FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Sankar Namboodiri (administrator) on DOMINATRIX on 30-04-2015 17:35:54
Running from C:\Users\Sankar Namboodiri\Desktop
Loaded Profiles: Sankar Namboodiri (Available profiles: Sankar Namboodiri)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Realtek) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Enigma Software Group USA, LLC.) C:\Users\Sankar Namboodiri\AppData\Local\Temp\esg_uninstall.exe~
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(reimage) C:\Program Files\eFix\eFix Pro\eFixProMain.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe
(Facebook Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Google Inc.) C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [4119552 2008-11-17] (Dell Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [fssui] => C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)
HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [40973] => C:\PROGRA~3\LOCALS~1\Temp\msiwyzbe.pif
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [267F03DCE1038D2E34EC9385323C594492D174CA._service_run] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [Google Update] => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [EvolveClient] => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7806232 2015-03-25] (SUPERAntiSpyware)
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Run: [DellSystemDetect] => C:\Users\Sankar Namboodiri\AppData\Local\Apps\2.0\RB9W3D12.P1V\Y6ATRY84.BVV\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-07-01] (Dell)
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\CurrentVersion\Windows: [Load] C:\Users\SANKAR~1\LOCALS~1\Temp\mshoaicob.cmd <===== ATTENTION
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {5ddeb4b5-a290-11e1-98c4-002564620625} - E:\SISetup.exe
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\MountPoints2: {c4a1a91b-1e73-11e0-a44b-002564620625} - E:\Windows\CHECK\DriveNavigator.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
IFEO\mbam.exe: [Debugger] pp_.exe
IFEO\mbamgui.exe: [Debugger] iu_.exe
IFEO\msseces.exe: [Debugger] ulotmhvc_.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-09-30]
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk [2013-10-14]
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2014-04-20]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pokemon Emerald.lnk [2015-04-17]
ShortcutTarget: Pokemon Emerald.lnk -> C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}\Pokemon Emerald.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 - Default Value = {f78bf7a8-cf12-4de7-a6da-c463d1b539a7}
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {4BBD339E-0EEB-4F25-889D-6B6544790428} URL =
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {67676DCA-C904-4E02-A366-10529FB97417} URL =
http://ws.infospace....r?_iceUrl=trueuser_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> {92EFC441-0878-43DA-A1ED-B8BC72D2C1E5} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-15] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-15] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-15] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Strong Signal -> {c723a437-2eaf-466d-a95b-3fa0966bf88c} -> C:\Program Files (x86)\Strong Signal\Extensions\c723a437-2eaf-466d-a95b-3fa0966bf88c.dll No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-15] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-2054513145-232998130-3655723851-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-01] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5-x64 01 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 08 mswsock.dll File Not found ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bg_840_bl-is-18__alt__ddc_dsssyctab_bd_com
FF DefaultSearchEngine: Yahoo! Search
FF DefaultSearchEngine.US: Yahoo! Search
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-18__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bg_840_bl-is-18__alt__ddc_dss_bd_com&p={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-19] (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-08-15] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretoxlive.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2010-05-04] (Alcatel-Lucent)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-16] (VideoLAN)
FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sankar Namboodiri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-24] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-11-14] (Ubisoft)
FF Plugin HKU\S-1-5-21-2054513145-232998130-3655723851-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF user.js: detected! => C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\user.js [2015-03-22]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2010-08-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2010-08-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2010-08-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2010-08-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2010-08-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2010-08-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2010-08-05] (Apple Inc.)
