[SRDYK?]

Alright well, I've tried tons on malware saving things and read the tutorial in this forum area but I can't seem to escape a virus. My computer says that when trying to run Windows defender that I do not have permission. When I try to run Malwarebytes, it says Windows couldn't find it. I used TDSSKiller and it said it removed a very high security root kit thing, but I STILL can't open Malwarebytes or Windows Defender. The computer is also filled with ads on Chrome from Buzzdock, and Strong Signals. With those, I tried to find them in the control panel programs, but I can't. They are not there. Any additional questions about my situation go ahead and ask if it gets me closer to fixing this laptop. Thank you!

[Advertisements]

Hello SRDYK?,

 

Welcome to Geekstogo.

 

Important - We ask that the tools we use be downloaded to your computers desktop.

If you are unsure about how to do that, please press the Show button beside Spoiler below to see guides for the most popular browsers:

Spoiler

For Internet Explorer (excluding IE8):

• Please press both Ctrl + J on your keyboard.
• Press Options in the lower left corner.
• Click Browse and in the shown window highlight your Desktop.
• When done, click Select Folder.
• Click OK and close the View Downloads screen.

Please note that Internet Explorer 8 doesn't support changing the downloads location. In this case, upon completion you need to navigate to the Downloads folder and transfer the tool to your Desktop.

For Mozilla Firefox:

• Click the button (upper-right corner) and select Options.
• In the General tab find the Downloads section and check Save files to.
• Click Browse, Navigate to the Desktop and click Select Folder.
• Click OK and the Window will close.

For Google Chrome:

• Click the button (upper-right corner) and select Settings.
• Scroll down and at the bottom press Show advanced settings.
• Scroll down to the Downloads section and click the Change button.
• Navigate to your Desktop and click OK.

Next

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce a log called (FRST.txt) in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

 

[emeraldnzl]

Hello SRDYK?,

 

Welcome to Geekstogo.

 

Important - We ask that the tools we use be downloaded to your computers desktop.

If you are unsure about how to do that, please press the Show button beside Spoiler below to see guides for the most popular browsers:

Spoiler

For Internet Explorer (excluding IE8):

• Please press both Ctrl + J on your keyboard.
• Press Options in the lower left corner.
• Click Browse and in the shown window highlight your Desktop.
• When done, click Select Folder.
• Click OK and close the View Downloads screen.

Please note that Internet Explorer 8 doesn't support changing the downloads location. In this case, upon completion you need to navigate to the Downloads folder and transfer the tool to your Desktop.

For Mozilla Firefox:

• Click the button (upper-right corner) and select Options.
• In the General tab find the Downloads section and check Save files to.
• Click Browse, Navigate to the Desktop and click Select Folder.
• Click OK and the Window will close.

For Google Chrome:

• Click the button (upper-right corner) and select Settings.
• Scroll down and at the bottom press Show advanced settings.
• Scroll down to the Downloads section and click the Change button.
• Navigate to your Desktop and click OK.

Next

Please download Farbar Recovery Scan Tool from here and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 

• Right click to run as administrator. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will produce a log called (FRST.txt) in the same directory the tool is run from.
• Please copy and paste log back here.
• The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

 

[SRDYK?]

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri (administrator) on DOMINATRIX on 30-04-2015 17:35:54

Running from C:\Users\Sankar Namboodiri\Desktop

Loaded Profiles: Sankar Namboodiri (Available profiles: Sankar Namboodiri)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 10 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe

(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe

(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Dell Inc.) C:\Windows\System32\WLTRAY.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Enigma Software Group USA, LLC.) C:\Users\Sankar Namboodiri\AppData\Local\Temp\esg_uninstall.exe~

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe

() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe

(reimage) C:\Program Files\eFix\eFix Pro\eFixProMain.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe

(Facebook Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [4119552 2008-11-17] (Dell Inc.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)

HKLM\...\Run: [fssui] => C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)

HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer\Run: [40973] => C:\PROGRA~3\LOCALS~1\Temp\msiwyzbe.pif

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [267F03DCE1038D2E34EC9385323C594492D174CA._service_run] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [Google Update] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [EvolveClient] => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-25] (SUPERAntiSpyware)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [DellSystemDetect] => C:\Users\Sankar Namboodiri\AppData\Local\Apps\2.0\RB9W3D12.P1V\Y6ATRY84.BVV\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-07-01] (Dell)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\CurrentVersion\Windows: [Load] C:\Users\SANKAR~1\LOCALS~1\Temp\mshoaicob.cmd <===== ATTENTION

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [TaskbarNoNotification] 1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {5ddeb4b5-a290-11e1-98c4-002564620625} - E:\SISetup.exe

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {c4a1a91b-1e73-11e0-a44b-002564620625} - E:\Windows\CHECK\DriveNavigator.exe

HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)

HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"

IFEO\mbam.exe: [Debugger] pp_.exe

IFEO\mbamgui.exe: [Debugger] iu_.exe

IFEO\msseces.exe: [Debugger] ulotmhvc_.exe

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2013-10-14]

ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2014-04-20]

ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk [2015-04-17]

ShortcutTarget: Pokemon Emerald.lnk -> C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe ()

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simp...29-43b7ffe7cbc1

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simp...29-43b7ffe7cbc1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

URLSearchHook: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 - Default Value = {f78bf7a8-cf12-4de7-a6da-c463d1b539a7}

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simp...q={searchTerms}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simp...q={searchTerms}

SearchScopes: HKLM -> {4BBD339E-0EEB-4F25-889D-6B6544790428} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = 

SearchScopes: HKLM-x32 -> {92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> DefaultScope {E39D4439-0BE3-4BAB-A670-427E63E44C9C} URL = http://q.search-simp...q={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> OldSearch URL = http://us.yhs4.searc...5_12&os=Windows7 Home Premium&p={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {4BBD339E-0EEB-4F25-889D-6B6544790428} URL = 

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {67676DCA-C904-4E02-A366-10529FB97417} URL = http://ws.infospace....r?_iceUrl=trueuser_id=%userid&tool_id=60231&qkw={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = http://search.condui...89847&CUI=&UM=2

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} URL = 

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {958A494C-94AD-4193-86C5-8FAF777AB831} URL = http://www.google.co...q={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {E39D4439-0BE3-4BAB-A670-427E63E44C9C} URL = http://q.search-simp...q={searchTerms}

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-15] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-15] (Oracle Corporation)

BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-15] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)

BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-15] (Oracle Corporation)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

Toolbar: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-01] (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)

Winsock: Catalog5 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Winsock: Catalog5 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Winsock: Catalog5-x64 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Winsock: Catalog5-x64 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default

FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bg_840_bl-is-18__alt__ddc_dsssyctab_bd_com

FF DefaultSearchEngine: Yahoo! Search

FF DefaultSearchEngine.US: Yahoo! Search

FF SelectedSearchEngine: Yahoo! Search

FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-18__alt__ddc_dsssyc_bd_com

FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bg_840_bl-is-18__alt__ddc_dss_bd_com&p={searchTerms}

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()

FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-15] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-15] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-19] (DivX, LLC.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-15] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-15] (Oracle Corporation)

FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll No File

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2010-05-04] (Alcatel-Lucent)

FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sankar Namboodiri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-24] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-11-14] (Ubisoft)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File

FF user.js: detected! => C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\user.js [2015-03-22]

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-08-05] (Apple Inc.)

FF SearchPlugin: C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\searchplugins\search-provided-by-yahoo.xml [2015-03-22]

FF Extension: Strong Signal - C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\Extensions\{32b2bf24-d7e1-4457-ae7d-61b5c4686a26}.xpi [2015-03-22]

FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-04-19]

FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-04-19]

FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-19]

FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video

FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-18]

FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-18]

 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"

CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_12&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtC0AtB0EtB0F0AtDtD0DtN0D0Tzu0StCtCyByCtN1L2XzutAtFzytFyEtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0AyC0EtCyE0C0AtG0A0AyC0DtG0DzztAyDtGzytDyDtBtGtA0CyD0E0D0F0Ezz0CtCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyzzyByEtAzzyBtGyB0B0CtAtGyEtByDzytGzzyCtCyEtGtCyEtAtB0A0A0AyCyCtDyC0A2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCtDyB%26cr%3D79078218%26a%3Dwny_dnldstr_15_12%26os%3DWindows 7 Home Premium", "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Angry Birds) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-08-14]

CHR Extension: (Google Docs) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]

CHR Extension: (Google Drive) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]

CHR Extension: (YouTube) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]

CHR Extension: (Bloons Tower Defense 5) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbmjfljnekllgcgnbbjfolnbgcjnghf [2013-12-14]

CHR Extension: (Kingdom Rush) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2013-08-14]

CHR Extension: (Google Search) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]

CHR Extension: (Strong Signal) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdjbcindpnjlpbkehkccpcmdebmbgoa [2015-03-23]

CHR Extension: (Block site) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2014-11-30]

CHR Extension: (BetaFish Adblocker) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-16]

CHR Extension: (Bookmark Manager) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]

CHR Extension: (Fieldrunners) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2013-08-14]

CHR Extension: (Google Wallet) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]

CHR Extension: (Gmail) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]

CHR Extension: (Canvas Rider) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-12-21]

CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-07-01]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

StartMenuInternet: Google Chrome.SJXP7CNPQJ3XWF6TBCM73HEZME - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-05-04] (Alcatel-Lucent) [File not signed]

R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-05-04] (Alcatel-Lucent) [File not signed]

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)

R2 Realtek11nCU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]

R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)

R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]

S3 EvoSvc; "C:\Program Files\Echobit\Evolve\EvoSvc.exe" -service -logfile "C:\ProgramData\Echobit\Evolve\EvoSvc.log"

S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]

S2 HPSIService; C:\Windows\system32\HPSIsvc.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)

S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Marvell Semiconductor, Inc.)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-07-12] (Realtek Semiconductor Corporation                           )

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R2 secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2004-07-08] () [File not signed]

U1 StarOpen; No ImagePath

R3 cpuz134; \??\C:\Users\SANKAR~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]

S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]

S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-04-30 17:35 - 2015-04-30 17:36 - 00035548 _____ () C:\Users\Sankar Namboodiri\Desktop\FRST.txt

2015-04-30 17:35 - 2015-04-30 17:35 - 02101248 _____ (Farbar) C:\Users\Sankar Namboodiri\Desktop\FRST64.exe

2015-04-30 07:34 - 2015-04-30 07:34 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{88947EC5-B5A3-4A83-A338-00D13C1BA793}

2015-04-29 21:41 - 2015-04-29 21:41 - 00004302 _____ () C:\Windows\System32\Tasks\ReimageUpdater

2015-04-29 21:41 - 2015-04-29 21:41 - 00003462 _____ () C:\Windows\System32\Tasks\Reimage Reminder

2015-04-29 21:41 - 2015-04-29 21:41 - 00000000 ____D () C:\Program Files\Reimage

2015-04-29 21:40 - 2015-04-29 21:41 - 00000000 ____D () C:\ProgramData\Reimage Protector

2015-04-29 21:40 - 2015-04-29 21:40 - 00001782 _____ () C:\Users\Public\Desktop\eFix Pro.lnk

2015-04-29 21:40 - 2015-04-29 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro

2015-04-29 21:39 - 2015-04-29 21:42 - 00000000 ____D () C:\rei

2015-04-29 21:39 - 2015-04-29 21:39 - 00000000 ____D () C:\Program Files\eFix

2015-04-29 21:38 - 2015-04-29 21:42 - 00000144 _____ () C:\Windows\Reimage.ini

2015-04-29 21:38 - 2015-04-29 21:41 - 00000072 _____ () C:\Windows\efix.ini

2015-04-29 21:38 - 2015-04-29 21:38 - 00776792 _____ (Reimage®) C:\Users\Sankar Namboodiri\Desktop\eFixPro (1).exe

2015-04-29 21:37 - 2015-04-29 21:38 - 00776792 _____ (Reimage®) C:\Users\Sankar Namboodiri\Desktop\eFixPro.exe

2015-04-29 19:32 - 2015-04-29 19:33 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3676B428-FC1A-4250-ABD7-29CAAC053A4D}

2015-04-29 18:32 - 2015-04-29 21:37 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Enigma Software Group

2015-04-29 18:16 - 2015-04-29 18:16 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\NisDrv

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\mpfilter

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\amd64

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2015-04-29 18:16 - 2015-01-30 03:26 - 00186656 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll

2015-04-29 18:16 - 2015-01-30 02:24 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll

2015-04-29 17:28 - 2015-04-29 17:28 - 00000000 ____D () C:\TDSSKiller_Quarantine

2015-04-29 17:26 - 2015-04-29 17:27 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sankar Namboodiri\Desktop\tdsskiller.exe

2015-04-29 17:08 - 2015-04-30 17:29 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2015-04-29 17:08 - 2015-04-29 17:08 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\SUPERAntiSpyware.com

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2015-04-29 17:04 - 2015-04-29 17:07 - 21781384 _____ (SUPERAntiSpyware) C:\Users\Sankar Namboodiri\Desktop\SAS_6126996.EXE

2015-04-29 07:31 - 2015-04-29 07:31 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{0D80FC08-A5E2-4ADC-99C4-F02A91124D5F}

2015-04-28 21:07 - 2015-04-29 07:19 - 00000000 ____D () C:\VIPRERESCUE

2015-04-28 21:07 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys

2015-04-28 21:07 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys

2015-04-28 20:50 - 2015-04-28 21:07 - 214511616 _____ () C:\Users\Sankar Namboodiri\Desktop\VIPRERescue39750.exe

2015-04-28 20:41 - 2015-04-30 17:36 - 00000000 ____D () C:\FRST

2015-04-28 20:30 - 2015-04-29 18:23 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-04-28 20:30 - 2015-04-28 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-04-28 20:30 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-04-28 20:30 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-04-28 20:30 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022.exe

2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022 (1).exe

2015-04-28 20:24 - 2015-04-28 20:24 - 00013865 _____ () C:\Users\Sankar Namboodiri\Desktop\Windows Defender - Shortcut.lnk

2015-04-28 20:02 - 2015-04-28 20:02 - 00887280 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Downloads\mssstool64.exe

2015-04-28 20:00 - 2015-04-28 20:00 - 00176940 _____ () C:\Users\Sankar Namboodiri\Downloads\BFE.reg

2015-04-28 20:00 - 2015-04-28 20:00 - 00006396 _____ () C:\Users\Sankar Namboodiri\Downloads\MpsSvc.reg

2015-04-28 19:30 - 2015-04-28 19:30 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{2B2DFACA-F52D-4E92-916B-71AA66A69BA7}

2015-04-27 18:36 - 2015-04-27 18:36 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{A36F09F5-8012-46A7-8F47-F73B969D88F5}

2015-04-27 18:26 - 2015-04-27 18:26 - 14160536 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Desktop\mseinstall.exe

2015-04-25 08:44 - 2015-04-27 00:57 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BE903481-C97F-4543-8E8A-4BB8541DB838}

2015-04-24 18:21 - 2015-04-24 18:22 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BA9562D2-85E4-47AA-912F-CD4AB3CE1E32}

2015-04-23 20:35 - 2015-04-23 20:35 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3CE114CF-1470-4B4D-A77E-800953D4D1B1}

2015-04-22 19:34 - 2015-04-22 19:34 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{F453C3B1-DD0A-4E1E-AE33-295AA68A10D6}

2015-04-19 20:27 - 2015-04-21 19:05 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{23A4C709-A8C8-437D-B436-6DD3056FA836}

2015-04-19 18:02 - 2015-04-19 18:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-19 08:26 - 2015-04-19 08:26 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{AE5B2CAE-83F2-4007-8241-A75C92EDC375}

2015-04-17 19:08 - 2015-04-29 21:33 - 00000000 ____D () C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}

2015-04-17 17:20 - 2015-04-17 17:20 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{79CDA661-C844-42DE-A39C-184DB4ED6068}

2015-04-16 20:49 - 2015-04-16 20:49 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{F36F0089-8F4F-447A-BC4B-AF261D996C1A}

2015-04-12 21:01 - 2015-04-12 21:01 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{319474BE-8EF4-4346-8C03-865F49DC434D}

2015-04-12 08:32 - 2015-04-12 08:32 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3C5AA834-3FF2-44E9-BC2C-A84902C4BF8D}

2015-04-11 10:54 - 2015-04-11 10:54 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{9F085D21-15B7-4BC2-9074-13AC6EFAB672}

2015-04-08 20:35 - 2015-04-12 21:02 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\2015 folder

2015-04-08 20:35 - 2015-04-08 20:35 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{0DBB7D6C-6D7F-4E32-B4D2-E4C65128AF08}

2015-04-05 10:36 - 2015-04-05 10:36 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{33E07FBE-B4E1-438A-8073-90586D9668DC}

2015-04-04 14:31 - 2015-04-04 14:31 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{64700523-5554-474D-86EA-0DF6F7753946}

2015-04-03 18:56 - 2015-04-03 18:57 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BC4BC0AF-1B03-46BF-834A-3012CBAB9FEC}

2015-04-01 19:48 - 2015-04-01 19:48 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{A885CBED-D941-4518-80B8-7106DE402AE7}

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-04-30 17:31 - 2014-03-20 15:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-04-30 17:29 - 2014-03-20 15:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-04-30 17:29 - 2013-03-16 16:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-04-30 17:29 - 2012-07-15 10:09 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job

2015-04-30 17:29 - 2012-07-15 10:09 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job

2015-04-30 17:29 - 2010-01-02 15:53 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job

2015-04-30 17:29 - 2010-01-02 15:53 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job

2015-04-30 17:29 - 2009-07-14 01:10 - 01477501 _____ () C:\Windows\WindowsUpdate.log

2015-04-30 06:27 - 2013-08-14 19:24 - 00002430 _____ () C:\Users\Sankar Namboodiri\Desktop\Google Chrome.lnk

2015-04-30 06:25 - 2010-01-14 21:45 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4049948B-A48B-40A1-8DFC-B6312779EC7A}

2015-04-29 21:39 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-04-29 21:39 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-04-29 21:32 - 2014-01-29 16:32 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2015-04-29 21:31 - 2014-07-09 19:32 - 00009332 _____ () C:\Windows\setupact.log

2015-04-29 21:31 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-04-29 21:30 - 2009-09-30 03:49 - 00554872 _____ () C:\Windows\PFRO.log

2015-04-29 18:22 - 2011-01-25 17:48 - 00002198 _____ () C:\Windows\epplauncher.mif

