308AD7} - System32\Tasks\WpsUpdateTask_Abhishek => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsupdate.exe [2014-08-17] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {33009D32-EEF0-44B4-8975-E7C369FD6136} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000Core => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17] (Facebook Inc.)
Task: {959C5621-FAB9-4A3A-9C23-922E309F6213} - System32\Tasks\{39C5E658-A847-4D3C-9BE1-8932FB0C83ED} => pcalua.exe -a C:\Users\Abhishek\Downloads\Cleanup.exe -d C:\Users\Abhishek\Downloads
Task: {B5E80C9A-78B6-4B1D-B89E-B6B2B8EF0956} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {C22D95F8-BEAC-4087-93D5-B9137B7160C3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4265441916-1708264049-1492465063-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E1575974-A5DD-496D-8DAC-F91AE17A5AF6} - System32\Tasks\WpsNotifyTask_Abhishek => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsnotify.exe [2014-08-17] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {ED0D0DE3-CAAC-4954-B6A5-339256A524FE} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000UA => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-17] (Facebook Inc.)
Task: {EF98DFEF-37BA-4345-B88B-AC78C08D03D4} - System32\Tasks\{70D6C1BD-CE5A-4232-85BB-A37964871491} => pcalua.exe -a "C:\Users\Abhishek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9MVG1Q4W\RealPlayer11GOLD[2].exe" -d C:\Users\Abhishek
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000Core.job => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4265441916-1708264049-1492465063-1000UA.job => C:\Users\Abhishek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WpsNotifyTask_Abhishek.job => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Abhishek.job => C:\Users\Abhishek\AppData\Local\Kingsoft\WPS Office\9.1.0.4746\wtoolex\wpsupdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-17 23:02 - 2009-01-20 15:36 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE
2015-03-17 23:02 - 2009-01-20 15:36 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2007-12-28 21:40 - 2007-06-29 14:52 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2008-08-11 20:18 - 2008-08-11 20:18 - 00094720 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-03-22 02:57 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-03-22 02:57 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Abhishek\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-04-19 12:55 - 2015-04-14 03:25 - 14980424 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\.DEFAULT\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\12w.net -> download-video.12w.net
IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com
IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
IE restricted site: HKU\.DEFAULT\...\139mm.com -> www.139mm.com
IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
There are 4731 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4265441916-1708264049-1492465063-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\Vostro_NB_1280x864_02.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk => C:\Windows\pss\$McRebootA5E6DEAA56$.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Network Assistant.lnk => C:\Windows\pss\Dell Network Assistant.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk => C:\Windows\pss\QuickSet.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Abhishek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Abhishek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk => C:\Windows\pss\Picture Motion Browser Media Check Tool.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Abhishek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zoozoo widget.lnk => C:\Windows\pss\Zoozoo widget.lnk.Startup
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{67E42A96-1CEC-47BC-B0CD-2D0FCED9F4FB}] => (Allow) C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
FirewallRules: [{A9816FE2-89DF-4281-BD52-40BEE818D830}] => (Allow) C:\Program Files\Dell Network Assistant\ezi_hnm2.exe
FirewallRules: [{0CD9C7F8-12C5-4FF2-AB04-7BBD43DB8184}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{20EFC583-C6CE-4C2F-AB56-C8B2C96E16E3}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{83A2C59C-B61C-4714-945C-83E04BDD6C54}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [{5D5B44F3-6CED-492B-805E-6FFEEFB4D89F}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe
FirewallRules: [{A954FFCB-1DCD-4165-AE31-8368E28E4BB5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BFBF6E2D-D6E6-4820-B087-377AB4C5EA33}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{F1C7A4D0-77BE-4968-81C4-0FBF0C92999D}] => (Allow) C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{FC3BCBA8-4CBC-4EA3-8D0E-7E6D8D4A9188}] => (Allow) C:\Users\Abhishek\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{EFC58A2F-E239-4042-AB58-8768E39941C4}] => (Allow) C:\Users\Abhishek\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{D07185C5-50EC-490B-BEA4-077301F81F16}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{67D6BDCA-5BDC-404C-988D-07A2C28BD163}] => (Allow) C:\Program Files\Deal Keeper\bin\DealKeeper.BRT.Helper.exe
FirewallRules: [{CDE49946-6EB1-437A-A131-7CC6CDFC9FC6}] => (Allow) C:\Program Files\Deal Keeper\bin\DealKeeper.BRT.Helper.exe
FirewallRules: [{FB582D3E-C857-4A17-9FC9-1421D7199431}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/20/2015 03:24:04 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (04/18/2015 01:23:40 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={F7A96C70-7802-4E32-AF83-251F877DC200}: The user Abhishek-PC\Abhishek dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
Error: (04/18/2015 01:05:25 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={707B6523-F184-49BA-989B-34B6BB6E38CD}: The user Abhishek-PC\Abhishek dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
Error: (04/18/2015 01:04:57 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={A51D02A8-F3F7-4D34-8A74-5D09F5F817C3}: The user Abhishek-PC\Abhishek dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
Error: (04/18/2015 01:04:42 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={E10AFEC7-FB41-470D-8FC3-2C8164FD9DE3}: The user Abhishek-PC\Abhishek dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
Error: (03/28/2015 10:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application PSIA.exe, version 3.0.0.10004, time stamp 0x54784a82, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x00000000,
process id 0x828, application start time 0xPSIA.exe0.