FF SearchPlugin: C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\searchplugins\search-provided-by-yahoo.xml [2015-03-22]
FF Extension: Strong Signal - C:\Users\Sankar Namboodiri\AppData\Roaming\Mozilla\Firefox\Profiles\ywa4p1nz.default\Extensions\{32b2bf24-d7e1-4457-ae7d-61b5c4686a26}.xpi [2015-03-22]
FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\
[email protected] [2015-04-19]
FF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\
[email protected] [2015-04-19]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-18]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-18]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR RestoreOnStartup: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_dnldstr_15_12¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtC0AtB0EtB0F0AtDtD0DtN0D0Tzu0StCtCyByCtN1L2XzutAtFzytFyEtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0AyC0EtCyE0C0AtG0A0AyC0DtG0DzztAyDtGzytDyDtBtGtA0CyD0E0D0F0Ezz0CtCtB0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzyzzyByEtAzzyBtGyB0B0CtAtGyEtByDzytGzzyCtCyEtGtCyEtAtB0A0A0AyCyCtDyC0A2QtN0A0LzutBtN1B2Z1V1T1S1NzuyCtDyB%26cr%3D79078218%26a%3Dwny_dnldstr_15_12%26os%3DWindows 7 Home Premium", "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bg_840_bl-is-16__alt__ddc_dsssyc_bd_com"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-08-14]
CHR Extension: (Google Docs) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (YouTube) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Bloons Tower Defense 5) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbmjfljnekllgcgnbbjfolnbgcjnghf [2013-12-14]
CHR Extension: (Kingdom Rush) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckmfhhjalnddapegkbbohfaodgbnocim [2013-08-14]
CHR Extension: (Google Search) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Strong Signal) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdjbcindpnjlpbkehkccpcmdebmbgoa [2015-03-23]
CHR Extension: (Block site) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2014-11-30]
CHR Extension: (BetaFish Adblocker) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-16]
CHR Extension: (Bookmark Manager) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Fieldrunners) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2013-08-14]
CHR Extension: (Google Wallet) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR Extension: (Canvas Rider) - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-07-01]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
StartMenuInternet: Google Chrome.SJXP7CNPQJ3XWF6TBCM73HEZME - C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-05-04] (Alcatel-Lucent) [File not signed]
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-05-04] (Alcatel-Lucent) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 Realtek11nCU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]
S3 EvoSvc; "C:\Program Files\Echobit\Evolve\EvoSvc.exe" -service -logfile "C:\ProgramData\Echobit\Evolve\EvoSvc.log"
S3 GoToAssist; "C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe" Start=service [X]
S2 HPSIService; C:\Windows\system32\HPSIsvc.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-05-04] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Marvell Semiconductor, Inc.)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-07-12] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2004-07-08] () [File not signed]
U1 StarOpen; No ImagePath
R3 cpuz134; \??\C:\Users\SANKAR~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 17:35 - 2015-04-30 17:36 - 00035548 _____ () C:\Users\Sankar Namboodiri\Desktop\FRST.txt
2015-04-30 17:35 - 2015-04-30 17:35 - 02101248 _____ (Farbar) C:\Users\Sankar Namboodiri\Desktop\FRST64.exe
2015-04-30 07:34 - 2015-04-30 07:34 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{88947EC5-B5A3-4A83-A338-00D13C1BA793}
2015-04-29 21:41 - 2015-04-29 21:41 - 00004302 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2015-04-29 21:41 - 2015-04-29 21:41 - 00003462 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2015-04-29 21:41 - 2015-04-29 21:41 - 00000000 ____D () C:\Program Files\Reimage
2015-04-29 21:40 - 2015-04-29 21:41 - 00000000 ____D () C:\ProgramData\Reimage Protector
2015-04-29 21:40 - 2015-04-29 21:40 - 00001782 _____ () C:\Users\Public\Desktop\eFix Pro.lnk
2015-04-29 21:40 - 2015-04-29 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
2015-04-29 21:39 - 2015-04-29 21:42 - 00000000 ____D () C:\rei
2015-04-29 21:39 - 2015-04-29 21:39 - 00000000 ____D () C:\Program Files\eFix