2015-04-29 18:16 - 2011-01-25 17:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2015-04-29 17:42 - 2010-11-20 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade

2015-04-29 17:41 - 2010-08-28 18:27 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Octoshape

2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Dev-Cpp

2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Dev-Cpp

2015-04-29 17:40 - 2012-01-23 20:15 - 00000000 ____D () C:\Program Files (x86)\Comical

2015-04-28 20:37 - 2014-06-12 17:59 - 00000000 ____D () C:\ProgramData\NexonUS

2015-04-28 20:37 - 2012-05-20 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2015-04-28 20:37 - 2012-05-20 19:02 - 00000000 ____D () C:\Program Files\HP

2015-04-28 20:36 - 2010-11-25 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games

2015-04-28 20:36 - 2010-11-20 11:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2015-04-28 20:35 - 2010-02-11 21:33 - 00000000 ____D () C:\Program Files (x86)\Inkscape

2015-04-28 20:05 - 2009-07-14 01:13 - 00784822 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-04-28 19:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-04-28 19:33 - 2010-01-02 15:53 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Google

2015-04-27 18:30 - 2014-07-18 13:16 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\.minecraft

2015-04-25 10:05 - 2015-01-17 21:00 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\Scanned pages

2015-04-24 22:25 - 2013-08-14 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-17 18:12 - 2013-03-16 16:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-04-17 18:12 - 2013-03-16 16:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-04-17 18:12 - 2011-09-29 23:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-08 20:35 - 2012-04-20 20:22 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Windows Live

 

==================== Files in the root of some directories =======

 

2014-06-10 15:21 - 2014-06-10 15:21 - 0000087 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\Camdata.ini

2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamLayout.ini

2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamShapes.ini

2014-06-10 15:21 - 2014-06-10 15:21 - 0004535 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamStudio.cfg

2014-07-03 17:11 - 2014-07-03 17:13 - 0033280 ___SH () C:\Users\Sankar Namboodiri\AppData\Roaming\Thumbs.db

2014-07-02 22:26 - 2014-07-02 22:26 - 0020097 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\UserTile.png

2014-06-10 14:56 - 2014-06-10 14:56 - 0000096 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\version2.xml

2013-07-30 17:52 - 2015-03-03 19:48 - 0000354 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\wklnhst.dat

2010-07-03 19:57 - 2013-11-17 18:17 - 0024064 _____ () C:\Users\Sankar Namboodiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2015-03-02 20:10 - 2015-03-02 20:10 - 0018300 _____ () C:\Users\Sankar Namboodiri\AppData\Local\recently-used.xbel

2013-08-14 21:50 - 2013-08-14 21:50 - 0000017 _____ () C:\Users\Sankar Namboodiri\AppData\Local\resmon.resmoncfg

2013-10-14 18:27 - 2013-10-14 18:27 - 0000057 _____ () C:\ProgramData\Ament.ini

ZeroAccess:

C:\Users\Sankar Namboodiri\AppData\Local\Google\Desktop\Install

ZeroAccess:

C:\Program Files (x86)\Google\Desktop\Install

 

Some content of TEMP:

====================

C:\Users\Sankar Namboodiri\AppData\Local\Temp\eFixProPackage.exe

C:\Users\Sankar Namboodiri\AppData\Local\Temp\EsgInstallerx64Stub.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-04-24 00:24

 

==================== End Of Log ============================

 

Addition.txt:  

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri at 2015-04-30 17:37:35

Running from C:\Users\Sankar Namboodiri\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2054513145-232998130-3655723851-500 - Administrator - Disabled)

Guest (S-1-5-21-2054513145-232998130-3655723851-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2054513145-232998130-3655723851-1002 - Limited - Enabled)

Sankar Namboodiri (S-1-5-21-2054513145-232998130-3655723851-1001 - Administrator - Enabled) => C:\Users\Sankar Namboodiri

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}

AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 - Microsoft)

Akamai NetSession Interface (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArcSoft MediaImpression (HKLM-x32\...\{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}) (Version: 1.2.28.448 - ArcSoft)

ATI Catalyst Install Manager (HKLM\...\{64FBA03C-575C-D688-1C80-A5773CE471F9}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

Audacity 1.3.11 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)

Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)

Avery Template - U_0332_01_L (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000007}) (Version: 1.0.0.0 - Avery)

Avery Template (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000010}) (Version: 2.0.0.0 - Avery)

Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)

BlueJ 2.5.3 (HKLM-x32\...\BlueJ_is1) (Version:  - Deakin University)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Brother HL-2140 (HKLM-x32\...\{F4873ADE-DCCC-46EA-9721-BC2BF8CD2EFE}) (Version: 1.00 - Brother)

CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

ContentSAFER for Wizmax (HKLM-x32\...\{C19BE821-89B1-4A96-AC7C-873810C0CB5F}) (Version:  - )

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DeepBurner Pro v1.9.0.228 (HKLM-x32\...\{1AD22277-7A1E-71EC-B27D-EB7A22BED143}) (Version:  - )

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.24 - Dell)

Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)

Dell System Detect (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.)

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)

Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)

Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)

DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)

eFix Pro (HKLM\...\eFix Pro) (Version: 1.8.1.1 - Reimage)

EmoDio (HKLM-x32\...\InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}) (Version: 1.0 - Samsung)

EmoDio (x32 Version: 1.0 - Samsung) Hidden

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

FlowLayoutDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\FlowLayoutDemo) (Version:  - The Java™ Tutorial)

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)

Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 2.70 - Philipp Winterberg)

FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.8.1 - )

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

GlassPaneDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\GlassPaneDemo) (Version:  - The Java™ Tutorial)

Google Chrome (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6272.0 - IDT)

Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden

Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1994 - Intel Corporation)

Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

InternalFrameDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\InternalFrameDemo) (Version:  - The Java™ Tutorial)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Media Framework 2.1.1e (HKLM-x32\...\Java Media Framework 2.1.1e) (Version:  - )

Java MP3 PlugIn (HKLM-x32\...\Java MP3 PlugIn) (Version:  - )

Java™ SE Development Kit 6 Update 18 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160180}) (Version: 1.6.0.180 - Sun Microsystems, Inc.)

JFreeChart 1.0.13 Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\JFreeChart 1.0.13 Demo) (Version:  - Object Refinery Ltd)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Menu Glue Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Menu Glue Demo) (Version:  - The Java™ Tutorial)

Menu Layout Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Menu Layout Demo) (Version:  - The Java™ Tutorial)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)

Microsoft Halo (HKLM-x32\...\Halo) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Communicator 2007 (HKLM-x32\...\{E5BA0430-919F-46DD-B656-0796F8A5ADFF}) (Version: 2.0.6362.0 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)

Nitronic Rush (2012-12-21 .2) version 20121221.1 (HKLM-x32\...\{9B55759D-424F-4CB1-B84E-AAE83CC1D20A}_is1) (Version: 20121221.1 - DigiPen)

PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)

Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{35DB2630-846E-47C5-AF84-9D6AC3629F55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

Progress Bar (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Progress Bar) (Version:  - The Java™ Tutorial)

Progress Monitor Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Progress Monitor Demo) (Version:  - The Java™ Tutorial)

Python 3.2.2 (64-bit) (HKLM\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFe}) (Version: 3.2.2150 - Python Software Foundation)

Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)

QuickTime (HKLM-x32\...\{BFD96B89-B769-4CD6-B11E-E79FFD46F067}) (Version: 7.4.1.14 - Apple Inc.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - REALTEK Semiconductor Corp.)

RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)

Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)

Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.7896 - Skype Technologies S.A.)

Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)

Slik Subversion 1.6.17 (x64) (HKLM\...\{D7F354AA-0E15-4407-B3FC-866BEA805CCD}) (Version: 1.6.17.0 - SlikSvn & The SharpSvn Project)

SmartMusic (HKLM-x32\...\{287324A5-8034-4720-ACE4-497956793955}) (Version: 1.1.2557 - MakeMusic, Inc.)

SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)

SWI-Prolog (remove only) (HKLM-x32\...\SWI-Prolog) (Version:  - )

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Requirements Lab (HKLM-x32\...\{9E1BAB75-EB78-440D-94C0-A3857BE2E733}) (Version: 4.1.71.0 - Husdawg, LLC)

System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)

Tarrasch Chess GUI V1.00b (HKLM-x32\...\Tarrasch Chess GUI_is1) (Version:  - Triple Happy Ltd.)

Unity Web Player (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)

VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

 

==================== Restore Points  =========================

 

08-02-2015 21:41:53 Scheduled Checkpoint

03-03-2015 20:14:41 Scheduled Checkpoint

13-03-2015 21:06:16 Scheduled Checkpoint

28-03-2015 20:23:41 Scheduled Checkpoint

05-04-2015 11:27:01 Scheduled Checkpoint

17-04-2015 20:29:18 Scheduled Checkpoint

25-04-2015 15:08:30 Scheduled Checkpoint

28-04-2015 19:32:29 Removed Google Talk Plugin

29-04-2015 17:39:08 Removed Visual Studio 2010 x64 Redistributables

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {10D6A8BF-F556-4155-9C06-9C720879CE79} - System32\Tasks\{F95BC09C-F3E6-41D6-B2A4-B178E07BC8A2} => pcalua.exe -a "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\GUninstaller.exe" -c -uprtc -key "BabylonToolbar"

Task: {1C804CEB-DB8B-4329-B8C7-1C21AB4938E2} - System32\Tasks\{E36CDDE6-F3F4-4F89-9FCA-EF11C4FB478C} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\EvolveSetup.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {2DFFF575-4795-4A5E-8089-FE7B85E007C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)

Task: {35BEF947-D721-4560-A2BD-C501D8B450B7} - System32\Tasks\Windows Update Check - 0x21BF04DF => C:\Users\SANKAR~1\AppData\Local\Temp\Rar$EXa0.646\FORCEO~1.EXE <==== ATTENTION

Task: {4337C04C-37B4-46DF-AD01-4FA7F082135E} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)

Task: {4B7A90CB-DC66-4172-B6BF-B5F23E812E66} - System32\Tasks\Reimage Reminder => C:\Program Files\eFix\eFix Pro\eFixReminder.exe <==== ATTENTION

Task: {55D345FF-EB86-452E-9AD8-252932600915} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-15] (Facebook Inc.)

Task: {58310B14-A0A3-40B8-8754-3E00E5A0F224} - System32\Tasks\{8D1FB7FF-F48D-4EB3-A860-3AFDC26F74ED} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Downloads\javamp3-1_0.exe" -d "C:\Users\Sankar Namboodiri\Downloads"

Task: {5866912C-061D-49DE-B991-F27AEFB7DDE3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {6273E771-DACB-48B5-9B2D-933BB3AED0E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {674EAD69-E0B1-404A-84EC-3D92411811CB} - System32\Tasks\{0FEA6B1D-EF1B-4658-B8CD-4A095CC2602A} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Downloads\Win7Vista_64_151719.exe" -d "C:\Users\Sankar Namboodiri\Downloads"

Task: {6D56563E-B457-4CF0-9F3B-2C90DC794CB4} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION

Task: {742B6AB0-78C1-4B2E-BDFE-08714F627E97} - System32\Tasks\{4FF6883F-050A-4487-9BE4-651BA6452C4B} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\mte\MTE.exe" -d "C:\Users\Sankar Namboodiri\Desktop\mte"

Task: {75F70731-8FC8-4859-B89E-E6C706A60967} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-15] (Facebook Inc.)

Task: {989C4EC6-5E70-4B4B-BEF6-59634EF5961D} - System32\Tasks\{0F582C0D-F376-47F4-B4FE-CEB5FD6D4C0E} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\liteloader-installer-1.6.2-01.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {A0AA9DC2-31E5-4492-9A60-440FFD2EF57F} - System32\Tasks\{A955B7AD-973B-459B-B4BA-CFF93EE86639} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\pixelmon mod installer.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {A111F2A4-21CB-4E06-8B30-DF1078AF8015} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)

Task: {A1C0FFD6-AB20-4F5C-95E8-50972271F0AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {CCD0AD95-EEBC-4558-AC76-3BCA29B37396} - System32\Tasks\{5B91FB81-7F70-4E63-9C98-828D64624768} => C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe [2003-09-02] (Ensemble Studios)

Task: {E242D8D1-C232-45C8-B7E7-A167DFC20DBB} - System32\Tasks\D77R8YJ1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)

Task: {EA21A921-8D99-4524-80DC-7F07976E9824} - System32\Tasks\{5E54517A-157B-48BE-81BC-2FE1CD97FC77} => Chrome.exe http://ui.skype.com/...all?page=tsMain

Task: {F0665ECC-C260-4679-87FD-7B79F4322468} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)

Task: {F65CCD10-65D4-4CE8-8D77-EC09698ADE6C} - System32\Tasks\{0A658BCB-C922-4F25-A36D-DC2DEC06B564} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\Win7Vista_64_151719.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {F7AA074C-9669-4E14-B07E-55B8C81A8194} - System32\Tasks\{01970AA0-1901-4795-B5E9-E406F63AF5B9} => C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe [2003-09-02] (Ensemble Studios)

Task: {F8165C36-4005-4F25-B434-508069E33EBA} - System32\Tasks\{A315EEC4-DE3F-456E-A8E9-81946C32D504} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) ==============

 

2009-09-30 01:58 - 2009-07-16 21:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

2009-09-30 01:58 - 2009-07-16 21:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll

2014-12-21 19:56 - 2011-02-28 18:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll

2012-05-20 19:04 - 2010-03-04 16:56 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL

2009-09-30 01:58 - 2008-11-17 07:29 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll

2015-01-14 06:07 - 2015-01-14 06:07 - 06757728 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe

2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2009-09-30 02:02 - 2009-07-16 11:58 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll

2009-09-30 02:02 - 2009-07-16 11:59 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

2012-12-05 09:25 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll

2014-12-30 21:29 - 2014-06-04 11:21 - 00571904 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll

2014-12-30 21:29 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

2015-04-26 12:54 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll

2015-04-26 12:54 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42343112.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42343112.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== EXE Association (whitelisted) ===============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

 

IE trusted site: HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\dell.com -> dell.com

IE trusted site: HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\vizzed.com -> www.vizzed.com

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.254

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Sankar Namboodiri\AppData\Local\Akamai\netsession_win.exe"

MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: wininit1360259348 => C:\Users\Sankar Namboodiri\AppData\Local\Temp\793516544.exe

MSCONFIG\startupreg: wininit58554926 => C:\Users\Sankar Namboodiri\AppData\Local\Temp\56518410.exe

 

==================== FirewallRules (whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 14415927

 

Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 14415927

 

Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 16824614

 

Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 16824614

 

Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 14407519

 

Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 14407519

 

Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (04/29/2015 09:42:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 2652

 

 

System errors:

=============

Error: (04/29/2015 09:33:19 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )

Description: Unexpected failure. Error code: D@01010004

 

Error: (04/29/2015 09:33:18 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )

Description: Unexpected failure. Error code: D@01010004

 

Error: (04/29/2015 09:32:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error: 

%%1053

 

Error: (04/29/2015 09:32:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.

 

Error: (04/29/2015 09:31:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%5

 

Error: (04/29/2015 09:31:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%5

 

Error: (04/29/2015 09:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The HP SI Service service failed to start due to the following error: 

%%2

 

Error: (04/29/2015 09:31:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%5

 

Error: (04/29/2015 09:31:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Base Filtering Engine service terminated with the following error: 

%%5

 

Error: (04/29/2015 08:21:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

 

 

Microsoft Office Sessions:

=========================

Error: (02/07/2015 03:52:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (02/07/2015 03:52:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (02/07/2015 03:51:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4230 seconds with 120 seconds of active time.  This session ended with a crash.

 

 

==================== Memory info =========================== 

 

Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz

Percentage of memory in use: 74%

Total physical RAM: 3032.36 MB

Available physical RAM: 762.27 MB

Total Pagefile: 9174.55 MB

Available Pagefile: 6724.71 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:213.72 GB) (Free:69.08 GB) NTFS

Drive e: (WDO_MEDIA64) (Removable) (Total:7.63 GB) (Free:7.31 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 232.9 GB) (Disk ID: 2B391CB6)

Partition 1: (Not Active) - (Size=298 MB) - (Type=DE)

Partition 2: (Active) - (Size=18.9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=213.7 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.6 GB) (Disk ID: 04030201)

Partition 1: (Active) - (Size=7.6 GB) - (Type=0B)

 

==================== End Of Log ============================

 

 

 

Thank you for your help! Also new thing is that there is a website where Chrome keeps popping up that thing that says "the website at blah blah blah says..." and I couldn't close the tab so I needed to end Chrome in the task manager. In case that helps any.

 

EDIT: Ok well checked again and Windows defender worked once now, though it couldn't start the actual defending, but after that when I click it all I get is the spinning thing next to my mouse cursor then nothing.

Edited by SRDYK?, 30 April 2015 - 04:16 PM.

[emeraldnzl]

Hello SRDYK?,

Firstly please uninstall the following program:

eFix Pro

Next

Open notepad.

Please copy the contents of the code box below.