Error: (03/28/2015 08:10:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c323c98b-d3d2-4a3f-b2e1-bce9b25a6c30}
Error: (03/28/2015 07:54:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c323c98b-d3d2-4a3f-b2e1-bce9b25a6c30}
Error: (03/26/2015 11:33:29 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (03/26/2015 08:45:39 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\ABHISHEK\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (04/23/2015 03:18:45 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWFailureCommand%%5
Error: (04/23/2015 03:08:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (04/23/2015 03:05:07 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5
Error: (04/21/2015 09:36:58 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman
Error: (04/20/2015 03:58:44 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWFailureCommand%%5
Error: (04/20/2015 03:58:38 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5
Error: (04/20/2015 03:50:03 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5
Error: (04/20/2015 03:50:00 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
Feature: %%886
Error Code: 0x80070005
Error description: Access is denied.
Reason: %%892
Error: (04/20/2015 03:44:01 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Windows Update
Error: (04/19/2015 00:37:30 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 114.3.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.7.0205.00
Source Path: 4.7.0205.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Microsoft Office Sessions:
=========================
Error: (04/20/2015 03:24:04 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
Error: (04/18/2015 01:23:40 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {F7A96C70-7802-4E32-AF83-251F877DC200}Abhishek-PC\AbhishekBroadband Connection0
Error: (04/18/2015 01:05:25 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {707B6523-F184-49BA-989B-34B6BB6E38CD}Abhishek-PC\AbhishekBroadband Connection0
Error: (04/18/2015 01:04:57 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {A51D02A8-F3F7-4D34-8A74-5D09F5F817C3}Abhishek-PC\AbhishekBroadband Connection0
Error: (04/18/2015 01:04:42 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {E10AFEC7-FB41-470D-8FC3-2C8164FD9DE3}Abhishek-PC\AbhishekBroadband Connection0
Error: (03/28/2015 10:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSIA.exe3.0.0.1000454784a82unknown0.0.0.000000000c00000050000000082801d06973015c7fa0
Error: (03/28/2015 08:10:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c323c98b-d3d2-4a3f-b2e1-bce9b25a6c30}
Error: (03/28/2015 07:54:56 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c323c98b-d3d2-4a3f-b2e1-bce9b25a6c30}
Error: (03/26/2015 11:33:29 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (03/26/2015 08:45:39 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ABHISHEK\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES
CodeIntegrity Errors:
===================================
Date: 2015-04-26 23:27:59.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-26 23:27:59.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-26 23:27:58.785
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-26 23:27:58.291
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-22 22:02:18.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-22 22:02:17.902
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-22 22:02:17.451
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-22 22:02:16.991
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-22 22:02:16.611
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-03-22 22:02:16.240
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T7250 @ 2.00GHz
Percentage of memory in use: 78%
Total physical RAM: 2037.45 MB
Available physical RAM: 441.45 MB
Total Pagefile: 4316.18 MB
Available Pagefile: 1916.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.54 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:138.97 GB) (Free:42.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:6.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 10000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=139 GB) - (Type=07 NTFS)
==================== End Of Log ============================
********************************************************************************************************************************************************************************************************