2015-04-29 21:38 - 2015-04-29 21:42 - 00000144 _____ () C:\Windows\Reimage.ini
2015-04-29 21:38 - 2015-04-29 21:41 - 00000072 _____ () C:\Windows\efix.ini
2015-04-29 21:38 - 2015-04-29 21:38 - 00776792 _____ (Reimage®) C:\Users\Sankar Namboodiri\Desktop\eFixPro (1).exe
2015-04-29 21:37 - 2015-04-29 21:38 - 00776792 _____ (Reimage®) C:\Users\Sankar Namboodiri\Desktop\eFixPro.exe
2015-04-29 19:32 - 2015-04-29 19:33 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3676B428-FC1A-4250-ABD7-29CAAC053A4D}
2015-04-29 18:32 - 2015-04-29 21:37 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Enigma Software Group
2015-04-29 18:16 - 2015-04-29 18:16 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\NisDrv
2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\mpfilter
2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Windows\system32\config\amd64
2015-04-29 18:16 - 2015-04-29 18:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-04-29 18:16 - 2015-01-30 03:26 - 00186656 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll
2015-04-29 18:16 - 2015-01-30 02:24 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll
2015-04-29 17:28 - 2015-04-29 17:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-04-29 17:26 - 2015-04-29 17:27 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Sankar Namboodiri\Desktop\tdsskiller.exe
2015-04-29 17:08 - 2015-04-30 17:29 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-04-29 17:08 - 2015-04-29 17:08 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\SUPERAntiSpyware.com
2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-04-29 17:08 - 2015-04-29 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-04-29 17:04 - 2015-04-29 17:07 - 21781384 _____ (SUPERAntiSpyware) C:\Users\Sankar Namboodiri\Desktop\SAS_6126996.EXE
2015-04-29 07:31 - 2015-04-29 07:31 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{0D80FC08-A5E2-4ADC-99C4-F02A91124D5F}
2015-04-28 21:07 - 2015-04-29 07:19 - 00000000 ____D () C:\VIPRERESCUE
2015-04-28 21:07 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2015-04-28 21:07 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2015-04-28 20:50 - 2015-04-28 21:07 - 214511616 _____ () C:\Users\Sankar Namboodiri\Desktop\VIPRERescue39750.exe
2015-04-28 20:41 - 2015-04-30 17:36 - 00000000 ____D () C:\FRST
2015-04-28 20:30 - 2015-04-29 18:23 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-28 20:30 - 2015-04-29 18:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-28 20:30 - 2015-04-28 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-28 20:30 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-28 20:30 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-28 20:30 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022.exe
2015-04-28 20:28 - 2015-04-28 20:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Sankar Namboodiri\Desktop\mbam-setup-2.1.6.1022 (1).exe
2015-04-28 20:24 - 2015-04-28 20:24 - 00013865 _____ () C:\Users\Sankar Namboodiri\Desktop\Windows Defender - Shortcut.lnk
2015-04-28 20:02 - 2015-04-28 20:02 - 00887280 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Downloads\mssstool64.exe
2015-04-28 20:00 - 2015-04-28 20:00 - 00176940 _____ () C:\Users\Sankar Namboodiri\Downloads\BFE.reg
2015-04-28 20:00 - 2015-04-28 20:00 - 00006396 _____ () C:\Users\Sankar Namboodiri\Downloads\MpsSvc.reg
2015-04-28 19:30 - 2015-04-28 19:30 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{2B2DFACA-F52D-4E92-916B-71AA66A69BA7}
2015-04-27 18:36 - 2015-04-27 18:36 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{A36F09F5-8012-46A7-8F47-F73B969D88F5}
2015-04-27 18:26 - 2015-04-27 18:26 - 14160536 _____ (Microsoft Corporation) C:\Users\Sankar Namboodiri\Desktop\mseinstall.exe
2015-04-25 08:44 - 2015-04-27 00:57 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BE903481-C97F-4543-8E8A-4BB8541DB838}
2015-04-24 18:21 - 2015-04-24 18:22 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BA9562D2-85E4-47AA-912F-CD4AB3CE1E32}
2015-04-23 20:35 - 2015-04-23 20:35 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3CE114CF-1470-4B4D-A77E-800953D4D1B1}
2015-04-22 19:34 - 2015-04-22 19:34 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{F453C3B1-DD0A-4E1E-AE33-295AA68A10D6}
2015-04-19 20:27 - 2015-04-21 19:05 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{23A4C709-A8C8-437D-B436-6DD3056FA836}
2015-04-19 18:02 - 2015-04-19 18:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 08:26 - 2015-04-19 08:26 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{AE5B2CAE-83F2-4007-8241-A75C92EDC375}