To do this highlight (click in the box and press Ctrl + A) the contents of the box and right click on it. Paste this into the open notepad. Save it to the Desktop as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
 

HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [40973] => C:\PROGRA~3\LOCALS~1\Temp\msiwyzbe.pif
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\CurrentVersion\Windows: [Load] C:\Users\SANKAR~1\LOCALS~1\Temp\mshoaicob.cmd <===== ATTENTION
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {5ddeb4b5-a290-11e1-98c4-002564620625} - E:\SISetup.exe
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {c4a1a91b-1e73-11e0-a44b-002564620625} - E:\Windows\CHECK\DriveNavigator.exe
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
KLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simp...29-43b7ffe7cbc1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simp...29-43b7ffe7cbc1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 - Default Value = {f78bf7a8-cf12-4de7-a6da-c463d1b539a7}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simp...q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simp...q={searchTerms}
SearchScopes: HKLM -> {4BBD339E-0EEB-4F25-889D-6B6544790428} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKLM-x32 -> {92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> DefaultScope {E39D4439-0BE3-4BAB-A670-427E63E44C9C} URL = http://q.search-simp...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> OldSearch URL = http://us.yhs4.searc...5_12&os=Windows7 Home Premium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {4BBD339E-0EEB-4F25-889D-6B6544790428} URL =
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {67676DCA-C904-4E02-A366-10529FB97417} URL = http://ws.infospace....r?_iceUrl=trueuser_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = http://search.condui...89847&CUI=&UM=2
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} URL =
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {958A494C-94AD-4193-86C5-8FAF777AB831} URL = http://www.google.co...q={searchTerms}
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {E39D4439-0BE3-4BAB-A670-427E63E44C9C} URL = http://q.search-simp...q={searchTerms}
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
Toolbar: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Winsock: Catalog5 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
FF user.js: detected! => C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\user.js [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
C:\ProgramData\Norton
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_12&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtC0AtB0EtB0F0AtDtD0DtN0D0Tzu0StCtCyByCtN1L2XzutAtFzytFyEtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0AyC0EtCyE0C0AtG0A0AyC0DtG0DzztAyDtGzytDyDtBtGtA0CyD0E0D0F0Ezz0CtCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyzzyByEtAzzyBtGyB0B0CtAtGyEtByDzytGzzyCtCyEtGtCyEtAtB0A0A0AyCyCtDyC0A2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCtDyB%26cr%3D79078218%26a%3Dwny_dnldstr_15_12%26os%3DWindows 7 Home Premium", "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Search) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
StartMenuInternet: Google Chrome.SJXP7CNPQJ3XWF6TBCM73HEZME - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS
C:\Windows\SysWOW64\drivers\SECDRV.SYS
2014-06-10 15:21 - 2014-06-10 15:21 - 0000087 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\Camdata.ini
2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamLayout.ini
2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamShapes.ini
2014-06-10 15:21 - 2014-06-10 15:21 - 0004535 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamStudio.cfg
2014-07-03 17:11 - 2014-07-03 17:13 - 0033280 ___SH () C:\Users\Sankar Namboodiri\AppData\Roaming\Thumbs.db
2014-07-02 22:26 - 2014-07-02 22:26 - 0020097 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\UserTile.png
2014-06-10 14:56 - 2014-06-10 14:56 - 0000096 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\version2.xml
2013-07-30 17:52 - 2015-03-03 19:48 - 0000354 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\wklnhst.dat
2010-07-03 19:57 - 2013-11-17 18:17 - 0024064 _____ () C:\Users\Sankar Namboodiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-02 20:10 - 2015-03-02 20:10 - 0018300 _____ () C:\Users\Sankar Namboodiri\AppData\Local\recently-used.xbel
2013-08-14 21:50 - 2013-08-14 21:50 - 0000017 _____ () C:\Users\Sankar Namboodiri\AppData\Local\resmon.resmoncfg
2013-10-14 18:27 - 2013-10-14 18:27 - 0000057 _____ () C:\ProgramData\Ament.ini
C:\Users\Sankar Namboodiri\AppData\Local\Google\Desktop\Install
C:\Program Files (x86)\Google\Desktop\Install
C:\Users\Sankar Namboodiri\AppData\Local\Temp\eFixProPackage.exe
C:\Users\Sankar Namboodiri\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Program Files\eFix
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
C:\Users\Public\Desktop\eFix Pro.lnk
C:\Program Files\Reimage
C:\ProgramData\Reimage Protector
C:\Windows\System32\Tasks\ReimageUpdater
C:\Windows\System32\Tasks\Reimage Reminder
C:\rei
C:\Users\Sankar Namboodiri\Desktop\eFixPro (1).exe
C:\Users\Sankar Namboodiri\Desktop\eFixPro.exe
Task: {10D6A8BF-F556-4155-9C06-9C720879CE79} - System32\Tasks\{F95BC09C-F3E6-41D6-B2A4-B178E07BC8A2} => pcalua.exe -a "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\GUninstaller.exe" -c -uprtc -key "BabylonToolbar"
C:\Program Files (x86)\BabylonToolbar
Task: {35BEF947-D721-4560-A2BD-C501D8B450B7} - System32\Tasks\Windows Update Check - 0x21BF04DF => C:\Users\SANKAR~1\AppData\Local\Temp\Rar$EXa0.646\FORCEO~1.EXE <==== ATTENTION
C:\Users\SANKAR~1\AppData\Local\Temp\Rar$EXa0.646\FORCEO~1.EXE
Task: {4B7A90CB-DC66-4172-B6BF-B5F23E812E66} - System32\Tasks\Reimage Reminder => C:\Program Files\eFix\eFix Pro\eFixReminder.exe <==== ATTENTION
Task: {6D56563E-B457-4CF0-9F3B-2C90DC794CB4} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42343112.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42343112.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
C:\Users\Sankar Namboodiri\AppData\Local\Temp\793516544.exe
C:\Users\Sankar Namboodiri\AppData\Local\Temp\56518410.exe
Reboot:

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Finally in this post

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

So when you return please post

• Fixlog.txt
• FRST.txt
• Addition.txt

 

 

[SRDYK?]

Fixlog: 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri at 2015-04-30 19:32:14 Run:1

Running from C:\Users\Sankar Namboodiri\Desktop

Loaded Profiles: Sankar Namboodiri (Available profiles: Sankar Namboodiri)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)

HKLM-x32\...\Run: [] => [X]

HKLM\...\Policies\Explorer\Run: [40973] => C:\PROGRA~3\LOCALS~1\Temp\msiwyzbe.pif

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\CurrentVersion\Windows: [Load] C:\Users\SANKAR~1\LOCALS~1\Temp\mshoaicob.cmd <===== ATTENTION

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [TaskbarNoNotification] 1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {5ddeb4b5-a290-11e1-98c4-002564620625} - E:\SISetup.exe

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {c4a1a91b-1e73-11e0-a44b-002564620625} - E:\Windows\CHECK\DriveNavigator.exe

HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

KLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simp...29-43b7ffe7cbc1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://q.search-simp...29-43b7ffe7cbc1

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

URLSearchHook: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 - Default Value = {f78bf7a8-cf12-4de7-a6da-c463d1b539a7}

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simp...q={searchTerms}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://q.search-simp...q={searchTerms}

SearchScopes: HKLM -> {4BBD339E-0EEB-4F25-889D-6B6544790428} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =

SearchScopes: HKLM-x32 -> {92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> DefaultScope {E39D4439-0BE3-4BAB-A670-427E63E44C9C} URL = http://q.search-simp...q={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> OldSearch URL = http://us.yhs4.searc..._12&os=Windows7Home Premium&p={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {4BBD339E-0EEB-4F25-889D-6B6544790428} URL =

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {67676DCA-C904-4E02-A366-10529FB97417} URL = http://ws.infospace....w={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = http://search.condui...89847&CUI=&UM=2

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} URL =

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {958A494C-94AD-4193-86C5-8FAF777AB831} URL = http://www.google.co...q={searchTerms}

SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {E39D4439-0BE3-4BAB-A670-427E63E44C9C} URL = http://q.search-simp...q={searchTerms}

BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File

Toolbar: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

Winsock: Catalog5 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Winsock: Catalog5 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Winsock: Catalog5-x64 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Winsock: Catalog5-x64 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

FF user.js: detected! => C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\user.js [2015-03-22]

FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn

C:\ProgramData\Norton

CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"

CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_12&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtC0AtB0EtB0F0AtDtD0DtN0D0Tzu0StCtCyByCtN1L2XzutAtFzytFyEtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0AyC0EtCyE0C0AtG0A0AyC0DtG0DzztAyDtGzytDyDtBtGtA0CyD0E0D0F0Ezz0CtCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyzzyByEtAzzyBtGyB0B0CtAtGyEtByDzytGzzyCtCyEtGtCyEtAtB0A0A0AyCyCtDyC0A2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCtDyB%26cr%3D79078218%26a%3Dwny_dnldstr_15_12%26os%3DWindows 7 Home Premium", "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Search) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]

StartMenuInternet: Google Chrome.SJXP7CNPQJ3XWF6TBCM73HEZME - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)

R2 secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS

C:\Windows\SysWOW64\drivers\SECDRV.SYS

2014-06-10 15:21 - 2014-06-10 15:21 - 0000087 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\Camdata.ini

2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamLayout.ini

2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamShapes.ini

2014-06-10 15:21 - 2014-06-10 15:21 - 0004535 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamStudio.cfg

2014-07-03 17:11 - 2014-07-03 17:13 - 0033280 ___SH () C:\Users\Sankar Namboodiri\AppData\Roaming\Thumbs.db

2014-07-02 22:26 - 2014-07-02 22:26 - 0020097 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\UserTile.png

2014-06-10 14:56 - 2014-06-10 14:56 - 0000096 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\version2.xml

2013-07-30 17:52 - 2015-03-03 19:48 - 0000354 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\wklnhst.dat

2010-07-03 19:57 - 2013-11-17 18:17 - 0024064 _____ () C:\Users\Sankar Namboodiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2015-03-02 20:10 - 2015-03-02 20:10 - 0018300 _____ () C:\Users\Sankar Namboodiri\AppData\Local\recently-used.xbel

2013-08-14 21:50 - 2013-08-14 21:50 - 0000017 _____ () C:\Users\Sankar Namboodiri\AppData\Local\resmon.resmoncfg

2013-10-14 18:27 - 2013-10-14 18:27 - 0000057 _____ () C:\ProgramData\Ament.ini

C:\Users\Sankar Namboodiri\AppData\Local\Google\Desktop\Install

C:\Program Files (x86)\Google\Desktop\Install

C:\Users\Sankar Namboodiri\AppData\Local\Temp\eFixProPackage.exe

C:\Users\Sankar Namboodiri\AppData\Local\Temp\EsgInstallerx64Stub.exe

C:\Program Files\eFix

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro

C:\Users\Public\Desktop\eFix Pro.lnk

C:\Program Files\Reimage

C:\ProgramData\Reimage Protector

C:\Windows\System32\Tasks\ReimageUpdater

C:\Windows\System32\Tasks\Reimage Reminder

C:\rei

C:\Users\Sankar Namboodiri\Desktop\eFixPro (1).exe

C:\Users\Sankar Namboodiri\Desktop\eFixPro.exe

Task: {10D6A8BF-F556-4155-9C06-9C720879CE79} - System32\Tasks\{F95BC09C-F3E6-41D6-B2A4-B178E07BC8A2} => pcalua.exe -a "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\GUninstaller.exe" -c -uprtc -key "BabylonToolbar"

C:\Program Files (x86)\BabylonToolbar

Task: {35BEF947-D721-4560-A2BD-C501D8B450B7} - System32\Tasks\Windows Update Check - 0x21BF04DF => C:\Users\SANKAR~1\AppData\Local\Temp\Rar$EXa0.646\FORCEO~1.EXE <==== ATTENTION

C:\Users\SANKAR~1\AppData\Local\Temp\Rar$EXa0.646\FORCEO~1.EXE

Task: {4B7A90CB-DC66-4172-B6BF-B5F23E812E66} - System32\Tasks\Reimage Reminder => C:\Program Files\eFix\eFix Pro\eFixReminder.exe <==== ATTENTION

Task: {6D56563E-B457-4CF0-9F3B-2C90DC794CB4} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION

AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42343112.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42343112.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

C:\Users\Sankar Namboodiri\AppData\Local\Temp\793516544.exe

C:\Users\Sankar Namboodiri\AppData\Local\Temp\56518410.exe

Reboot:

*****************

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => Value was restored successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.

HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\40973 => Value not found.

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows NT\CurrentVersion\Windows\\Load => Value was restored successfully.

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value deleted successfully.

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ddeb4b5-a290-11e1-98c4-002564620625}" => Key deleted successfully.

HKCR\CLSID\{5ddeb4b5-a290-11e1-98c4-002564620625} => Key not found. 

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4a1a91b-1e73-11e0-a44b-002564620625}" => Key deleted successfully.

HKCR\CLSID\{c4a1a91b-1e73-11e0-a44b-002564620625} => Key not found. 

HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.

C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.

C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

HKU\KLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 

HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 

"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4BBD339E-0EEB-4F25-889D-6B6544790428}" => Key deleted successfully.

HKCR\CLSID\{4BBD339E-0EEB-4F25-889D-6B6544790428} => Key not found. 

"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}" => Key deleted successfully.

HKCR\CLSID\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} => Key not found. 

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{92EFC441-0878-43DA-A1ED-B8BC72D2C1E5}" => Key deleted successfully.

HKCR\Wow6432Node\CLSID\{92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} => Key not found. 

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => Key deleted successfully.

HKCR\CLSID\OldSearch => Key not found. 

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4BBD339E-0EEB-4F25-889D-6B6544790428}" => Key deleted successfully.

HKCR\CLSID\{4BBD339E-0EEB-4F25-889D-6B6544790428} => Key not found. 

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67676DCA-C904-4E02-A366-10529FB97417}" => Key deleted successfully.

HKCR\CLSID\{67676DCA-C904-4E02-A366-10529FB97417} => Key not found. 

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}" => Key deleted successfully.

HKCR\CLSID\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} => Key not found. 

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{92EFC441-0878-43DA-A1ED-B8BC72D2C1E5}" => Key deleted successfully.

HKCR\CLSID\{92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} => Key not found. 

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{958A494C-94AD-4193-86C5-8FAF777AB831}" => Key deleted successfully.

HKCR\CLSID\{958A494C-94AD-4193-86C5-8FAF777AB831} => Key not found. 

"HKU\S-1-5-21-2054513145-232998130-3655723851-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E39D4439-0BE3-4BAB-A670-427E63E44C9C}" => Key deleted successfully.

HKCR\CLSID\{E39D4439-0BE3-4BAB-A670-427E63E44C9C} => Key not found. 

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c723a437-2eaf-466d-a95b-3fa0966bf88c}" => Key deleted successfully.

"HKCR\Wow6432Node\CLSID\{c723a437-2eaf-466d-a95b-3fa0966bf88c}" => Key deleted successfully.

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.

HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found. 

Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll

Winsock: Catalog5 entry 000000000008\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll

Winsock: Catalog5-x64 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll

Winsock: Catalog5-x64 entry 000000000008\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll

C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\user.js => Moved successfully.

HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} => value deleted successfully.

C:\ProgramData\Norton => Moved successfully.

Chrome RestoreOnStartup deleted successfully.

Chrome StartupUrls deleted successfully.

Chrome DefaultSuggestURL deleted successfully.

CHR Profile: C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default => Error: No automatic fix found for this entry.

C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.

HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.

ReimageRealTimeProtector => Service not found.

secdrv => Service stopped successfully.

secdrv => Service deleted successfully.

C:\Windows\SysWOW64\drivers\SECDRV.SYS => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\Camdata.ini => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\CamLayout.ini => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\CamShapes.ini => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\CamStudio.cfg => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\Thumbs.db => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\UserTile.png => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\version2.xml => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Roaming\wklnhst.dat => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Local\recently-used.xbel => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Local\resmon.resmoncfg => Moved successfully.

C:\ProgramData\Ament.ini => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Local\Google\Desktop\Install => Moved successfully.

C:\Program Files (x86)\Google\Desktop\Install => Moved successfully.

C:\Users\Sankar Namboodiri\AppData\Local\Temp\eFixProPackage.exe => Moved successfully.

"C:\Users\Sankar Namboodiri\AppData\Local\Temp\EsgInstallerx64Stub.exe" => File/Directory not found.

"C:\Program Files\eFix" => File/Directory not found.

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro" => File/Directory not found.

"C:\Users\Public\Desktop\eFix Pro.lnk" => File/Directory not found.

"C:\Program Files\Reimage" => File/Directory not found.

"C:\ProgramData\Reimage Protector" => File/Directory not found.

"C:\Windows\System32\Tasks\ReimageUpdater" => File/Directory not found.

C:\Windows\System32\Tasks\Reimage Reminder => Moved successfully.

"C:\rei" => File/Directory not found.

"C:\Users\Sankar Namboodiri\Desktop\eFixPro (1).exe" => File/Directory not found.

"C:\Users\Sankar Namboodiri\Desktop\eFixPro.exe" => File/Directory not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10D6A8BF-F556-4155-9C06-9C720879CE79}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10D6A8BF-F556-4155-9C06-9C720879CE79}" => Key deleted successfully.

C:\Windows\System32\Tasks\{F95BC09C-F3E6-41D6-B2A4-B178E07BC8A2} => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F95BC09C-F3E6-41D6-B2A4-B178E07BC8A2}" => Key deleted successfully.

"C:\Program Files (x86)\BabylonToolbar" => File/Directory not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35BEF947-D721-4560-A2BD-C501D8B450B7}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35BEF947-D721-4560-A2BD-C501D8B450B7}" => Key deleted successfully.

C:\Windows\System32\Tasks\Windows Update Check - 0x21BF04DF => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows Update Check - 0x21BF04DF" => Key deleted successfully.

"C:\Users\SANKAR~1\AppData\Local\Temp\Rar$EXa0.646\FORCEO~1.EXE" => File/Directory not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B7A90CB-DC66-4172-B6BF-B5F23E812E66}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B7A90CB-DC66-4172-B6BF-B5F23E812E66}" => Key deleted successfully.

C:\Windows\System32\Tasks\Reimage Reminder not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder" => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D56563E-B457-4CF0-9F3B-2C90DC794CB4} => Key not found. 

C:\Windows\System32\Tasks\ReimageUpdater not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => Key not found. 

C:\ProgramData\TEMP => ":B1FBBD09" ADS removed successfully.

"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\42343112.sys" => Key deleted successfully.

"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys" => Key deleted successfully.

"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\42343112.sys" => Key deleted successfully.

"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\GoToAssist" => Key deleted successfully.

"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys" => Key deleted successfully.

"C:\Users\Sankar Namboodiri\AppData\Local\Temp\793516544.exe" => File/Directory not found.

"C:\Users\Sankar Namboodiri\AppData\Local\Temp\56518410.exe" => File/Directory not found.

 

 

The system needed a reboot. 

 

==== End of Fixlog 19:32:31 ====

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri (administrator) on DOMINATRIX on 30-04-2015 19:36:29

Running from C:\Users\Sankar Namboodiri\Desktop

Loaded Profiles: Sankar Namboodiri (Available profiles: Sankar Namboodiri)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 10 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

(Dell Inc.) C:\Windows\System32\WLTRAY.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe

(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Dell) C:\Users\Sankar Namboodiri\AppData\Local\Apps\2.0\RB9W3D12.P1V\Y6ATRY84.BVV\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe

(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [4119552 2008-11-17] (Dell Inc.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)

HKLM\...\Run: [fssui] => C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [267F03DCE1038D2E34EC9385323C594492D174CA._service_run] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe [812872 2015-04-27] (Google Inc.)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [Google Update] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [EvolveClient] => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-25] (SUPERAntiSpyware)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [DellSystemDetect] => C:\Users\Sankar Namboodiri\AppData\Local\Apps\2.0\RB9W3D12.P1V\Y6ATRY84.BVV\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-07-01] (Dell)

HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)

IFEO\mbam.exe: [Debugger] pp_.exe

IFEO\mbamgui.exe: [Debugger] iu_.exe

IFEO\msseces.exe: [Debugger] ulotmhvc_.exe

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2013-10-14]

ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2014-04-20]

ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk [2015-04-17]

ShortcutTarget: Pokemon Emerald.lnk -> C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe ()

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-15] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-15] (Oracle Corporation)

BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-15] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-15] (Oracle Corporation)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-01] (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default

FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bg_840_bl-is-18__alt__ddc_dsssyctab_bd_com

FF DefaultSearchEngine: Yahoo! Search

FF DefaultSearchEngine.US: Yahoo! Search

FF SelectedSearchEngine: Yahoo! Search

FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-18__alt__ddc_dsssyc_bd_com

FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bg_840_bl-is-18__alt__ddc_dss_bd_com&p={searchTerms}

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()

FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-15] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-15] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-19] (DivX, LLC.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-15] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-15] (Oracle Corporation)

FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll No File

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2010-05-04] (Alcatel-Lucent)

FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sankar Namboodiri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-24] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-11-14] (Ubisoft)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-08-05] (Apple Inc.)

FF SearchPlugin: C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\searchplugins\search-provided-by-yahoo.xml [2015-03-22]

FF Extension: Strong Signal - C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\Extensions\{32b2bf24-d7e1-4457-ae7d-61b5c4686a26}.xpi [2015-03-22]

FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-04-19]

FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-04-19]

FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-19]

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video

FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-18]

FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-18]

 

Chrome: 

=======

CHR Profile: C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (DivX HiQ) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2015-04-30]

CHR Extension: (Bookmark Manager) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]

CHR Extension: (Skype Extension) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-30]

CHR Extension: (Google Wallet) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]

CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-04-30]

CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-07-01]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-05-04] (Alcatel-Lucent) [File not signed]

R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-05-04] (Alcatel-Lucent) [File not signed]

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)

R2 Realtek11nCU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]

R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]

S3 EvoSvc; "C:\Program Files\Echobit\Evolve\EvoSvc.exe" -service -logfile "C:\ProgramData\Echobit\Evolve\EvoSvc.log"

S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]

S2 HPSIService; C:\Windows\system32\HPSIsvc.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)

S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Marvell Semiconductor, Inc.)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-07-12] (Realtek Semiconductor Corporation                           )

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

U1 StarOpen; No ImagePath

S3 cpuz134; \??\C:\Users\SANKAR~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]

S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]

S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-04-30 19:36 - 2015-04-30 19:37 - 00026579 _____ () C:\Users\Sankar Namboodiri\Desktop\FRST.txt

2015-04-30 19:34 - 2015-04-30 19:35 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{37F0F9F3-F5CC-4F1E-80F2-8ECB9F7DA6E0}

2015-04-30 17:35 - 2015-04-30 17:35 - 02101248 _____ (Farbar) C:\Users\Sankar Namboodiri\Desktop\FRST64.exe

2015-04-30 07:34 - 2015-04-30 07:34 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{88947EC5-B5A3-4A83-A338-00D13C1BA793}

2015-04-29 21:38 - 2015-04-29 21:42 - 00000144 _____ () C:\Windows\Reimage.ini

2015-04-29 21:38 - 2015-04-29 21:41 - 00000072 _____ () C:\Windows\efix.ini

2015-04-29 19:32 - 2015-04-29 19:33 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3676B428-FC1A-4250-ABD7-29CAAC053A4D}

2015-04-29 18:16 - 2015-04-29 18:16 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\NisDrv

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\mpfilter

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\amd64

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2015-04-29 18:16 - 2015-01-30 03:26 - 00186656 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll

2015-04-29 18:16 - 2015-01-30 02:24 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll

2015-04-29 17:28 - 2015-04-29 17:28 - 00000000 ____D () C:\TDSSKiller_Quarantine

2015-04-29 17:26 - 2015-04-29 17:27 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sankar Namboodiri\Desktop\tdsskiller.exe

2015-04-29 17:08 - 2015-04-30 19:34 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2015-04-29 17:08 - 2015-04-29 17:08 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\SUPERAntiSpyware.com

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2015-04-29 17:04 - 2015-04-29 17:07 - 21781384 _____ (SUPERAntiSpyware) C:\Users\Sankar Namboodiri\Desktop\SAS_6126996.EXE

2015-04-29 07:31 - 2015-04-29 07:31 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{0D80FC08-A5E2-4ADC-99C4-F02A91124D5F}

2015-04-28 21:07 - 2015-04-29 07:19 - 00000000 ____D () C:\VIPRERESCUE

2015-04-28 21:07 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys

2015-04-28 21:07 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys

2015-04-28 20:50 - 2015-04-28 21:07 - 214511616 _____ () C:\Users\Sankar Namboodiri\Desktop\VIPRERescue39750.exe

2015-04-28 20:41 - 2015-04-30 19:36 - 00000000 ____D () C:\FRST

2015-04-28 20:30 - 2015-04-29 18:23 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-04-28 20:30 - 2015-04-28 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-04-28 20:30 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-04-28 20:30 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-04-28 20:30 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022.exe

2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022 (1).exe

2015-04-28 20:24 - 2015-04-28 20:24 - 00013865 _____ () C:\Users\Sankar Namboodiri\Desktop\Windows Defender - Shortcut.lnk

2015-04-28 20:02 - 2015-04-28 20:02 - 00887280 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Downloads\mssstool64.exe

2015-04-28 20:00 - 2015-04-28 20:00 - 00176940 _____ () C:\Users\Sankar Namboodiri\Downloads\BFE.reg

2015-04-28 20:00 - 2015-04-28 20:00 - 00006396 _____ () C:\Users\Sankar Namboodiri\Downloads\MpsSvc.reg

2015-04-28 19:30 - 2015-04-28 19:30 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{2B2DFACA-F52D-4E92-916B-71AA66A69BA7}

2015-04-27 18:36 - 2015-04-27 18:36 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{A36F09F5-8012-46A7-8F47-F73B969D88F5}

2015-04-27 18:26 - 2015-04-27 18:26 - 14160536 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Desktop\mseinstall.exe

2015-04-25 08:44 - 2015-04-27 00:57 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BE903481-C97F-4543-8E8A-4BB8541DB838}

2015-04-24 18:21 - 2015-04-24 18:22 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BA9562D2-85E4-47AA-912F-CD4AB3CE1E32}

2015-04-23 20:35 - 2015-04-23 20:35 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3CE114CF-1470-4B4D-A77E-800953D4D1B1}

2015-04-22 19:34 - 2015-04-22 19:34 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{F453C3B1-DD0A-4E1E-AE33-295AA68A10D6}

2015-04-19 20:27 - 2015-04-21 19:05 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{23A4C709-A8C8-437D-B436-6DD3056FA836}

2015-04-19 18:02 - 2015-04-19 18:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-19 08:26 - 2015-04-19 08:26 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{AE5B2CAE-83F2-4007-8241-A75C92EDC375}

2015-04-17 19:08 - 2015-04-29 21:33 - 00000000 ____D () C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}

2015-04-17 17:20 - 2015-04-17 17:20 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{79CDA661-C844-42DE-A39C-184DB4ED6068}

2015-04-16 20:49 - 2015-04-16 20:49 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{F36F0089-8F4F-447A-BC4B-AF261D996C1A}

2015-04-12 21:01 - 2015-04-12 21:01 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{319474BE-8EF4-4346-8C03-865F49DC434D}

2015-04-12 08:32 - 2015-04-12 08:32 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3C5AA834-3FF2-44E9-BC2C-A84902C4BF8D}

2015-04-11 10:54 - 2015-04-11 10:54 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{9F085D21-15B7-4BC2-9074-13AC6EFAB672}

2015-04-08 20:35 - 2015-04-12 21:02 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\2015 folder

2015-04-08 20:35 - 2015-04-08 20:35 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{0DBB7D6C-6D7F-4E32-B4D2-E4C65128AF08}

2015-04-05 10:36 - 2015-04-05 10:36 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{33E07FBE-B4E1-438A-8073-90586D9668DC}

2015-04-04 14:31 - 2015-04-04 14:31 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{64700523-5554-474D-86EA-0DF6F7753946}

2015-04-03 18:56 - 2015-04-03 18:57 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BC4BC0AF-1B03-46BF-834A-3012CBAB9FEC}

2015-04-01 19:48 - 2015-04-01 19:48 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{A885CBED-D941-4518-80B8-7106DE402AE7}

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-04-30 19:36 - 2015-01-24 20:08 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\Stuff

2015-04-30 19:34 - 2014-03-20 15:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-04-30 19:34 - 2014-01-29 16:32 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2015-04-30 19:33 - 2014-07-09 19:32 - 00009444 _____ () C:\Windows\setupact.log

2015-04-30 19:33 - 2009-09-30 03:49 - 00555210 _____ () C:\Windows\PFRO.log

2015-04-30 19:33 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-04-30 19:32 - 2009-07-14 01:10 - 01499833 _____ () C:\Windows\WindowsUpdate.log

2015-04-30 19:32 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2015-04-30 19:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2015-04-30 19:31 - 2014-03-20 15:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-04-30 19:14 - 2012-07-15 10:09 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job

2015-04-30 19:12 - 2013-03-16 16:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-04-30 18:39 - 2010-01-02 15:53 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job

2015-04-30 18:01 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-04-30 18:01 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-04-30 17:43 - 2012-07-15 10:09 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job

2015-04-30 17:39 - 2010-01-02 15:53 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job

2015-04-30 06:27 - 2013-08-14 19:24 - 00002430 _____ () C:\Users\Sankar Namboodiri\Desktop\Google Chrome.lnk

2015-04-30 06:25 - 2010-01-14 21:45 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4049948B-A48B-40A1-8DFC-B6312779EC7A}

2015-04-29 18:22 - 2011-01-25 17:48 - 00002198 _____ () C:\Windows\epplauncher.mif

2015-04-29 18:16 - 2011-01-25 17:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2015-04-29 17:42 - 2010-11-20 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade

2015-04-29 17:41 - 2010-08-28 18:27 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Octoshape

2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Dev-Cpp

2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Dev-Cpp

2015-04-29 17:40 - 2012-01-23 20:15 - 00000000 ____D () C:\Program Files (x86)\Comical

2015-04-28 20:37 - 2014-06-12 17:59 - 00000000 ____D () C:\ProgramData\NexonUS

2015-04-28 20:37 - 2012-05-20 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2015-04-28 20:37 - 2012-05-20 19:02 - 00000000 ____D () C:\Program Files\HP

2015-04-28 20:36 - 2010-11-25 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games

2015-04-28 20:36 - 2010-11-20 11:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2015-04-28 20:35 - 2010-02-11 21:33 - 00000000 ____D () C:\Program Files (x86)\Inkscape

2015-04-28 20:05 - 2009-07-14 01:13 - 00784822 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-04-28 19:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-04-28 19:33 - 2010-01-02 15:53 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Google

2015-04-27 18:30 - 2014-07-18 13:16 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\.minecraft

2015-04-25 10:05 - 2015-01-17 21:00 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\Scanned pages

2015-04-24 22:25 - 2013-08-14 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-17 18:12 - 2013-03-16 16:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-04-17 18:12 - 2013-03-16 16:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-04-17 18:12 - 2011-09-29 23:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-08 20:35 - 2012-04-20 20:22 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Windows Live

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-04-24 00:24

 

==================== End Of Log ============================

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri at 2015-04-30 19:39:15

Running from C:\Users\Sankar Namboodiri\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2054513145-232998130-3655723851-500 - Administrator - Disabled)

Guest (S-1-5-21-2054513145-232998130-3655723851-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2054513145-232998130-3655723851-1002 - Limited - Enabled)

Sankar Namboodiri (S-1-5-21-2054513145-232998130-3655723851-1001 - Administrator - Enabled) => C:\Users\Sankar Namboodiri

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}

AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 - Microsoft)

Akamai NetSession Interface (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArcSoft MediaImpression (HKLM-x32\...\{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}) (Version: 1.2.28.448 - ArcSoft)

ATI Catalyst Install Manager (HKLM\...\{64FBA03C-575C-D688-1C80-A5773CE471F9}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

Audacity 1.3.11 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)

Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)

Avery Template - U_0332_01_L (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000007}) (Version: 1.0.0.0 - Avery)

Avery Template (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000010}) (Version: 2.0.0.0 - Avery)

Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)

BlueJ 2.5.3 (HKLM-x32\...\BlueJ_is1) (Version:  - Deakin University)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Brother HL-2140 (HKLM-x32\...\{F4873ADE-DCCC-46EA-9721-BC2BF8CD2EFE}) (Version: 1.00 - Brother)

CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

ContentSAFER for Wizmax (HKLM-x32\...\{C19BE821-89B1-4A96-AC7C-873810C0CB5F}) (Version:  - )

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DeepBurner Pro v1.9.0.228 (HKLM-x32\...\{1AD22277-7A1E-71EC-B27D-EB7A22BED143}) (Version:  - )

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.24 - Dell)

Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)

Dell System Detect (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.)

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)

Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)

Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)

DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)

EmoDio (HKLM-x32\...\InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}) (Version: 1.0 - Samsung)

EmoDio (x32 Version: 1.0 - Samsung) Hidden

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

FlowLayoutDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\FlowLayoutDemo) (Version:  - The Java™ Tutorial)

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)

Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 2.70 - Philipp Winterberg)

FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.8.1 - )

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

GlassPaneDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\GlassPaneDemo) (Version:  - The Java™ Tutorial)

Google Chrome (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6272.0 - IDT)

Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden

Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1994 - Intel Corporation)

Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)

InternalFrameDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\InternalFrameDemo) (Version:  - The Java™ Tutorial)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Media Framework 2.1.1e (HKLM-x32\...\Java Media Framework 2.1.1e) (Version:  - )

Java MP3 PlugIn (HKLM-x32\...\Java MP3 PlugIn) (Version:  - )

Java™ SE Development Kit 6 Update 18 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160180}) (Version: 1.6.0.180 - Sun Microsystems, Inc.)

JFreeChart 1.0.13 Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\JFreeChart 1.0.13 Demo) (Version:  - Object Refinery Ltd)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Menu Glue Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Menu Glue Demo) (Version:  - The Java™ Tutorial)

Menu Layout Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Menu Layout Demo) (Version:  - The Java™ Tutorial)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)

Microsoft Halo (HKLM-x32\...\Halo) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Communicator 2007 (HKLM-x32\...\{E5BA0430-919F-46DD-B656-0796F8A5ADFF}) (Version: 2.0.6362.0 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)

Nitronic Rush (2012-12-21 .2) version 20121221.1 (HKLM-x32\...\{9B55759D-424F-4CB1-B84E-AAE83CC1D20A}_is1) (Version: 20121221.1 - DigiPen)

PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)

Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{35DB2630-846E-47C5-AF84-9D6AC3629F55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

Progress Bar (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Progress Bar) (Version:  - The Java™ Tutorial)

Progress Monitor Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Progress Monitor Demo) (Version:  - The Java™ Tutorial)

Python 3.2.2 (64-bit) (HKLM\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFe}) (Version: 3.2.2150 - Python Software Foundation)

Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)

QuickTime (HKLM-x32\...\{BFD96B89-B769-4CD6-B11E-E79FFD46F067}) (Version: 7.4.1.14 - Apple Inc.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - REALTEK Semiconductor Corp.)

RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)

Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)

Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.7896 - Skype Technologies S.A.)

Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)

Slik Subversion 1.6.17 (x64) (HKLM\...\{D7F354AA-0E15-4407-B3FC-866BEA805CCD}) (Version: 1.6.17.0 - SlikSvn & The SharpSvn Project)

SmartMusic (HKLM-x32\...\{287324A5-8034-4720-ACE4-497956793955}) (Version: 1.1.2557 - MakeMusic, Inc.)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)

SWI-Prolog (remove only) (HKLM-x32\...\SWI-Prolog) (Version:  - )

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Requirements Lab (HKLM-x32\...\{9E1BAB75-EB78-440D-94C0-A3857BE2E733}) (Version: 4.1.71.0 - Husdawg, LLC)

System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)

Tarrasch Chess GUI V1.00b (HKLM-x32\...\Tarrasch Chess GUI_is1) (Version:  - Triple Happy Ltd.)

Unity Web Player (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)

VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

 

==================== Restore Points  =========================

 

08-02-2015 21:41:53 Scheduled Checkpoint

03-03-2015 20:14:41 Scheduled Checkpoint

13-03-2015 21:06:16 Scheduled Checkpoint

28-03-2015 20:23:41 Scheduled Checkpoint

05-04-2015 11:27:01 Scheduled Checkpoint

17-04-2015 20:29:18 Scheduled Checkpoint

25-04-2015 15:08:30 Scheduled Checkpoint

28-04-2015 19:32:29 Removed Google Talk Plugin

29-04-2015 17:39:08 Removed Visual Studio 2010 x64 Redistributables

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {1C804CEB-DB8B-4329-B8C7-1C21AB4938E2} - System32\Tasks\{E36CDDE6-F3F4-4F89-9FCA-EF11C4FB478C} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\EvolveSetup.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {2DFFF575-4795-4A5E-8089-FE7B85E007C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)

Task: {4337C04C-37B4-46DF-AD01-4FA7F082135E} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)

Task: {55D345FF-EB86-452E-9AD8-252932600915} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-15] (Facebook Inc.)

Task: {58310B14-A0A3-40B8-8754-3E00E5A0F224} - System32\Tasks\{8D1FB7FF-F48D-4EB3-A860-3AFDC26F74ED} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Downloads\javamp3-1_0.exe" -d "C:\Users\Sankar Namboodiri\Downloads"

Task: {5866912C-061D-49DE-B991-F27AEFB7DDE3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {6273E771-DACB-48B5-9B2D-933BB3AED0E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {674EAD69-E0B1-404A-84EC-3D92411811CB} - System32\Tasks\{0FEA6B1D-EF1B-4658-B8CD-4A095CC2602A} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Downloads\Win7Vista_64_151719.exe" -d "C:\Users\Sankar Namboodiri\Downloads"

Task: {742B6AB0-78C1-4B2E-BDFE-08714F627E97} - System32\Tasks\{4FF6883F-050A-4487-9BE4-651BA6452C4B} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\mte\MTE.exe" -d "C:\Users\Sankar Namboodiri\Desktop\mte"

Task: {75F70731-8FC8-4859-B89E-E6C706A60967} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-15] (Facebook Inc.)