2015-04-17 19:08 - 2015-04-29 21:33 - 00000000 ____D () C:\ProgramData\{2a08bb7c-1ca7-3d6d-2a08-8bb7c1caedf0}
2015-04-17 17:20 - 2015-04-17 17:20 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{79CDA661-C844-42DE-A39C-184DB4ED6068}
2015-04-16 20:49 - 2015-04-16 20:49 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{F36F0089-8F4F-447A-BC4B-AF261D996C1A}
2015-04-12 21:01 - 2015-04-12 21:01 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{319474BE-8EF4-4346-8C03-865F49DC434D}
2015-04-12 08:32 - 2015-04-12 08:32 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{3C5AA834-3FF2-44E9-BC2C-A84902C4BF8D}
2015-04-11 10:54 - 2015-04-11 10:54 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{9F085D21-15B7-4BC2-9074-13AC6EFAB672}
2015-04-08 20:35 - 2015-04-12 21:02 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\2015 folder
2015-04-08 20:35 - 2015-04-08 20:35 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{0DBB7D6C-6D7F-4E32-B4D2-E4C65128AF08}
2015-04-05 10:36 - 2015-04-05 10:36 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{33E07FBE-B4E1-438A-8073-90586D9668DC}
2015-04-04 14:31 - 2015-04-04 14:31 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{64700523-5554-474D-86EA-0DF6F7753946}
2015-04-03 18:56 - 2015-04-03 18:57 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{BC4BC0AF-1B03-46BF-834A-3012CBAB9FEC}
2015-04-01 19:48 - 2015-04-01 19:48 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\{A885CBED-D941-4518-80B8-7106DE402AE7}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 17:31 - 2014-03-20 15:47 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 17:29 - 2014-03-20 15:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 17:29 - 2013-03-16 16:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-30 17:29 - 2012-07-15 10:09 - 00000976 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job
2015-04-30 17:29 - 2012-07-15 10:09 - 00000954 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job
2015-04-30 17:29 - 2010-01-02 15:53 - 00000956 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job
2015-04-30 17:29 - 2010-01-02 15:53 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job
2015-04-30 17:29 - 2009-07-14 01:10 - 01477501 _____ () C:\Windows\WindowsUpdate.log
2015-04-30 06:27 - 2013-08-14 19:24 - 00002430 _____ () C:\Users\Sankar Namboodiri\Desktop\Google Chrome.lnk
2015-04-30 06:25 - 2010-01-14 21:45 - 00003982 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4049948B-A48B-40A1-8DFC-B6312779EC7A}
2015-04-29 21:39 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-29 21:39 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-29 21:32 - 2014-01-29 16:32 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-04-29 21:31 - 2014-07-09 19:32 - 00009332 _____ () C:\Windows\setupact.log
2015-04-29 21:31 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-29 21:30 - 2009-09-30 03:49 - 00554872 _____ () C:\Windows\PFRO.log
2015-04-29 18:22 - 2011-01-25 17:48 - 00002198 _____ () C:\Windows\epplauncher.mif
2015-04-29 18:16 - 2011-01-25 17:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-04-29 17:42 - 2010-11-20 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2015-04-29 17:41 - 2010-08-28 18:27 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Octoshape
2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\Dev-Cpp
2015-04-29 17:41 - 2010-01-16 11:07 - 00000000 ____D () C:\Dev-Cpp
2015-04-29 17:40 - 2012-01-23 20:15 - 00000000 ____D () C:\Program Files (x86)\Comical
2015-04-28 20:37 - 2014-06-12 17:59 - 00000000 ____D () C:\ProgramData\NexonUS
2015-04-28 20:37 - 2012-05-20 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-04-28 20:37 - 2012-05-20 19:02 - 00000000 ____D () C:\Program Files\HP
2015-04-28 20:36 - 2010-11-25 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-04-28 20:36 - 2010-11-20 11:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-04-28 20:35 - 2010-02-11 21:33 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2015-04-28 20:05 - 2009-07-14 01:13 - 00784822 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 19:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-28 19:33 - 2010-01-02 15:53 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Google
2015-04-27 18:30 - 2014-07-18 13:16 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Roaming\.minecraft
2015-04-25 10:05 - 2015-01-17 21:00 - 00000000 ____D () C:\Users\Sankar Namboodiri\Desktop\Scanned pages
2015-04-24 22:25 - 2013-08-14 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-17 18:12 - 2013-03-16 16:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-17 18:12 - 2013-03-16 16:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-17 18:12 - 2011-09-29 23:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-08 20:35 - 2012-04-20 20:22 - 00000000 ____D () C:\Users\Sankar Namboodiri\AppData\Local\Windows Live
==================== Files in the root of some directories =======
2014-06-10 15:21 - 2014-06-10 15:21 - 0000087 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\Camdata.ini
2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamLayout.ini
2014-06-10 15:21 - 2014-06-10 15:21 - 0000408 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamShapes.ini
2014-06-10 15:21 - 2014-06-10 15:21 - 0004535 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\CamStudio.cfg
2014-07-03 17:11 - 2014-07-03 17:13 - 0033280 ___SH () C:\Users\Sankar Namboodiri\AppData\Roaming\Thumbs.db
2014-07-02 22:26 - 2014-07-02 22:26 - 0020097 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\UserTile.png
2014-06-10 14:56 - 2014-06-10 14:56 - 0000096 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\version2.xml
2013-07-30 17:52 - 2015-03-03 19:48 - 0000354 _____ () C:\Users\Sankar Namboodiri\AppData\Roaming\wklnhst.dat
2010-07-03 19:57 - 2013-11-17 18:17 - 0024064 _____ () C:\Users\Sankar Namboodiri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-02 20:10 - 2015-03-02 20:10 - 0018300 _____ () C:\Users\Sankar Namboodiri\AppData\Local\recently-used.xbel
2013-08-14 21:50 - 2013-08-14 21:50 - 0000017 _____ () C:\Users\Sankar Namboodiri\AppData\Local\resmon.resmoncfg
2013-10-14 18:27 - 2013-10-14 18:27 - 0000057 _____ () C:\ProgramData\Ament.ini
ZeroAccess:
C:\Users\Sankar Namboodiri\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install
Some content of TEMP:
====================
C:\Users\Sankar Namboodiri\AppData\Local\Temp\eFixProPackage.exe
C:\Users\Sankar Namboodiri\AppData\Local\Temp\EsgInstallerx64Stub.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 00:24
==================== End Of Log ============================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Sankar Namboodiri at 2015-04-30 17:37:35
Running from C:\Users\Sankar Namboodiri\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2054513145-232998130-3655723851-500 - Administrator - Disabled)
Guest (S-1-5-21-2054513145-232998130-3655723851-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2054513145-232998130-3655723851-1002 - Limited - Enabled)
Sankar Namboodiri (S-1-5-21-2054513145-232998130-3655723851-1001 - Administrator - Enabled) => C:\Users\Sankar Namboodiri
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 - Microsoft)
Akamai NetSession Interface (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaImpression (HKLM-x32\...\{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}) (Version: 1.2.28.448 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{64FBA03C-575C-D688-1C80-A5773CE471F9}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Audacity 1.3.11 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avery Template - U_0332_01_L (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000007}) (Version: 1.0.0.0 - Avery)
Avery Template (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000010}) (Version: 2.0.0.0 - Avery)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueJ 2.5.3 (HKLM-x32\...\BlueJ_is1) (Version: - Deakin University)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother HL-2140 (HKLM-x32\...\{F4873ADE-DCCC-46EA-9721-BC2BF8CD2EFE}) (Version: 1.00 - Brother)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ContentSAFER for Wizmax (HKLM-x32\...\{C19BE821-89B1-4A96-AC7C-873810C0CB5F}) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeepBurner Pro v1.9.0.228 (HKLM-x32\...\{1AD22277-7A1E-71EC-B27D-EB7A22BED143}) (Version: - )
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.24 - Dell)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell System Detect (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.115.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
eFix Pro (HKLM\...\eFix Pro) (Version: 1.8.1.1 - Reimage)
EmoDio (HKLM-x32\...\InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}) (Version: 1.0 - Samsung)
EmoDio (x32 Version: 1.0 - Samsung) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FlowLayoutDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\FlowLayoutDemo) (Version: - The Java Tutorial)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.6.1126 - Foxit Software Inc.)
Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 2.70 - Philipp Winterberg)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.8.1 - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GlassPaneDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\GlassPaneDemo) (Version: - The Java Tutorial)
Google Chrome (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6272.0 - IDT)
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1994 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
InternalFrameDemo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\InternalFrameDemo) (Version: - The Java Tutorial)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Media Framework 2.1.1e (HKLM-x32\...\Java Media Framework 2.1.1e) (Version: - )
Java MP3 PlugIn (HKLM-x32\...\Java MP3 PlugIn) (Version: - )
Java SE Development Kit 6 Update 18 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160180}) (Version: 1.6.0.180 - Sun Microsystems, Inc.)
JFreeChart 1.0.13 Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\JFreeChart 1.0.13 Demo) (Version: - Object Refinery Ltd)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Menu Glue Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Menu Glue Demo) (Version: - The Java Tutorial)
Menu Layout Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Menu Layout Demo) (Version: - The Java Tutorial)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Halo (HKLM-x32\...\Halo) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Communicator 2007 (HKLM-x32\...\{E5BA0430-919F-46DD-B656-0796F8A5ADFF}) (Version: 2.0.6362.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nitronic Rush (2012-12-21 .2) version 20121221.1 (HKLM-x32\...\{9B55759D-424F-4CB1-B84E-AAE83CC1D20A}_is1) (Version: 20121221.1 - DigiPen)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{35DB2630-846E-47C5-AF84-9D6AC3629F55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Progress Bar (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Progress Bar) (Version: - The Java Tutorial)
Progress Monitor Demo (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\Progress Monitor Demo) (Version: - The Java Tutorial)
Python 3.2.2 (64-bit) (HKLM\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFe}) (Version: 3.2.2150 - Python Software Foundation)
Python 3.4.0 (HKLM-x32\...\{a37f2d73-72d1-364d-ba5d-cea430bcc040}) (Version: 3.4.150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
QuickTime (HKLM-x32\...\{BFD96B89-B769-4CD6-B11E-E79FFD46F067}) (Version: 7.4.1.14 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - REALTEK Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.5.7896 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Slik Subversion 1.6.17 (x64) (HKLM\...\{D7F354AA-0E15-4407-B3FC-866BEA805CCD}) (Version: 1.6.17.0 - SlikSvn & The SharpSvn Project)
SmartMusic (HKLM-x32\...\{287324A5-8034-4720-ACE4-497956793955}) (Version: 1.1.2557 - MakeMusic, Inc.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
SWI-Prolog (remove only) (HKLM-x32\...\SWI-Prolog) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{9E1BAB75-EB78-440D-94C0-A3857BE2E733}) (Version: 4.1.71.0 - Husdawg, LLC)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tarrasch Chess GUI V1.00b (HKLM-x32\...\Tarrasch Chess GUI_is1) (Version: - Triple Happy Ltd.)