Task: {989C4EC6-5E70-4B4B-BEF6-59634EF5961D} - System32\Tasks\{0F582C0D-F376-47F4-B4FE-CEB5FD6D4C0E} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\liteloader-installer-1.6.2-01.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {A0AA9DC2-31E5-4492-9A60-440FFD2EF57F} - System32\Tasks\{A955B7AD-973B-459B-B4BA-CFF93EE86639} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\pixelmon mod installer.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {A111F2A4-21CB-4E06-8B30-DF1078AF8015} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)

Task: {A1C0FFD6-AB20-4F5C-95E8-50972271F0AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {CCD0AD95-EEBC-4558-AC76-3BCA29B37396} - System32\Tasks\{5B91FB81-7F70-4E63-9C98-828D64624768} => C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe [2003-09-02] (Ensemble Studios)

Task: {E242D8D1-C232-45C8-B7E7-A167DFC20DBB} - System32\Tasks\D77R8YJ1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)

Task: {EA21A921-8D99-4524-80DC-7F07976E9824} - System32\Tasks\{5E54517A-157B-48BE-81BC-2FE1CD97FC77} => Chrome.exe http://ui.skype.com/...all?page=tsMain

Task: {F0665ECC-C260-4679-87FD-7B79F4322468} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)

Task: {F65CCD10-65D4-4CE8-8D77-EC09698ADE6C} - System32\Tasks\{0A658BCB-C922-4F25-A36D-DC2DEC06B564} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\Win7Vista_64_151719.exe" -d "C:\Users\Sankar Namboodiri\Desktop"

Task: {F7AA074C-9669-4E14-B07E-55B8C81A8194} - System32\Tasks\{01970AA0-1901-4795-B5E9-E406F63AF5B9} => C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe [2003-09-02] (Ensemble Studios)

Task: {F8165C36-4005-4F25-B434-508069E33EBA} - System32\Tasks\{A315EEC4-DE3F-456E-A8E9-81946C32D504} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) ==============

 

2009-09-30 01:58 - 2009-07-16 21:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

2009-09-30 01:58 - 2009-07-16 21:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll

2014-12-21 19:56 - 2011-02-28 18:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll

2012-05-20 19:04 - 2010-03-04 16:56 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL

2009-09-30 01:58 - 2008-11-17 07:29 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll

2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-12-05 09:25 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll

2009-09-30 02:02 - 2009-07-16 11:58 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll

2009-09-30 02:02 - 2009-07-16 11:59 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

2014-12-30 21:29 - 2014-06-04 11:21 - 00571904 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll

2014-12-30 21:29 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

2015-04-30 06:27 - 2015-04-27 22:07 - 01252680 _____ () C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\42.0.2311.135\libglesv2.dll

2015-04-30 06:27 - 2015-04-27 22:07 - 00080712 _____ () C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\42.0.2311.135\libegl.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) ===============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

 

IE trusted site: HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\dell.com -> dell.com

IE trusted site: HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\vizzed.com -> www.vizzed.com

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.254

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Sankar Namboodiri\AppData\Local\Akamai\netsession_win.exe"

MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: wininit1360259348 => C:\Users\Sankar Namboodiri\AppData\Local\Temp\793516544.exe

MSCONFIG\startupreg: wininit58554926 => C:\Users\Sankar Namboodiri\AppData\Local\Temp\56518410.exe

 

==================== FirewallRules (whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (04/30/2015 07:34:45 PM) (Source: Dell System Detect) (EventID: 0) (User: )

Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[There are multiple root elements. Line 1, position 626.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlTextReaderImpl.Throw(Exception e)

   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()

   at System.Xml.XmlLoader.LoadDocSequence(XmlDocument parentDoc)

   at System.Xml.XmlDocument.Load(XmlReader reader)

   at System.Xml.XmlDocument.LoadXml(String xml)

   at eSupport.Common.Client.Service.Master.LoadConfig()]]></StackTrace><SysInfo STag="77R8YJ1" SMBIOSMajVer="2" SMBIOSMinVer="4" SMBIOSBIOSVer="A10" SMBIOSPresent="True" Rel_Date="20090717000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 1545" Ident_Num="DOMINATRIX" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/></Exception>

 

Error: (04/30/2015 05:55:30 PM) (Source: Dell System Detect) (EventID: 0) (User: )

Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[There are multiple root elements. Line 1, position 626.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlTextReaderImpl.Throw(Exception e)

   at System.Xml.XmlTextReaderImpl.ParseDocumentContent()

   at System.Xml.XmlLoader.LoadDocSequence(XmlDocument parentDoc)

   at System.Xml.XmlDocument.Load(XmlReader reader)

   at System.Xml.XmlDocument.LoadXml(String xml)

   at eSupport.Common.Client.Service.Master.LoadConfig()]]></StackTrace><SysInfo STag="77R8YJ1" SMBIOSMajVer="2" SMBIOSMinVer="4" SMBIOSBIOSVer="A10" SMBIOSPresent="True" Rel_Date="20090717000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Inspiron 1545" Ident_Num="DOMINATRIX" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/></Exception>

 

Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 14415927

 

Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 14415927

 

Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 16824614

 

Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 16824614

 

Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 14407519

 

Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 14407519

 

 

System errors:

=============

Error: (04/30/2015 07:34:59 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )

Description: Unexpected failure. Error code: D@01010004

 

Error: (04/30/2015 07:34:59 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )

Description: Unexpected failure. Error code: D@01010004

 

Error: (04/30/2015 07:33:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%5

 

Error: (04/30/2015 07:33:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%5

 

Error: (04/30/2015 07:33:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The HP SI Service service failed to start due to the following error: 

%%2

 

Error: (04/30/2015 07:33:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%5

 

Error: (04/30/2015 07:33:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Base Filtering Engine service terminated with the following error: 

%%5

 

Error: (04/30/2015 06:19:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error: 

%%5

 

Error: (04/30/2015 06:19:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Base Filtering Engine service terminated with the following error: 

%%5

 

Error: (04/30/2015 05:54:31 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )

Description: Unexpected failure. Error code: D@01010004

 

 

Microsoft Office Sessions:

=========================

Error: (02/07/2015 03:52:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (02/07/2015 03:52:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (02/07/2015 03:51:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4230 seconds with 120 seconds of active time.  This session ended with a crash.

 

 

==================== Memory info =========================== 

 

Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz

Percentage of memory in use: 47%

Total physical RAM: 3032.36 MB

Available physical RAM: 1577.2 MB

Total Pagefile: 9174.55 MB

Available Pagefile: 7406.57 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:213.72 GB) (Free:68.94 GB) NTFS

Drive e: (WDO_MEDIA64) (Removable) (Total:7.63 GB) (Free:7.31 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 232.9 GB) (Disk ID: 2B391CB6)

Partition 1: (Not Active) - (Size=298 MB) - (Type=DE)

Partition 2: (Active) - (Size=18.9 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=213.7 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.6 GB) (Disk ID: 04030201)

Partition 1: (Active) - (Size=7.6 GB) - (Type=0B)

 

==================== End Of Log ============================

 

Again thank you for your help. Looks like Chrome ads are gone so that's good.

Oh and by the way about eFix Pro, my bad this is my father's computer and he had previously downloaded many malware protection things. I googled eFix and figured out it was bad. It has been deleted from control panel.

Edited by SRDYK?, 30 April 2015 - 05:47 PM.

[emeraldnzl]

Hello SRDYK?,

Your Java is out of date. Older versions are vulnerable to attack.

Please follow these steps:
 

• Download and install Java for Windows
  
  Note: When installing make sure you untick any boxes that install any other program such as Ask Tool Bar, Ask Search Engine, McAfee site advisor, Chrome or some such. They are foistware and you don't need them.
  
  Reboot your computer.
  You also need to unininstall older versions of Java.
     
• Click Start > Control Panel > Uninstall a program
     
• Remove all Java updates except the latest one you have just installed.

Next

Open notepad.

Please copy the contents of the code box below.

To do this highlight (click in the box and press Ctrl + A) the contents of the box and right click on it. Paste this into the open notepad. Save it to the Desktop as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

CMD: ipconfig /flushdns
EmptyTemp:

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Finally in this post

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.



Click on Scan  and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

When you return please post

• Fixlog.txt
• JRT.txt
• AdwCleaner report

 

[SRDYK?]

AdwReport:

 

# AdwCleaner v4.203 - Logfile created 01/05/2015 at 16:05:40

# Updated 30/04/2015 by Xplode

# Database : 2015-04-30.2 [Server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Sankar Namboodiri - DOMINATRIX

# Running from : C:\Users\Sankar Namboodiri\Desktop\adwcleaner_4.203.exe

# Option : Cleaning

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}

Folder Deleted : C:\Program Files (x86)\Spyware Clear

File Deleted : C:\Windows\efix.ini

File Deleted : C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\searchplugins\search-provided-by-yahoo.xml

 

***** [ Scheduled tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL

Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1

Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}

Key Deleted : HKCU\Software\Define Ext

Key Deleted : HKCU\Software\eFix

Key Deleted : HKCU\Software\Local AppWizard-Generated Applications

Key Deleted : HKLM\SOFTWARE\Define Ext

Key Deleted : HKLM\SOFTWARE\Better-Surf

Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar

Key Deleted : HKU\.DEFAULT\Software\Local AppWizard-Generated Applications

Key Deleted : [x64] HKLM\SOFTWARE\eFix

Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC

Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - local;<local>

 

***** [ Web browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16635

 

 

-\\ Mozilla Firefox v36.0.1 (x86 en-US)

 

 

-\\ Google Chrome v

 

 

*************************

 

AdwCleaner[R0].txt - [14077 bytes] - [29/01/2014 16:54:14]

AdwCleaner[R1].txt - [1055 bytes] - [29/01/2014 17:03:00]

AdwCleaner[R2].txt - [1235 bytes] - [27/05/2014 18:02:50]

AdwCleaner[R3].txt - [1297 bytes] - [01/07/2014 12:44:42]

AdwCleaner[R4].txt - [5981 bytes] - [26/09/2014 19:43:31]

AdwCleaner[R5].txt - [3477 bytes] - [01/05/2015 16:03:53]

AdwCleaner[S0].txt - [13179 bytes] - [29/01/2014 16:56:34]

AdwCleaner[S1].txt - [1366 bytes] - [01/07/2014 12:45:53]

AdwCleaner[S2].txt - [6951 bytes] - [26/09/2014 19:46:37]

AdwCleaner[S3].txt - [3284 bytes] - [01/05/2015 16:05:40]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [3343  bytes] ##########

 

 

Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri at 2015-05-01 06:58:25 Run:2

Running from C:\Users\Sankar Namboodiri\Desktop

Loaded Profiles: Sankar Namboodiri (Available profiles: Sankar Namboodiri)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

CMD: ipconfig /flushdns

EmptyTemp:

*****************

 

 

=========  ipconfig /flushdns =========

 

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========= End of CMD: =========

 

EmptyTemp: => Removed 5.3 GB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog 07:02:14 ====

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.6.7 (04.30.2015:1)

OS: Windows 7 Home Premium x64

Ran by Sankar Namboodiri on Fri 05/01/2015 at  7:07:40.59

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Tasks

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271159}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271159}

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\Windows\reimage.ini

 

 

 

~~~ Folders

 

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{02032224-B17C-463C-8BC7-0062C4E03FA2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0217C0A1-F221-466C-809D-F123BDD4F7A2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0299E152-95E2-411E-B1B0-2A0793F2B099}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0356BFC3-21A0-47F4-9FE5-90786EB84261}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{037EA3B2-BE49-40D7-ACE6-DC5DD8869824}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{039880F7-8622-4990-83E4-70F69B7D246E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{04C9568F-B76D-4485-B7D0-CF9652564040}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{04E21741-ABDB-417C-ABEA-D3C3C66CE652}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{05482964-C82F-4432-95B3-C11BEBE706C1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{05D26AD6-4764-4E4E-9572-D4BC09C89297}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{06943D3C-657E-4412-A2AB-DDE2124D4578}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{069C8C8B-D6B7-43C3-8F36-1595038A9525}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0733755D-99F1-4C4C-8BDA-A6263E7FC0D4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{078FC8AB-9468-453B-8C37-7EAF46957885}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{07FA1623-6C45-4CE8-863F-0391DC400AA4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{095767FD-6D6E-4F4A-8A92-076DF36F89FA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{09A6C3F2-6DB8-4558-8884-55D16D0167C8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{09F4E7C5-7B15-415A-9F93-7860178CA390}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{09F4ED4C-CD7A-48A9-BCF3-D6907840D7E8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0A704B36-7821-4D2B-BE1F-9861B3F1F697}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0A743CE1-8EA2-4301-8359-C64FC423DE31}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0B3F8926-A97B-47E9-B036-574861091FF4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0C6A50DE-6262-44B9-8E83-BBDF043A4BC9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0CC507DD-B80E-4C30-B567-1B4DCE178B3E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0CF29ABF-87E1-4773-8271-36E71DA4DCCD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0CFB4E25-E176-4D50-8E45-00CB7FF0B094}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0D80FC08-A5E2-4ADC-99C4-F02A91124D5F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0D9408C5-2A93-4296-A0D8-59833E498EBE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0DBB7D6C-6D7F-4E32-B4D2-E4C65128AF08}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{0FFD6EB3-E3EB-4A07-A4CE-276C72077B5F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{107E2172-7D34-467D-9984-1DDC94C7EC58}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{10C52F78-ED05-4701-8DF1-B5F36F62CA8F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1178391A-1FD6-415B-B21B-474C2EC4991A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1198856E-6154-401B-989B-289539F8F412}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{11BEBF20-5CFE-41E1-B8FE-DEDE154F4D56}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{122423C7-8601-47FD-84F7-DC1025B14552}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1236B7A8-729F-4506-B39A-0AA26A573C3B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{123B451D-97F0-4895-937F-06F633434D42}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{125F7B1B-9FE3-498D-8A82-B812C743B6A8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1268B5E5-CCC4-4ED3-9CD7-88CB505BA58E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1291A046-9398-486C-A14A-E4ECA93D1073}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{13345732-C0D6-47A3-89DC-9A18D2CDF029}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{133F4C32-F707-4BC7-BDC4-E55753B7095A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{136080DA-3AFF-4640-9882-3526D3DF1407}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{138C9EC2-3C3F-4AC3-B632-03E0C19B6EFB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1424B69C-309A-49FC-B669-45A4FD9F374B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1429EC64-EA77-4535-B388-76B91E6A6FF6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{145101B7-B654-4322-A2DA-D26D08BA957C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{14DEC6BA-93F1-46E7-9C8A-7B8AAC896629}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{156E25E1-6732-4074-8270-52B43BF3DDBF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1621D432-5B8C-47B5-A8FB-711EC82E0AB1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{16AC05F7-B32E-421D-80CD-005931DC939B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{16D790B9-FF92-4E78-A215-06D617E2F05F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{16F0A886-BE5D-4D2A-AF65-A5E42A063E56}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{18156582-DB2E-4BB0-8313-0BB80995F95F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{18AB0FC5-128A-450C-804F-0504758F325C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{18BB374D-FC92-4DD3-AB20-E06D781C6687}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{18EFA5DA-1CDA-4DAE-8D06-316682166A07}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{19500FB8-D748-4986-BECE-67F42CDA62E0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{19547991-12CE-4E73-B1CC-A19B78832C06}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{19861A9E-CE00-4ADC-946E-EB7C8796296C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{19998146-8CA4-4D4A-A416-362CF2A215DE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{19DE42FC-2076-40FF-99C1-2C9EEDD75FEB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1AB324AB-4E23-4670-9A01-5B666B9909A4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1ABC05DA-5086-49E2-821D-A883BE29D4B3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1BA32858-9A25-4FAF-8375-61FFCC4BC524}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1BBA56A3-304C-45B0-A1CD-A33DB1D7FBBA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1C7BAA81-ADDB-44AB-A3DA-2869406C16CA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1CA678B3-A66A-49FE-9594-73E4BFC478AE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1CE658C8-4496-46D2-ACB9-F7FD5B284BD2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1E0A79C9-0886-48AF-B753-30973E94F9FA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1ED4748E-FC57-4995-88E6-CF83F3D332C3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{1FFC1630-7A7D-4755-B056-167555B0AF18}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{20034B1F-FA13-4431-A847-782A1CDB9CED}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{207B9A0A-65C9-49FE-82B0-FA97235E4ACE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{20A40C42-259B-4BF1-BE85-A7C3D52BD11D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{20FC5F0D-F785-4BCF-9CEA-48A41E5EF2E4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{21ACAFD7-A239-48DA-BD56-00CD8542EBCB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{22051823-755D-403D-8B1A-2F63875C880D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2234ECB5-7EFE-4621-9535-F47C68CD25B9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{224479F9-9830-4534-863F-80AA430FCC90}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{22D28449-EA4D-4141-9128-2413A635F648}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{23874BF2-A9DA-41A7-8D4A-84F58E3F6D8F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{23A4C709-A8C8-437D-B436-6DD3056FA836}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{24EEAB2E-5613-4EF3-81B4-BC3AE3A0B6A2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2510415B-2C9F-4F01-9DD3-DE2FBF97994A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{251C376D-FBC2-45CF-A3F3-764496879974}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2567A60C-D623-4B7B-8172-66129C8CC78E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{25B88CF3-7B6E-49BB-A751-8811851173A5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{26F579F6-1B06-484B-BCA5-24E03FD7A48B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{28628F8C-3F8B-40F3-9637-36FAEDB14B04}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{294489EC-B313-4EE7-B3E0-27ADD6BE69EE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{29590BE9-467D-43D1-BC77-3786952487A3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{297A52CD-1396-430A-A933-C26A8BC527FD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{29EA930D-D4AA-4C27-A6F6-0549B417A5E2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2A8F0962-511B-4BA4-AFAC-6A7694904027}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2A9380AD-658B-4DD4-AAF7-E15298A03B7F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2AC42B70-5A8C-42C1-89CE-1EA6CBABD0B5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2AEB0C06-FA9F-4F01-962A-0757ED2AEF24}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2B2DFACA-F52D-4E92-916B-71AA66A69BA7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2B939BDA-4E82-457F-9E25-0244FC1A987E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2BC998E6-BC0E-4763-B849-29ACC4BE4A08}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2BEF53B5-B773-4E20-A5E5-44A623427D88}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2CC39194-C537-4D73-81FA-F120EF8F512D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2D6844E2-BC13-4C87-BD12-F3DC589DEB6D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2D95CBFD-FD92-4C52-9E09-2A38DA2F3542}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2DA2E019-6EEC-45EE-AE7C-D78BC5F16FCA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2DE371C9-3B9E-41F5-A026-63C7F06F1FEA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2E175B8C-FD40-44C9-B173-FC404C969316}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2E226AF2-A219-4CA4-8641-B6D5E9AEF67B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{2E9C3EFA-B279-4B1A-9973-5B4EE21C954B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{30118E78-36B5-4B01-861C-C9F1C652FE97}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3073EE7F-C44D-4908-A5BA-69EA27FB5DE9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{308A11A5-EB20-4906-907F-B5F74A0FB50A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{30941CCC-0BCC-47D8-BB31-39DBF3720389}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{30F41C66-A60D-4899-A819-5FB1AD5925D8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3131A388-9A90-403C-8963-B67E9A48D365}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{31406B0A-03B8-4FC7-863C-A7739D426B3C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{319474BE-8EF4-4346-8C03-865F49DC434D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3197EDB8-B0E1-41E6-A866-31AE522E0A53}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{325785ED-332D-48DE-8515-50BA937014E0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{326EA848-48CD-4E12-A3FC-4FB668F241D1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{32B83C81-F3EC-4B97-8B9C-7EB7882F8F34}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{32C59139-29E7-4570-99AD-DA5219BA9702}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{32CD8514-3BFE-4F42-B538-65A54A66D946}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{33E07FBE-B4E1-438A-8073-90586D9668DC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{354DCF54-A376-4F00-91C6-8CC8F3ED1B51}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{357B48E7-3766-4077-A633-2195FCC8B79E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{35AC9CDE-5FF2-4FA3-B118-73452B5036DE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{35EB58C6-FA14-467B-A508-EA2D59698A95}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{363A007E-2115-4C66-9C3C-FE828B36D57D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3676B428-FC1A-4250-ABD7-29CAAC053A4D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{369263E7-D321-4AD6-8003-B06ACD9037E5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{36A1237D-7E58-4C43-8AE0-D24E03F53687}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{36F37B46-73F1-460C-A67C-C4F91C7E3029}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{37BBAAB9-B4CD-4F54-989A-D5C501060236}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{37F0F9F3-F5CC-4F1E-80F2-8ECB9F7DA6E0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{397F657A-19F2-4286-BBE5-8673E7A21830}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3983F534-6325-4FC6-A735-F3CCE9BFFDF9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{39870133-1306-492B-80DF-6FC88BAA48A7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{39EDD32C-99AD-4FE5-B5D1-3160C2993FE2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3A0D4B9B-4B06-4F35-A9E7-54F97E570CD7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3A3A1C9D-FD60-4629-8138-00C7B821BF32}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3B12F5F7-4E15-4D17-9BC9-4BE2C49783A4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3B395B33-DC4D-4F6B-B984-7966DF74DDF8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3B6C18C0-7D14-413D-A3D4-91C7E74D0109}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3C06458E-E3FD-4574-B96A-21F26A8E384E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3C07199A-B251-40B0-82DB-A9D907D51D9C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3C5AA834-3FF2-44E9-BC2C-A84902C4BF8D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3C601D3F-D56F-4DC4-B1E7-E7E5C8064909}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3C8CFAF0-8C5B-493B-81DC-ED2C3EC36703}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3CB381E8-47CE-4DB0-92BA-6F842169B978}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3CDD767F-E79B-43E9-A06A-394E31646CE3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3CE114CF-1470-4B4D-A77E-800953D4D1B1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3D871E87-424E-4015-9C92-FFBE9FD9C49F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3E93BE62-8400-4B19-A491-A582411FDB83}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3EBD0994-F7A8-4D30-8D91-3BB194486F07}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{3F61595C-AB8F-4CAF-91C3-80FF7010DF8A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{402A74C0-12A6-4F72-A4E1-D15A15D80708}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{408D29CC-53FB-499E-B6D3-B114D108350F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{418B4C02-09CA-4A7E-AE6B-1EA1AB1E4C17}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{424F8968-052B-4CC0-B6C6-9485C608F0BD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{428A03DE-9E15-4823-9309-E44407990D3C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{431F5193-C676-43D6-9AA1-15E9E4DC8D96}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{432A3475-DF44-481B-B0D7-AC4377A044AC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{438DAE9F-CCB6-4059-8B29-8DCD04AA5A26}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{43CB97CF-EE78-4D50-A2FF-FDCF67CE27BE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{446459BB-F47F-4D88-94F1-91F57C27C47A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4513F87B-8673-4B43-BA69-A2B2330D139D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{45D7FF90-69EF-4D39-BE75-7A6C3FB166D8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{45EDB88B-BC99-4453-84D2-805AC1DD34E8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4639F04E-1C95-48E5-B24C-59D261398166}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{463AF937-AA6E-4201-A80C-ED7DA5B249ED}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{473B4035-7ECF-4FD7-96A9-6F2C8D5F35EB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{47891700-55DC-4B6B-9556-0B8821E60C87}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{48980485-8FAD-4E57-9FD1-D8494AE4D75F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{49349EC1-8EF7-46BF-B107-100B5D2088DB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{49FE118F-3EC7-49B6-A520-5A5C2CC4F3B1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4A01C0E4-81C3-475D-A494-3C6313D96EF0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4AA98D53-BEC2-4572-91F2-845119215460}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4AC2DD34-0524-4495-9C9F-CDCC48663581}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4AC30A1D-D535-419E-AC07-B08F79B1BECB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4AEAA39D-6D87-4581-9D48-F34DE3BA1006}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4B149566-EC43-4E6E-90AD-4DB961B12E10}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4B92E0D4-17BC-46D9-816C-96768FA0BE48}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4BF85AEE-C097-491E-BC27-8D1AA0FB0B16}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4BFB82A4-8DBA-4F0F-9FCE-D8DC9B64157D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4C124AD5-0C55-4EC5-A754-A5E7442AA740}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4C1E5858-C5B1-4EA2-A4E7-3E3263F8CF0C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4C20EA30-AE8F-410C-B483-106FA584F5CA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4DB7B2C8-51D5-40B9-BC5D-0C010C937B6D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4E15DB10-15A8-428E-99B4-C5C5F6B77E23}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4E864B11-640A-4E47-BEFC-292BA8647A97}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4E9F8243-6577-42DD-916E-0AE9B01CC8A2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4EB5BD00-09AC-4AAE-9FBF-408363BC7F67}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4F86BC08-AA3C-4CD4-8BED-515609CFA22C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{4F9E3003-4A8F-4FA6-95ED-5B57B4B5DE88}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{505FAC16-C7AB-4C84-8DCB-CAA99AF7DC3E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5163AE43-3327-4B72-B521-D7F2131B8B79}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{52541CCD-6A76-4637-8113-8B77FC754811}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{53F0D5A4-B6D3-492A-B130-1AD55F8DBB6F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{54201B5B-6B96-4989-950C-CBF8C0487FCE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{54572A68-1288-43E2-9DB7-D070BECE7634}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5494B0FD-B029-46B5-AD0E-7BDDB0F7D568}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{555F2148-6032-4952-9E55-AE45F5B8C2D5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{558E3896-321A-4824-A978-46FCCDE9D0E1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{55E292ED-0807-40F0-A4F6-1D35B146721E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{55FAA3BF-DBC6-4899-A8A1-981036EB51F6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5713653C-A1AF-47BE-A532-247D3A7EB308}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{575F3D24-F9BF-4E43-81EE-4FD7527529E6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{586B94C9-AC16-4B46-A360-45419DCAC8C7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5907E1D3-5A98-4548-B72C-CBBC7A55C786}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{59AD7FC1-193A-443F-AAD8-8F45367BD467}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{59C0009D-A1D4-4B0C-A59E-04B7EB6E7487}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{59C3C4CF-0A68-4D1B-8A75-F58FD12C351C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5A3CC020-8ED7-4E1F-BCC4-9D03BC6A8752}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5A6E96D8-5295-4B75-951E-548AD49A1F5E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5B34457F-B871-4BB8-85AA-5758AF076CF5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5B4BD68F-7743-43FC-B249-783897F9EE11}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5C5C3452-1364-476D-A1EB-994A391440E7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5CE1637B-49E1-4AF9-A189-A3BAB2EEE49F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5CFB82C6-E922-4326-ADBE-B299EA3461E4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5D420C9F-70F3-4CB2-8354-972C25ECB882}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5D9BCF4F-D0AF-4583-940F-9ED9DF5574BE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5DEAAA7B-3033-4E45-A213-844F20BFDE82}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5E1D5BB6-D06D-44A1-A2D6-CE7BC82C98B8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5E34EB18-9F37-4927-A08E-65B38B5E486D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5F3DE2CA-D906-450F-897F-3378587E7B77}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5F3E86BE-0D84-4FCD-AB25-7F51ED3C1DFB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{5FEC6154-3E32-4F1C-8F9D-25D023695823}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{60E78F62-D79B-4746-BC2C-7991D41D7CCE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6118EE3E-B0D6-4ED2-90DD-BF6B35DEE0FD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{61DCE944-14BA-4C45-B88F-CEECF7F54B3E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{61EB4BA3-484A-458C-B4EB-D2B37FF084C6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{61F9CBCA-B15F-4040-8781-4ABC7DCA7517}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{641DD48B-9FFE-4B26-AE45-A9E68145133E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6423D9CA-66F9-4731-9108-80F5570E9D8E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{64700523-5554-474D-86EA-0DF6F7753946}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{64A2E472-84D0-4AD4-94DA-D300528A0A70}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{64C87581-77F8-45CC-873C-AB5F93F7D40D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{64F11632-E248-431C-AD4A-7421F7B3F2B2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{64FA42A6-93BC-4097-B09A-8FACAC03E9FA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{65183200-22F1-4780-ABDE-773F726C76AB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{651E0C30-2B1C-4B6C-909F-4AB870A229DF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{65313B52-C984-4AD6-BFCF-CAA94EC41FD2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{66752FC9-CDDD-493D-AAA1-67221C7A7B23}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6716DA5A-0DF2-46C6-B29B-A8059E645AA5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{671CEA3A-1D3A-4233-B2D3-0989A7719B1B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{67CF746E-B56A-41DD-B4BE-3A288440F8A9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{67DF4BB8-69CA-46C8-B1E2-B9327C4BF504}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{680874BA-A671-4B5F-BB5E-1CD782BF63C3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{682B4164-416A-48AA-BEF7-C48C6C5E800E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{68317472-F37A-4D4F-B335-F7AE25816D37}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{68D71C09-016E-4333-A8A6-18147489D240}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{68F6A48B-E202-4A79-AADB-09535B5DCD2E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6907426C-C803-4ADF-9928-885C90EA99B9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{69BB18DF-0E31-4107-95B6-D04BD2FF254F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{69C98022-33DC-4723-8436-F33395AAA533}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6A115026-2BA0-41C0-A400-E1C66FD7E16E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6A3492B5-BFA8-4704-8F54-4B8B6FA500BA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6A82A1DD-9B78-48D8-BE29-06C240CDEB7F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6B0D84A8-3890-4373-8ADC-5F501CA1F3EE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6B3D103C-BEB4-47DB-B6B5-C85F73638255}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6B4D5E82-344B-40FC-AFC1-AEFE79C02888}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6BD11C6D-3381-4C3A-8286-1F85102A7A04}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6D2D1E64-D00C-4697-A9E2-899B14CA1521}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6D866466-5266-4942-B245-26CDE1AFD963}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6E2AF558-21F6-4AF5-9509-984AEF7F6447}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6E427826-2FB8-4AAB-8F1A-30768AF5D5F1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6E5BD443-4E98-4D4D-BA4B-A64A15218264}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6EEED058-7E31-485F-80F9-294BD9CB8989}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{6FF59A52-C180-482A-B4BD-553A3AB8AD81}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7023155E-A86D-4A24-BA75-40436A59CE12}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{703F57ED-8415-439D-9FFE-824D4F069249}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7069F61C-4A74-4821-9F01-26A797F25233}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{70EB6425-2A0A-4F8B-807C-AF7F3629B40D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{715707A7-B5DB-47C8-8501-29407D0664FA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{71AE2549-E20C-4BAD-926A-125481125F8D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{71CF9D14-2ACE-4B55-8247-74DF38098079}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{72226AD7-C9E9-4602-BEDE-2DE675E780BF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7294462C-B18B-4731-B96F-06CBE2D569AB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{72A12042-BDE5-410F-AEF6-871026B9AEC5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{72FBCA23-D98A-477F-9FAD-0228B767388F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{72FBDE2B-9C08-47E0-B048-D6B6AC3FF3E7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{734C6981-F54E-4528-BFE5-52C99BF552DC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{737D1D7F-0976-469C-A256-CFF231170E5E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{73A3E20F-BAE7-42DA-A27F-8F43F50085E6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{73C4CF41-C334-43BF-8FAF-ACC37760244A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{74230A79-7BA1-418E-859D-9A31044A34A2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{74EC60A2-7A99-42E0-9139-C30C7684F782}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{751BC52D-FD9B-4664-8029-805A39A4D916}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{762FE224-88B6-4E76-9718-71C9DB742B6C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7706C9C9-AA6C-4DB7-A5F8-BD7F52B46683}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{77C4E729-043C-4E8C-9A6B-438D476DD57F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{77CC66D2-B863-4177-B275-5A43C1342D45}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{78346B23-9E61-41E6-8BEF-D359D8195B62}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{783F7033-A998-4A9D-B052-12DEDFB0460E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{78774F52-053A-4621-A141-0302BAA5C02A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{792E038E-D866-44A3-B641-6FB2DA3CCF19}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{79CDA661-C844-42DE-A39C-184DB4ED6068}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7A2DF999-3672-4947-8DBA-8BD20021C1BC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7A403940-ED2A-4A22-B5DA-F01D79FF9788}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7B11D3A1-ECB3-4F3D-B222-5BE1FA52E4D6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7BC76FB6-C374-4B3B-894B-639CE3E60493}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7C64E064-79B0-4619-BC57-C930068A52B9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7C65BA8A-8632-49BC-A621-2D2B949DB3AC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7C6A9A7E-7C73-4A48-888A-0160127E8841}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7CF3B305-8ABA-40D3-A1E9-2F7E286A78A5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7D76B2CD-912F-4189-A00A-D02C74E0D718}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7D7DF5DC-B70E-467B-987E-0D67F553A4E7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7DA15681-B5F1-4D89-BF69-7847FB81EB8E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7DDB0408-6288-496D-B00A-D2C0BBA762D3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7E0F0EB3-A9DE-4F08-A2FE-1D708CADE9AF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7E40E990-F2C1-4415-B79E-712C9F21BA8B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7E8CDFF6-A5E7-4BEE-85A3-00F3E309A774}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{7FFB2816-A666-4CB9-8A2A-2F199C9A4F84}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{80E416FF-F0A4-4365-89B6-4A8979D123F6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{81FC1EAB-4897-47EC-86C2-9318516F8C89}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{82226626-273F-46E9-9C5B-EDE5213196F3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{82745F82-FF91-4DA0-8679-E342C26DFE74}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{827BA7E9-55F7-4799-9E15-8F2684047934}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{839C8DB6-C5C7-4402-8DE2-4FDA2B99FFD1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{83C22441-E334-4CAA-AD22-F9AA9EEEC012}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{842FE1C1-3531-4F03-944A-BEE938E86C53}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{849D378B-A968-4467-BED7-CD6E18805643}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{84BE2804-E3E6-43EB-8114-6569D97BE544}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8563542C-26F1-4314-BCD5-BE289D61B542}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{863B54CA-47B1-4091-BA34-DBF93D87B5A1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{868CD932-74B7-4D45-9CE8-278921D0B8A7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{86E4C4C5-9F15-4DB9-B296-C59D48BD2C7C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8736FFFE-9228-45E2-895D-DE62A829D93B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{87FBA8CA-06A5-4A0B-BE29-DBA34B934423}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{881C6047-6F31-499A-86DE-C2460CD1B32A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{88871A25-E5D1-4156-AA44-204E2D3F730E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{88947EC5-B5A3-4A83-A338-00D13C1BA793}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{89F714A7-DC3B-4059-8151-4D872180F220}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8A96EA13-9320-4AC9-8A95-82DF193402C6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8ABD1381-2CE5-497F-B47A-C0CFBB6CC545}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8B5BE4D2-1451-4A65-8CB9-643797C84F6E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8B5BF68B-C0C4-4F01-AD16-E60D47B7100E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8BA448A6-BB03-40A2-8E7E-3B067207AF77}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8C22E4C2-EB32-44F9-A81F-DC2AACB851EA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8C649BD1-8F50-469D-B55D-2D25EAFD1D93}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8CA94BD6-980E-44C0-91C4-DBEEC8BE65E1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8D136317-C877-4D82-BAB3-C6040E6FE222}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8D5E18D8-9A91-4951-AEE3-E04A4B5435EB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8D8B3EFF-4FA0-4239-B3FB-F692AEF0A2FC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8D9550D2-87C5-4BD1-8A48-065E3B654F65}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8DEEC923-D049-41DC-85CC-C1F577EFCCE2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8E784A0B-4ED1-4DA8-99BB-D7B5D67E4503}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8EB76546-4DB5-4CED-B161-8C3B007620F3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8F42C64A-5592-4EB7-AAE8-7B6CAA54A93F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{8FA05EF8-3C60-46B3-A7F5-8BC25C0CD15B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9108A753-ED69-4D10-B618-1CD4E29683A5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{91286DF3-CB38-4815-A3CF-B1BD27843BD6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{914463E9-6C34-4DA9-A88A-36127379152C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{928EE5C3-BB72-4ACB-A0D0-7DEE585EBEE6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{931669A3-8C11-4FBF-B21C-74B1E6CB512D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{93E6B94D-B5CE-4BFF-A583-3263C4EDF892}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{953D3511-09F4-4EBD-967E-41AE19CBC69A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{957E36C2-4144-48B7-B695-80C5F3B74F6F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{958D92DC-EAC4-422F-A562-F30339CE71BA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{958F76B2-AD42-41F9-9C39-6451366B7666}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{95A22AA0-2228-41D6-AC30-381CC3E095AA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{96836B9E-68EB-4D95-A2AF-A9AB6F208658}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{96B818D9-353E-49C4-9E58-F3697CD044D3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9728F66D-7E31-49BC-AC7A-09F83BD4B8CF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{97412BEE-069E-4C83-9FC6-6B7B458C9630}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{98519C9D-955D-4C83-B8D1-D591C0F9704D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{98910A43-817F-4FED-94E8-AAD30B20D5CD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{98F50D99-3081-4CA8-908A-116087D6D4E2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{991AAB15-D1D6-4F6C-A447-7116A217BF69}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9A147005-5E00-4496-9D2E-5DD063742B9B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9A159761-0BF8-4AEE-BA26-30537476993D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9BA58BE8-2DB4-4513-B2A8-779B5F2592B6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9BE23107-6FBB-4679-A243-92A5269FE927}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9C4F1130-F2D4-4FAF-AA6F-4258CABEEFF2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9CA2EB6F-0969-42FE-818D-64BD8EE5454F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9CD32559-685C-4344-A5F0-B7E332BC840C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9E2B761E-2476-4C03-81B6-C82E1E9D6644}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{9F085D21-15B7-4BC2-9074-13AC6EFAB672}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A03970CA-201A-4D33-BF8E-35831AF55850}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A06060A7-3680-410D-98D4-CABEB6814B73}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A0721392-0080-46C2-8C3A-A9D9B696C056}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A0844863-CA11-477B-8B5C-FC2262DE9699}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A150023B-3AC2-444A-8AC6-66256C2BB053}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A154DEA0-C6D8-416B-8949-CED67C585976}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A21CC0BD-5155-437E-BFD2-AD86D8F38DA4}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A2A12A4B-5A0D-4F2A-86B0-312E48452471}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A2AD50DD-E638-4830-84DC-2BB5D8B95E76}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A2F5B4D1-550E-4A37-81FA-4DA3B8061402}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A36F09F5-8012-46A7-8F47-F73B969D88F5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A3C3EC38-5FD4-48B1-9AC3-61419A540F01}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A496E08D-1341-4B94-A0DD-98681BA15B1E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A4AC25F8-AD52-468E-9315-0C394A229C0E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A4B652C2-555F-418B-BE24-F2A93D5887B2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A4DFCEAA-FF85-48AD-B511-AEFF4A9CF843}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A59B4390-AA06-49BF-9640-FA554DD1D1FD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A679FF36-4437-4B54-A81B-6CD98D82781A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A6A4368B-21AE-4082-B8E3-0F8305B4B04C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A79D1336-6821-449C-BFFD-2A1FD4CCA9E2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A7D014A8-1115-40D0-9BD5-5CE393DE1051}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A80F19F6-9C93-443A-86CB-2FF8369683F5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A885CBED-D941-4518-80B8-7106DE402AE7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A8A90080-C094-4A77-88D2-A33EC89A55F7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A8B3DE16-0903-4BA6-B4C5-28E7DC3D4806}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A8BF0A21-4329-4EDE-B8C2-D7B6E363140B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{A9212F27-096B-4F1D-88A2-77C3CA36C302}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AAB3B7E4-4161-45D9-B1A4-E0AC12D4644E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AB27E5E1-917B-4AA0-9554-5204AFC0D9C1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{ACC58961-9739-40DF-9E58-26097B80D84A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{ACE5174E-D80E-4AA0-9EAC-508ECE81419A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{ACEEE5F0-1ADE-44DF-B688-7CB5E44F5960}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AD7F77A5-A11B-4CB6-8F86-8527FCCC7F66}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AE06655B-B96A-498B-A281-6A282972A66B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AE5B2CAE-83F2-4007-8241-A75C92EDC375}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AE855187-ED47-4197-A754-CE3AAB8A4730}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AEB15DE1-AB15-49D7-ACD9-B85FE38C58A6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AF01B7E2-A282-409E-941F-06ED710FD574}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AF33903C-C0AA-4050-B090-37457F652CDF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{AFD25A80-6BB9-4C8B-B615-B5CAB7109493}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B0A21AFA-D4C5-43A3-95B9-201F0DBD6230}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B1136CE9-57DF-45F0-B3FC-5EE8BE4AD196}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B12D615D-4C19-4C0C-98E2-08AF2E5D139B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B1B882C8-BD19-47AD-ABB0-5462F89CED2C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B2554D95-7647-46CF-9727-5122DB7F6A20}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B2C3FDC7-8776-40A0-9822-3DB8AAD4931B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B30997A5-A6EE-4870-AC48-5F71996C3221}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B32054E9-5C90-4B94-9341-6E2EDFAA3F84}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B38EE5DC-6ACD-4C92-9CDA-E3EDD252243C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B52E1E9E-DB34-4DE9-B570-4DE5024020E3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B53D0846-A21E-4753-BAC9-FB8BD94782A6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B598A2E7-C809-4A84-9A11-EC88353B333F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B5C65119-393D-46CB-9CD3-1931370F97DF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B5F01D12-9ED7-4D4F-92CE-1B8C97814C34}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B7113D73-147D-45E3-94D9-7D55E414C9FB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B7416D64-17E3-49A5-8F16-C2C7547B452F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B759DA57-3671-4A42-AC8E-AD91CC1B44AC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B783D024-5A42-4C72-B5F7-F090CCC9F348}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B83CD7DB-3D1B-4269-8BB4-54437A8F6DEA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B9630740-14EC-481E-9E47-5A7BBE54FEFE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B963AAE9-F652-4524-9274-3BD8A13AB526}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{B9E4589A-C222-4028-82F1-8643154637AA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BA9562D2-85E4-47AA-912F-CD4AB3CE1E32}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BB44340E-C31C-4FDC-B082-C2C38000E4B1}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BC4BC0AF-1B03-46BF-834A-3012CBAB9FEC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BCBEB84E-3FD3-4593-9F3D-A4463C34A5E7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BD50F444-CAA2-49B1-82B9-1E6A18E6F315}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BD5474A1-70B3-4461-9C3D-DA307FD660E8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BD6B0E23-583B-43B3-A0C3-289F6B84E022}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BD800F9F-1649-428E-BD21-6F128451C83E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BD8D019F-ED77-419D-B21C-CDAE10AA8F30}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BDF49BDF-3215-458B-8ECF-4B376E0F9AEC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BDF7A14F-3EB4-4410-8122-1CC07EB28E12}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BE0C5241-E3C6-4995-A018-0E3386C90007}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BE421C9B-367A-4038-B7A7-CC9683FB1225}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BE6E0D6C-1E4E-444F-8A63-C3B10706321E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BE903481-C97F-4543-8E8A-4BB8541DB838}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BF0DE5EC-D071-4750-8F09-27DDC90547F9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{BF2A26A7-35E4-43AF-945D-7099E2EA295B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C1BC98D5-C54F-4C68-825C-4FB4106EF6B8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C1C0BB8F-906E-4C36-B80E-C7EFDDD6A34D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C2DABD8E-35AC-4B8E-B51D-9E296201301A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C30577D4-44DD-48A9-9075-3CC41FF9B714}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C3583811-D1EC-460F-A652-CB7CB9A8DF37}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C39745CD-A8A8-4BA6-8900-5AF9ACAF3133}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C45565B0-21BE-4CC9-9E25-F66D3CD8A736}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C49B6583-C0E9-4E6A-A841-58FBCD2A4412}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C4A10FCB-8F84-48F1-8DBE-FB96A0633D8D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C666C27E-AA3D-48C7-81B5-155AD2C9930E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C6752572-30D6-41DD-8C9E-D14B907A1B37}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C6FA8CD4-32C0-464F-8ECB-6B6966AADD40}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C775FC30-E572-48DF-8582-B292F25DD127}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C820A1EB-D2A9-4033-BF41-C3C41FC72585}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C8C1E3FC-CEA1-49A0-A09F-C76D55222E1C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{C9CC0AA8-2E52-4795-90A5-BB9ED3FA8322}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CA81D3F5-9A50-443F-A5B4-8D4E3DA7DE17}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CA9D3F27-93E8-460C-92E9-D8BA3E7DDF66}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CAA29CF3-F441-4FF6-A1F7-3CE64783A06F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CB997464-675A-4217-A189-42DD480D9E2A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CC483B35-CE6D-483F-ACC5-8BB60AA42C35}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CC92E28A-5574-4D50-9804-2FB14BD5E10C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CD860614-435B-41EE-B5A7-608263630112}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CE542B1D-6D16-45D5-A1C0-65F75A62C0FE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CEBB7EA5-7823-40BD-A8F8-5C6F4B0CC2F9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CEE00199-DECA-448F-839D-9E723A020E73}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CF0076FA-BAD1-48BB-9DE5-9ACB82F23F51}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CFD07D34-12DA-4CDC-93F1-A74C42C8CC14}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{CFE3C83C-DCEA-47BF-9307-720D106B9E0C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D06DD073-D553-4936-BCBF-14C265CC76E9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D09A88B8-6F17-4AB3-B6C7-8F97870C8BE3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D12BB688-5005-4067-A819-2C0CA86768C7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D18BE0BA-EE9D-4F7A-837A-933C42E937A0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D301FEC1-BAED-44CD-8742-04720D0650FD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D34F1D71-7A28-4AE4-9DA2-C78DEA0794E9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D4510FEC-45E6-4484-AFC1-2355982A2E87}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D545C8C6-C3B8-498A-84D7-E02A291387F7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D5A10E7A-9625-417D-BD3A-0AD44532D90A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D61C686C-0AD8-4665-A786-03E80E638336}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D6AF02EF-17D7-481E-88BE-65111ED1D751}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D72F4038-BA1C-425D-8B50-D8DCB9FE6EAD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D77AB0BA-FC32-42CD-845F-EDCE600E8F4A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D79A9956-F667-4FF8-AC38-D0FAB16BE5A3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D859F281-C9A8-47D7-B366-E9B6BC66DEC8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D87F9BC0-DCA7-4513-9D7A-FE09298F844E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D8A1F15A-B63E-449B-ADBA-B3DF4BE43C2C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D8D4EF8C-07D1-4803-AEBD-A592ED5E761B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D9912E6E-B539-47B4-8E3A-55595FB6287F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D9BAAAFD-AC84-41A2-8E35-67B5F7F01316}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{D9D9CFE0-158B-4DB3-A7EA-11D7BC92650E}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DA67066D-32B5-43F3-B08E-5BC64C0ACEEC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DB196601-849F-4A04-B9F2-29C392853961}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DB8D517C-3106-4DA5-AEA3-23519B91BA30}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DBBCDA38-387F-4024-B513-46EE8829E2FC}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DBBED1DF-E7BD-4C80-B5B1-8F706E4E9AD3}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DC016A74-B963-43BB-A3F1-09849A66D011}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DC3FF428-31DF-479B-BD77-0F75A77C0DA6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DCACDAF6-3771-4400-8BAF-FED2E2F638DA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DCD773D1-8C55-41B9-8D95-3869357BE2D8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DD743F6B-1ADF-448F-BF2B-F432D410719A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DD7957EF-6A62-4B77-8926-7152CF2E0604}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DDACBC7A-6AB7-4845-8911-465A84A14090}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{DFEDE84C-3544-4094-9304-07E71939D823}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E0B43A4A-CF9A-4748-B880-4FD384569327}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E225331F-E199-4B12-9B02-EBACBE4A5D20}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E34DF47C-B251-4EBB-AD21-EF69653F93E7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E3ABE318-DDF4-4216-8C0D-2977AA3E2939}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E3FBA113-0C03-45AF-AF44-43862EC01D40}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E40F1DBD-4072-4F08-94BC-6FE44F73F12D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E46BC25A-98D7-412D-A61C-E64272FC664F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E485975C-5342-4D27-93A6-98F5FE16B620}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E5B1A33D-D9C5-4A2F-9931-84C560437A63}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E6B7C580-FCC9-4C2C-95E2-553CF19B3CB5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E6EE3879-8613-4B3D-8009-98E5D65A23CE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E712D494-C988-4404-A49F-51A53A9B9483}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E833074F-9939-4EBA-86E0-9EAA6B60D88A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E89307A9-60DF-4A3D-8742-8850DE5F02EB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E8E8D05D-63FB-4266-AF17-4AE935140404}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E9392C81-B133-40A3-A524-5895CB9F0710}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E9493E1C-F0F4-4C39-AC6E-3EFF9FEF4C31}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E9D0EFC7-AE63-4E23-B248-0663969786AD}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{E9EB9879-D7D1-412E-A963-86817879E591}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EA91D993-6A1C-4EC6-875D-6A7A0F492FA8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EA99A52B-A425-4411-85DA-92EB5AECF725}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EAA30098-BB9C-453B-A99E-885B2AABB971}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EAF4BF01-3E19-442E-8CEE-C83A5CE850C0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EBEDFC07-E479-4D02-A6D2-B6CF00400AA2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EC5C3B14-3DF6-4EE3-8A7D-59DBECAAA07A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{ED4EF8E4-20AA-4F75-996D-9837CE71AAC7}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EDAAADEE-C1EA-453E-AD67-491C2339D1AA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EDAADEFB-1A3D-4B1F-8EDA-2A1110EF5688}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EE969AC1-96E3-4DF6-BEBC-EF4764FEF01B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EEE980EA-6CFB-4EB5-A7F3-EF44D152265B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{EFC6AA69-50CA-4C31-8129-3EE7A05D52C0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F05A3656-6303-4341-8E2B-AA4226621705}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F08C525E-288E-40D6-92C8-BC6D66CE36E6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F0F240F9-A68F-4D3F-8999-193516542A02}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F1307492-F460-45AC-86F2-927CDA228DF8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F2655CEF-331C-4F0A-938B-9F1C8FD4F122}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F3189794-356D-4B20-A9DA-1CB270FA8D25}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F36F0089-8F4F-447A-BC4B-AF261D996C1A}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F3889074-2EDE-42D3-9973-1DDA4C5B76FE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F44CF46F-7CB1-467F-A293-B10237759499}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F453C3B1-DD0A-4E1E-AE33-295AA68A10D6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F499CEA7-4699-42D9-AA64-57F6F41E0F5C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F4F6802B-DB2C-4C2F-AF28-8F669196DBA0}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F5A94A44-85FA-4430-BBD6-AC0F5891B06D}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F6F6386C-0E0B-439D-82E0-92CE2DB62F43}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F7062F64-FB66-4273-9E2B-5FCBBB03436C}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F7C7882F-F819-4059-803F-B4C51C0FEE52}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F8486AF0-A00D-4A0A-89E6-CDCA77002F89}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F88866A1-72F4-4A98-9284-E06A032F2D31}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F8E13CFE-B36C-4B01-8157-8C03C4C9A9CE}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F8FFE3EE-8A48-4D24-9230-D2DD41BFA5B6}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F93171B3-01BC-4650-B5CD-3D112274EFEF}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{F9831BA8-7E75-4625-B2A0-5340CDBF7215}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FA05783A-31CF-4090-A277-DF05D95D7BFB}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FA33340F-87DC-4218-ADB0-67E2ECF21CF2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FAA34B86-3C2F-4573-A70E-F738FEA03B34}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FB19D1EF-012D-4BC0-B83B-98538332F695}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FB26E2B5-4506-45E5-9CC0-B4B23A42F2B8}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FB9F7CD2-ADD6-4492-BED6-4B76390C07B9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FBB8950B-2171-4F70-B605-84A891C58CC5}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FBE8328A-B24E-4DA2-BBC7-6279141A54C9}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FBEE6EED-8997-4378-8DD0-CE9F95290B15}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FD5E65C8-03C0-4FB1-94B6-2AE181C4BFD2}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FE4B3006-7FA7-4978-A1B6-3EB8F525A534}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FF782C4B-488E-4AFE-89BC-60837D25239F}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FF87D22D-DE33-4F9F-B739-9997B70C93BA}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FFC8E3E9-9F26-42DA-A405-D8AE9616262B}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FFEBB920-B5BD-491C-B63A-74902F841D70}

Successfully deleted: [Empty Folder] C:\Users\Sankar Namboodiri\appdata\local\{FFEF2CE9-8222-4981-97FE-9F78B9BBB330}

Successfully deleted: [Folder] C:\ai_recyclebin

Successfully deleted: [Folder] C:\ProgramData\pcdr

Successfully deleted: [Folder] C:\ProgramData\strongvault online backup

Successfully deleted: [Folder] C:\Users\Sankar Namboodiri\appdata\local\cre

Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin

Successfully deleted: [Folder] C:\Users\Sankar Namboodiri\appdata\locallow\FCTB000060231

 

 

 