Unity Web Player (HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2054513145-232998130-3655723851-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
08-02-2015 21:41:53 Scheduled Checkpoint
03-03-2015 20:14:41 Scheduled Checkpoint
13-03-2015 21:06:16 Scheduled Checkpoint
28-03-2015 20:23:41 Scheduled Checkpoint
05-04-2015 11:27:01 Scheduled Checkpoint
17-04-2015 20:29:18 Scheduled Checkpoint
25-04-2015 15:08:30 Scheduled Checkpoint
28-04-2015 19:32:29 Removed Google Talk Plugin
29-04-2015 17:39:08 Removed Visual Studio 2010 x64 Redistributables
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {10D6A8BF-F556-4155-9C06-9C720879CE79} - System32\Tasks\{F95BC09C-F3E6-41D6-B2A4-B178E07BC8A2} => pcalua.exe -a "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\GUninstaller.exe" -c -uprtc -key "BabylonToolbar"
Task: {1C804CEB-DB8B-4329-B8C7-1C21AB4938E2} - System32\Tasks\{E36CDDE6-F3F4-4F89-9FCA-EF11C4FB478C} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\EvolveSetup.exe" -d "C:\Users\Sankar Namboodiri\Desktop"
Task: {2DFFF575-4795-4A5E-8089-FE7B85E007C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {35BEF947-D721-4560-A2BD-C501D8B450B7} - System32\Tasks\Windows Update Check - 0x21BF04DF => C:\Users\SANKAR~1\AppData\Local\Temp\Rar$EXa0.646\FORCEO~1.EXE <==== ATTENTION
Task: {4337C04C-37B4-46DF-AD01-4FA7F082135E} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {4B7A90CB-DC66-4172-B6BF-B5F23E812E66} - System32\Tasks\Reimage Reminder => C:\Program Files\eFix\eFix Pro\eFixReminder.exe <==== ATTENTION
Task: {55D345FF-EB86-452E-9AD8-252932600915} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-15] (Facebook Inc.)
Task: {58310B14-A0A3-40B8-8754-3E00E5A0F224} - System32\Tasks\{8D1FB7FF-F48D-4EB3-A860-3AFDC26F74ED} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Downloads\javamp3-1_0.exe" -d "C:\Users\Sankar Namboodiri\Downloads"
Task: {5866912C-061D-49DE-B991-F27AEFB7DDE3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6273E771-DACB-48B5-9B2D-933BB3AED0E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {674EAD69-E0B1-404A-84EC-3D92411811CB} - System32\Tasks\{0FEA6B1D-EF1B-4658-B8CD-4A095CC2602A} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Downloads\Win7Vista_64_151719.exe" -d "C:\Users\Sankar Namboodiri\Downloads"
Task: {6D56563E-B457-4CF0-9F3B-2C90DC794CB4} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14] (Reimage®) <==== ATTENTION
Task: {742B6AB0-78C1-4B2E-BDFE-08714F627E97} - System32\Tasks\{4FF6883F-050A-4487-9BE4-651BA6452C4B} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\mte\MTE.exe" -d "C:\Users\Sankar Namboodiri\Desktop\mte"
Task: {75F70731-8FC8-4859-B89E-E6C706A60967} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-15] (Facebook Inc.)
Task: {989C4EC6-5E70-4B4B-BEF6-59634EF5961D} - System32\Tasks\{0F582C0D-F376-47F4-B4FE-CEB5FD6D4C0E} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\liteloader-installer-1.6.2-01.exe" -d "C:\Users\Sankar Namboodiri\Desktop"
Task: {A0AA9DC2-31E5-4492-9A60-440FFD2EF57F} - System32\Tasks\{A955B7AD-973B-459B-B4BA-CFF93EE86639} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\pixelmon mod installer.exe" -d "C:\Users\Sankar Namboodiri\Desktop"
Task: {A111F2A4-21CB-4E06-8B30-DF1078AF8015} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-20] (Google Inc.)