~~~ FireFox

 

Successfully deleted: [Folder] C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]

Emptied folder: C:\Users\Sankar Namboodiri\AppData\Roaming\mozilla\firefox\profiles\ywa4p1nz.default\minidumps [4 files]

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 05/01/2015 at  7:12:45.99

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

[emeraldnzl]

Hello SRDYK?,

 

Making progress I think.

 

Now

 

Download RogueKiller to your desktop.

NOTE: If using IE8 or better Smartscreen Filter will need to be disabled.
 

• Quit all running programs
• For Vista and above, right click -> run as administrator, for XP simply run RogueKiller.exe
• Wait until Prescan has finished...
• Click on Scan (top of panel right hand side)
• Wait for the scan to finish.
• Click the report button, right hand panel.
• Do not click on any other buttons

Please copy and paste the contents of all the RKreport in your next Reply.

After that

Please download Farbar Service Scanner and run.
 

• Make sure the following options are checked:
  
   
• Internet Services
• Windows Firewall
• System Restore
• Security Center/Action Center
• Windows Update
• Windows Defender
• Other Services

• Press Scan
• A log (FSS.txt) will be created in the same directory the tool is run.
• Copy and paste the log back here.

Next

Please run FRST again and post back the FRST.txt log it generates.

So when you return please post

• RKreport
• FSS.txt
• FRST.txt

 

 

[SRDYK?]

RKreport:

 

RogueKiller V10.6.1.0 [Apr 24 2015] by Adlice Software

mail : http://www.adlice.com/contact/

Feedback : http://forum.adlice.com

Website : http://www.adlice.co...es/roguekiller/

Blog : http://www.adlice.com

 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Sankar Namboodiri [Administrator]

Started from : C:\Users\Sankar Namboodiri\Desktop\RogueKiller.exe

Mode : Scan -- Date : 05/01/2015  17:27:00

 

¤¤¤ Processes : 0 ¤¤¤

 

¤¤¤ Registry : 12 ¤¤¤

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> Found

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> Found

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1  -> Found

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

 

¤¤¤ Tasks : 0 ¤¤¤

 

¤¤¤ Files : 1 ¤¤¤

[Suspicious.Path][File] Pokemon Emerald.lnk -- C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk [LNK@] C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe --startup=1 -> Found

 

¤¤¤ Hosts File : 0 ¤¤¤

 

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2555GSX +++++

--- User ---

[MBR] 3a905260ef34b688a85b18e8e497ee1a

[BSP] cfedb53062b99d9f326185456d9b091e : HP MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 298 MB

1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 612352 | Size: 19328 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]

2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 40196096 | Size: 218847 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]

User = LL1 ... OK

User = LL2 ... OK

 

+++++ PhysicalDrive1: HP v100w USB Device +++++

--- User ---

[MBR] 34997a1090560257021bc3e8e06d1ea1

[BSP] 9cb22fb95d066a34464c1e337cee2e75 : Windows Vista/7/8|VT.Unknown MBR Code

Partition table:

0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 5568 | Size: 7827 MB

User = LL1 ... OK

Error reading LL2 MBR! ([32] The request is not supported. )

 

FSS:

 

Farbar Service Scanner Version: 17-01-2015

Ran by Sankar Namboodiri (administrator) on 01-05-2015 at 17:31:03

Running from "C:\Users\Sankar Namboodiri\Desktop"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

MpsSvc Service is not running. Checking service configuration:

The start type of MpsSvc service is OK.

The ImagePath of MpsSvc service is OK.

The ServiceDll of MpsSvc service is OK.

 

bfe Service is not running. Checking service configuration:

The start type of bfe service is OK.

The ImagePath of bfe service is OK.

The ServiceDll of bfe service is OK.

 

 

Firewall Disabled Policy: 

==================

"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" registry key does not exist.

 

 

System Restore:

============

 

System Restore Policy: 

========================

 

 

Action Center:

============

 

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

 

**** End of log ****

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri (administrator) on DOMINATRIX on 01-05-2015 17:34:28

Running from C:\Users\Sankar Namboodiri\Desktop

Loaded Profiles: Sankar Namboodiri (Available profiles: Sankar Namboodiri)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 10 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe

(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe

(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Dell Inc.) C:\Windows\System32\WLTRAY.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Dell) C:\Users\Sankar Namboodiri\AppData\Local\Apps\2.0\RB9W3D12.P1V\Y6ATRY84.BVV\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [4119552 2008-11-17] (Dell Inc.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)

HKLM\...\Run: [fssui] => C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [267F03DCE1038D2E34EC9385323C594492D174CA._service_run] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe [812872 2015-04-27] (Google Inc.)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [Google Update] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [EvolveClient] => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-25] (SUPERAntiSpyware)

HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [DellSystemDetect] => C:\Users\Sankar Namboodiri\AppData\Local\Apps\2.0\RB9W3D12.P1V\Y6ATRY84.BVV\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-07-01] (Dell)

HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)

IFEO\mbam.exe: [Debugger] pp_.exe

IFEO\mbamgui.exe: [Debugger] iu_.exe

IFEO\msseces.exe: [Debugger] ulotmhvc_.exe

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2013-10-14]

ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2014-04-20]

ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk [2015-04-17]

ShortcutTarget: Pokemon Emerald.lnk -> C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe (No File)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)

BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-30] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-30] (Oracle Corporation)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-01] (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF ProfilePath: C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default

FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bg_840_bl-is-18__alt__ddc_dsssyctab_bd_com

FF DefaultSearchEngine: Yahoo! Search

FF DefaultSearchEngine.US: Yahoo! Search

FF SelectedSearchEngine: Yahoo! Search

FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-18__alt__ddc_dsssyc_bd_com

FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bg_840_bl-is-18__alt__ddc_dss_bd_com&p={searchTerms}

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)

FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-19] (DivX, LLC.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-30] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-30] (Oracle Corporation)

FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll No File

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2010-05-04] (Alcatel-Lucent)

FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sankar Namboodiri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-24] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-11-14] (Ubisoft)

FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-08-05] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-08-05] (Apple Inc.)

FF Extension: Strong Signal - C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\Extensions\{32b2bf24-d7e1-4457-ae7d-61b5c4686a26}.xpi [2015-03-22]

FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-04-19]

FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-19]

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video

FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-18]

FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa

FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-18]

 

Chrome: 

=======

CHR Profile: C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Bookmark Manager) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]

CHR Extension: (Google Wallet) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]

CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-07-01]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-05-04] (Alcatel-Lucent) [File not signed]

R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-05-04] (Alcatel-Lucent) [File not signed]

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)

R2 Realtek11nCU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]

R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]

S3 EvoSvc; "C:\Program Files\Echobit\Evolve\EvoSvc.exe" -service -logfile "C:\ProgramData\Echobit\Evolve\EvoSvc.log"

S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]

S2 HPSIService; C:\Windows\system32\HPSIsvc.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)

S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]

S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Marvell Semiconductor, Inc.)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-07-12] (Realtek Semiconductor Corporation                           )

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

U1 StarOpen; No ImagePath

U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-05-01] ()

S3 cpuz134; \??\C:\Users\SANKAR~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]

S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]

S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]

S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-05-01 17:34 - 2015-05-01 17:35 - 00025375 _____ () C:\Users\Sankar Namboodiri\Desktop\FRST.txt

2015-05-01 17:31 - 2015-05-01 17:31 - 00003426 _____ () C:\Users\Sankar Namboodiri\Desktop\FSS.txt

2015-05-01 17:30 - 2015-05-01 17:30 - 00415232 _____ (Farbar) C:\Users\Sankar Namboodiri\Desktop\FSS.exe

2015-05-01 17:18 - 2015-05-01 17:33 - 00000000 ____D () C:\ProgramData\RogueKiller

2015-05-01 17:18 - 2015-05-01 17:18 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys

2015-05-01 17:17 - 2015-05-01 17:18 - 16873560 _____ () C:\Users\Sankar Namboodiri\Desktop\RogueKiller.exe

2015-05-01 16:08 - 2015-05-01 16:08 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{42851C81-6B1E-45A9-A26D-C21C0E35087F}

2015-05-01 16:02 - 2015-05-01 16:02 - 02204160 _____ () C:\Users\Sankar Namboodiri\Desktop\adwcleaner_4.203.exe

2015-05-01 07:12 - 2015-05-01 07:12 - 00071508 _____ () C:\Users\Sankar Namboodiri\Desktop\JRT.txt

2015-05-01 07:07 - 2015-05-01 07:07 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-DOMINATRIX-Windows-7-Home-Premium-(64-bit).dat

2015-05-01 07:07 - 2015-05-01 07:07 - 00000000 ____D () C:\RegBackup

2015-05-01 07:06 - 2015-05-01 07:06 - 02716306 _____ (Thisisu) C:\Users\Sankar Namboodiri\Desktop\JRT.exe

2015-04-30 21:02 - 2015-04-30 21:02 - 00561576 _____ (Oracle Corporation) C:\Users\Sankar Namboodiri\Desktop\chromeinstall-8u45.exe

2015-04-30 17:35 - 2015-04-30 17:35 - 02101248 _____ (Farbar) C:\Users\Sankar Namboodiri\Desktop\FRST64.exe

2015-04-29 18:16 - 2015-04-29 18:16 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\NisDrv

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\mpfilter

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\amd64

2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client

2015-04-29 18:16 - 2015-01-30 03:26 - 00186656 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll

2015-04-29 18:16 - 2015-01-30 02:24 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll

2015-04-29 17:28 - 2015-04-29 17:28 - 00000000 ____D () C:\TDSSKiller_Quarantine

2015-04-29 17:26 - 2015-04-29 17:27 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sankar Namboodiri\Desktop\tdsskiller.exe

2015-04-29 17:08 - 2015-05-01 16:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2015-04-29 17:08 - 2015-04-29 17:08 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\SUPERAntiSpyware.com

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2015-04-29 17:04 - 2015-04-29 17:07 - 21781384 _____ (SUPERAntiSpyware) C:\Users\Sankar Namboodiri\Desktop\SAS_6126996.EXE

2015-04-28 21:07 - 2015-04-29 07:19 - 00000000 ____D () C:\VIPRERESCUE

2015-04-28 21:07 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys

2015-04-28 21:07 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys

2015-04-28 20:50 - 2015-04-28 21:07 - 214511616 _____ () C:\Users\Sankar Namboodiri\Desktop\VIPRERescue39750.exe

2015-04-28 20:41 - 2015-05-01 17:34 - 00000000 ____D () C:\FRST

2015-04-28 20:30 - 2015-04-29 18:23 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-04-28 20:30 - 2015-04-28 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-04-28 20:30 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-04-28 20:30 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-04-28 20:30 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022.exe

2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022 (1).exe

2015-04-28 20:24 - 2015-04-28 20:24 - 00013865 _____ () C:\Users\Sankar Namboodiri\Desktop\Windows Defender - Shortcut.lnk

2015-04-28 20:02 - 2015-04-28 20:02 - 00887280 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Downloads\mssstool64.exe

2015-04-28 20:00 - 2015-04-28 20:00 - 00176940 _____ () C:\Users\Sankar Namboodiri\Downloads\BFE.reg

2015-04-28 20:00 - 2015-04-28 20:00 - 00006396 _____ () C:\Users\Sankar Namboodiri\Downloads\MpsSvc.reg

2015-04-27 18:26 - 2015-04-27 18:26 - 14160536 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Desktop\mseinstall.exe

2015-04-19 18:02 - 2015-04-19 18:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-04-08 20:35 - 2015-04-12 21:02 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\2015 folder

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-05-01 17:34 - 2015-01-24 20:08 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\Stuff

2015-05-01 17:31 - 2014-03-20 15:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-05-01 17:12 - 2013-03-16 16:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-05-01 16:39 - 2010-01-02 15:53 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job

2015-05-01 16:14 - 2012-07-15 10:09 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job

2015-05-01 16:14 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-05-01 16:14 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-05-01 16:11 - 2009-07-14 01:10 - 01595763 _____ () C:\Windows\WindowsUpdate.log

2015-05-01 16:07 - 2014-03-20 15:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-05-01 16:06 - 2014-07-09 19:32 - 00009556 _____ () C:\Windows\setupact.log

2015-05-01 16:06 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-05-01 16:05 - 2014-01-29 16:54 - 00000000 ____D () C:\AdwCleaner

2015-05-01 16:05 - 2012-07-15 10:09 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job

2015-05-01 16:05 - 2010-01-02 15:53 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job

2015-05-01 16:02 - 2010-01-14 21:45 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4049948B-A48B-40A1-8DFC-B6312779EC7A}

2015-05-01 06:51 - 2009-09-30 01:57 - 00000000 ____D () C:\Program Files (x86)\Java

2015-04-30 23:28 - 2013-10-14 18:29 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\HpUpdate

2015-04-30 21:04 - 2014-08-15 16:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2015-04-30 21:04 - 2013-10-21 13:27 - 00000000 ____D () C:\ProgramData\Oracle

2015-04-30 19:34 - 2014-01-29 16:32 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2015-04-30 19:33 - 2009-09-30 03:49 - 00555210 _____ () C:\Windows\PFRO.log

2015-04-30 19:32 - 2009-07-13 23:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2015-04-30 19:32 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy

2015-04-30 06:27 - 2013-08-14 19:24 - 00002430 _____ () C:\Users\Sankar Namboodiri\Desktop\Google Chrome.lnk

2015-04-29 18:22 - 2011-01-25 17:48 - 00002198 _____ () C:\Windows\epplauncher.mif

2015-04-29 18:16 - 2011-01-25 17:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2015-04-29 17:42 - 2010-11-20 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade

2015-04-29 17:41 - 2010-08-28 18:27 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Octoshape

2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Dev-Cpp

2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Dev-Cpp

2015-04-29 17:40 - 2012-01-23 20:15 - 00000000 ____D () C:\Program Files (x86)\Comical

2015-04-28 20:37 - 2014-06-12 17:59 - 00000000 ____D () C:\ProgramData\NexonUS

2015-04-28 20:37 - 2012-05-20 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2015-04-28 20:37 - 2012-05-20 19:02 - 00000000 ____D () C:\Program Files\HP

2015-04-28 20:36 - 2010-11-25 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games

2015-04-28 20:36 - 2010-11-20 11:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2015-04-28 20:35 - 2010-02-11 21:33 - 00000000 ____D () C:\Program Files (x86)\Inkscape

2015-04-28 20:05 - 2009-07-14 01:13 - 00784822 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-04-28 19:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-04-28 19:33 - 2010-01-02 15:53 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Google

2015-04-27 18:30 - 2014-07-18 13:16 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\.minecraft

2015-04-25 10:05 - 2015-01-17 21:00 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\Scanned pages

2015-04-24 22:25 - 2013-08-14 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-17 18:12 - 2013-03-16 16:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-04-17 18:12 - 2013-03-16 16:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-04-17 18:12 - 2011-09-29 23:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-08 20:35 - 2012-04-20 20:22 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Windows Live

 

Some content of TEMP:

====================

C:\Users\Sankar Namboodiri\AppData\Local\Temp\dllnt_dump.dll

C:\Users\Sankar Namboodiri\AppData\Local\Temp\Quarantine.exe

C:\Users\Sankar Namboodiri\AppData\Local\Temp\sqlite3.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-04-24 00:24

 

==================== End Of Log ============================

 

Making progress you say? That's awesome! I really appreciate your help! 

[emeraldnzl]

Hello again SRDYK?,
 

Making progress you say? That's awesome! I really appreciate your help!

Hopefully these actions will take us a bit further done the line towards a clean machine.

Now

Open notepad.

Please copy the contents of the code box below.

To do this highlight (click in the box and press Ctrl + A) the contents of the box and right click on it. Paste this into the open notepad. Save it to the Desktop as fixlist.txt.

Alternatively type the contents of the box into notepad and save it to your desktop as fixlist.txt.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
 

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk [2015-04-17]
ShortcutTarget: Pokemon Emerald.lnk -> C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe (No File)
C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk
Hosts:
EmptyTemp:

This script is specifically written for the infection on this person's computer. It should NOT to be used on another machine. It may cause serious damage even to the point of rendering the computer unusable.

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next

Please download ESET's Service Repair Tool.

• Save it to your desktop
• Right click on it an run it as Administrator
• When finished you may be asked to restart your computer. Please press yes
• a log will be saved in the CCSupport folder the tool created on your desktop, please post the content in your next reply

Finally in this post

Please run Farbar Service Scanner again.

• Make sure the following options are checked:
  
   
• Internet Services
• Windows Firewall
• System Restore
• Security Center/Action Center
• Windows Update
• Windows Defender
• Other Services

• Press Scan
• A log (FSS.txt) will be created in the same directory the tool is run.
• Copy and paste the log back here.

When you return please post

• Fixlog.txt
• ESET Service Scan log
• FSS.txt

 

[SRDYK?]

Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2015 01

Ran by Sankar Namboodiri at 2015-05-01 23:36:43 Run:3

Running from C:\Users\Sankar Namboodiri\Desktop

Loaded Profiles: Sankar Namboodiri (Available profiles: Sankar Namboodiri)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk [2015-04-17]

ShortcutTarget: Pokemon Emerald.lnk -> C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe (No File)

C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk

Hosts:

EmptyTemp:

*****************

 

C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk => Moved successfully.

C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe not found.

"C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk" => File/Directory not found.

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.

Hosts was reset successfully.

EmptyTemp: => Removed 348.7 MB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog 23:37:02 ====

 

ESET Service Scan Log:

 

Log Opened: 2015-05-01 @ 23:41:09

23:41:09 - -----------------

23:41:09 - | Begin Logging |

23:41:09 - -----------------

23:41:09 - Fix started on a WIN_7 X64 computer

23:41:09 - Prep in progress.  Please Wait.

23:41:12 - Prep complete

23:41:12 - Repairing Services Now.  Please wait...

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

 

SetACL finished successfully.

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>

ERROR: Writing SD to <machine\System\CurrentControlset\Services\BITS\Parameters> failed with: Access is denied.

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

 

SetACL finished successfully.

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

 

SetACL finished successfully.

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>

ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> failed with: The system cannot find the file specified.

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>

ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut> failed with: The system cannot find the file specified.

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>

ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn> failed with: The system cannot find the file specified.

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>

ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP> failed with: The system cannot find the file specified.

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

 

SetACL finished successfully.

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

 

SetACL finished successfully.

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

 

SetACL finished successfully.

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

 

SetACL finished successfully.

INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.

INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>

INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

 

SetACL finished successfully.

23:41:14 - Services Repair Complete.

23:41:17 - Reboot Initiated

 

FSS:

 

Farbar Service Scanner Version: 17-01-2015

Ran by Sankar Namboodiri (administrator) on 01-05-2015 at 23:44:58

Running from "C:\Users\Sankar Namboodiri\Desktop"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

 

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

 

Windows Firewall:

=============

 

Firewall Disabled Policy: 

==================

 

 

System Restore:

============

 

System Restore Policy: 

========================

 

 

Action Center:

============

 

wscsvc Service is not running. Checking service configuration:

The start type of wscsvc service is OK.

The ImagePath of wscsvc service is OK.

The ServiceDll of wscsvc service is OK.

 

 

Windows Update:

============

wuauserv Service is not running. Checking service configuration:

The start type of wuauserv service is OK.

The ImagePath of wuauserv service is OK.

The ServiceDll of wuauserv service is OK.

 

 

Windows Autoupdate Disabled Policy: 

============================

 

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is OK.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

 

 

Windows Defender Disabled Policy: 

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

 

Other Services:

==============

 

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

 

**** End of log ****

 

I literally have no clue what any of this stuff means but hey, you know better than me.

[emeraldnzl]

 

I literally have no clue what any of this stuff means but hey, you know better than me.

 

Hopefully lol.

 

Almost there.

 

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Windows 8 & 8.1 users may face another warning from the Windows SmartScreen Protection - please click More information and Run.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.

• Click the blue Run ESET Online Scanner box
• Tick the box next to YES, I accept the Terms of Use
   then click on: Start
• You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
• Check "Enable detection of potentially unwanted applications"
• Click on Start and say yes to allow the program to proceed.
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
• After that click the button "Back"
• Select and check Uninstall application on close and Delete quarantined files.
• Then click on: Finish
• Copy and paste the ESET log back here and tell me how your machine is now.

 

 

[emeraldnzl]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.