Task: {A1C0FFD6-AB20-4F5C-95E8-50972271F0AE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CCD0AD95-EEBC-4558-AC76-3BCA29B37396} - System32\Tasks\{5B91FB81-7F70-4E63-9C98-828D64624768} => C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe [2003-09-02] (Ensemble Studios)
Task: {E242D8D1-C232-45C8-B7E7-A167DFC20DBB} - System32\Tasks\D77R8YJ1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {F0665ECC-C260-4679-87FD-7B79F4322468} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {F65CCD10-65D4-4CE8-8D77-EC09698ADE6C} - System32\Tasks\{0A658BCB-C922-4F25-A36D-DC2DEC06B564} => pcalua.exe -a "C:\Users\Sankar Namboodiri\Desktop\Win7Vista_64_151719.exe" -d "C:\Users\Sankar Namboodiri\Desktop"
Task: {F7AA074C-9669-4E14-B07E-55B8C81A8194} - System32\Tasks\{01970AA0-1901-4795-B5E9-E406F63AF5B9} => C:\Program Files (x86)\Microsoft Games\Age of Mythology\aomx.exe [2003-09-02] (Ensemble Studios)
Task: {F8165C36-4005-4F25-B434-508069E33EBA} - System32\Tasks\{A315EEC4-DE3F-456E-A8E9-81946C32D504} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job => C:\Users\Sankar Namboodiri\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001Core.job => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2054513145-232998130-3655723851-1001UA.job => C:\Users\Sankar Namboodiri\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2009-09-30 01:58 - 2009-07-16 21:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2009-09-30 01:58 - 2009-07-16 21:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2014-12-21 19:56 - 2011-02-28 18:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2012-05-20 19:04 - 2010-03-04 16:56 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2009-09-30 01:58 - 2008-11-17 07:29 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2015-01-14 06:07 - 2015-01-14 06:07 - 06757728 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-30 02:02 - 2009-07-16 11:58 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-09-30 02:02 - 2009-07-16 11:59 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2012-12-05 09:25 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-12-30 21:29 - 2014-06-04 11:21 - 00571904 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-12-30 21:29 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-04-26 12:54 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-26 12:54 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Sankar Namboodiri\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42343112.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42343112.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2054513145-232998130-3655723851-1001\...\vizzed.com -> www.vizzed.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2054513145-232998130-3655723851-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sankar Namboodiri\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Sankar Namboodiri\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: wininit1360259348 => C:\Users\Sankar Namboodiri\AppData\Local\Temp\793516544.exe
MSCONFIG\startupreg: wininit58554926 => C:\Users\Sankar Namboodiri\AppData\Local\Temp\56518410.exe
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14415927
Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14415927
Error: (04/30/2015 01:28:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16824614
Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16824614
Error: (04/30/2015 06:23:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14407519
Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14407519
Error: (04/30/2015 01:42:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/29/2015 09:42:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2652
System errors:
=============
Error: (04/29/2015 09:33:19 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004
Error: (04/29/2015 09:33:18 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unexpected failure. Error code: D@01010004
Error: (04/29/2015 09:32:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error:
%%1053
Error: (04/29/2015 09:32:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
Error: (04/29/2015 09:31:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5
Error: (04/29/2015 09:31:28 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5
Error: (04/29/2015 09:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP SI Service service failed to start due to the following error:
%%2
Error: (04/29/2015 09:31:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5
Error: (04/29/2015 09:31:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Base Filtering Engine service terminated with the following error:
%%5
Error: (04/29/2015 08:21:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
Microsoft Office Sessions:
=========================
Error: (02/07/2015 03:52:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/07/2015 03:52:06 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/07/2015 03:51:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4230 seconds with 120 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 74%
Total physical RAM: 3032.36 MB
Available physical RAM: 762.27 MB
Total Pagefile: 9174.55 MB
Available Pagefile: 6724.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:213.72 GB) (Free:69.08 GB) NTFS
Drive e: (WDO_MEDIA64) (Removable) (Total:7.63 GB) (Free:7.31 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 2B391CB6)
Partition 1: (Not Active) - (Size=298 MB) - (Type=DE)
Partition 2: (Active) - (Size=18.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=213.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7.6 GB) (Disk ID: 04030201)
Partition 1: (Active) - (Size=7.6 GB) - (Type=0B)
==================== End Of Log ============================
Thank you for your help! Also new thing is that there is a website where Chrome keeps popping up that thing that says "the website at blah blah blah says..." and I couldn't close the tab so I needed to end Chrome in the task manager. In case that helps any.
EDIT: Ok well checked again and Windows defender worked once now, though it couldn't start the actual defending, but after that when I click it all I get is the spinning thing next to my mouse cursor then nothing.
Edited by SRDYK?, 30 April 2015 - 04:16 PM.