Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to run scan of any antivirus - Please Help [Closed]


  • This topic is locked This topic is locked

#1
jyotikanaru

jyotikanaru

    Member

  • Member
  • PipPip
  • 14 posts
anScan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by saijyotika (administrator) on JYOTIKA on 24-06-2015 02:10:25
Running from C:\Users\saijyotika\Downloads
Loaded Profiles: saijyotika (Available Profiles: saijyotika)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\HpqSRmon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Google Inc.) C:\Users\saijyotika\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Users\saijyotika\AppData\Local\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Run: [Google Update] => C:\Users\saijyotika\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.)
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-09] (Piriform Ltd)
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Run: [GoogleChromeAutoLaunch_DDA0BB41EE412DD5FED2E787CB077A19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\RunOnce: [Uninstall C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b.lnk [2015-06-05]
ShortcutTarget: b.lnk -> C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe ()
Startup: C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 [2009-09-19] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-in/?ocid=iehp
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://supportapj.de...r/SysProExe.CAB
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.4.21.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{DF9F7C96-B51D-47FC-AC8A-3C46401AE9E6}: [NameServer] 119.235.48.3,119.235.48.2,8.8.8.8,103.229.129.3
 
FireFox:
========
FF ProfilePath: C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-02-24] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-02-24] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3934694455-2046814312-3196483240-1000: @tools.google.com/Google Update;version=3 -> C:\Users\saijyotika\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3934694455-2046814312-3196483240-1000: @tools.google.com/Google Update;version=9 -> C:\Users\saijyotika\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Extension: YouTube Video Downloader - For Context Menu - C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected] [2015-05-20]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
 
Chrome: 
=======
CHR Profile: C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-23]
CHR Extension: (YouTube) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-23]
CHR Extension: (Bouncy Mouse) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb [2015-06-23]
CHR Extension: (Google Search) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-23]
CHR Extension: (The Godfather: Five Families) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfkoljdeffeedleidebkmmamepgbnbl [2015-06-23]
CHR Extension: (Digital Clock) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-06-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-23]
CHR Extension: (Fieldrunners) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2015-06-23]
CHR Extension: (Google Play Books) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2015-06-23]
CHR Extension: (Cath Kidston) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndlpkmaeinmnbiadacenijnhlolneopm [2015-06-23]
CHR Extension: (Google Wallet) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-06-23]
CHR Extension: (Gmail) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-23]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
S3 hpqcxs08; C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-18] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [158768 2009-04-11] (Microsoft Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S2 VSSS; C:\Users\saijyotika\AppData\Roaming\Microsoft\SystemCertificates\VSSVC.exe [101242624 2015-06-23] (Microsoft Corporation) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2015-06-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-22] (Anchorfree Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-24 02:10 - 2015-06-24 02:10 - 00018338 _____ C:\Users\saijyotika\Downloads\FRST.txt
2015-06-24 02:09 - 2015-06-24 02:09 - 02109952 _____ (Farbar) C:\Users\saijyotika\Downloads\FRST64.exe
2015-06-23 18:38 - 2015-06-23 18:38 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2015-06-23 17:52 - 2015-06-23 18:45 - 175577872 _____ (Microsoft Corporation) C:\Users\saijyotika\Desktop\msert.exe
2015-06-23 17:10 - 2015-06-23 17:10 - 00193828 _____ C:\ProgramData\1435059568.bdinstall.bin
2015-06-23 17:10 - 2015-06-23 17:10 - 00002188 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2015-06-23 17:10 - 2015-06-23 17:10 - 00000000 ____D C:\Users\saijyotika\Desktop\Anti Virus
2015-06-23 17:10 - 2015-06-23 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2015-06-23 17:10 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2015-06-23 17:10 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2015-06-23 17:09 - 2015-06-23 17:10 - 00000000 ____D C:\Program Files\Bitdefender
2015-06-23 17:09 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2015-06-23 17:09 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2015-06-23 17:07 - 2015-06-23 17:07 - 00042930 _____ C:\ProgramData\1435059440.5052.bin
2015-06-23 17:07 - 2015-06-23 17:07 - 00002060 _____ C:\ProgramData\1435059440.480.bin
2015-06-23 17:07 - 2015-06-23 17:07 - 00000189 _____ C:\ProgramData\1435059440.3464.bin
2015-06-23 17:06 - 2015-06-23 17:06 - 00045521 _____ C:\ProgramData\1435059351.bdinstall.bin
2015-06-23 17:01 - 2015-06-23 17:01 - 01415680 _____ (wj32) C:\Program Files\HKZX6FDS.exe
2015-06-23 16:54 - 2015-06-23 16:54 - 02244096 _____ C:\Users\saijyotika\Desktop\AdwCleaner.exe
2015-06-23 16:50 - 2015-06-23 16:50 - 00098892 _____ C:\ProgramData\1435058366.bdinstall.bin
2015-06-23 16:49 - 2015-06-23 16:49 - 00037823 _____ C:\ProgramData\1435058361.bdinstall.bin
2015-06-23 16:47 - 2015-06-24 01:57 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-23 16:47 - 2015-06-23 16:47 - 00001078 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-23 16:47 - 2015-06-23 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-23 16:46 - 2015-06-23 16:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-23 16:46 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-23 16:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-23 16:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-23 16:39 - 2015-06-23 16:40 - 00093752 _____ C:\Users\saijyotika\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-23 16:35 - 2015-06-23 16:35 - 00324652 _____ C:\ProgramData\1435057034.bdinstall.bin
2015-06-23 16:35 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\SETD6EE.tmp
2015-06-23 16:35 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\SET43D2.tmp
2015-06-23 16:35 - 2009-07-15 01:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-06-23 16:23 - 2015-06-24 02:02 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\QuickScan
2015-06-23 16:13 - 2015-06-24 02:10 - 00000000 ____D C:\FRST
2015-06-23 16:01 - 2015-06-23 16:01 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\AVAST Software
2015-06-23 15:59 - 2015-06-24 01:49 - 00043650 _____ C:\Windows\setupact.log
2015-06-23 15:59 - 2015-06-23 17:12 - 00620444 _____ C:\Windows\PFRO.log
2015-06-23 15:59 - 2015-06-23 16:00 - 00377008 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-23 15:59 - 2015-06-23 15:59 - 00000000 _____ C:\Windows\setuperr.log
2015-06-23 15:58 - 2015-06-23 15:58 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-06-23 15:58 - 2015-06-23 15:58 - 00000000 ____D C:\Windows\system32\vbox
2015-06-23 15:24 - 2015-06-23 15:24 - 01415680 _____ (wj32) C:\Program Files\CAJSKZ8N.exe
2015-06-23 15:24 - 2015-06-23 15:24 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-23 14:31 - 2015-06-23 14:31 - 00002231 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-23 14:31 - 2015-06-23 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JSKZ8HFU.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JS1A8HKU.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\5ECLU3CR.exe
2015-06-23 14:16 - 2015-06-24 01:53 - 00114486 _____ C:\Windows\WindowsUpdate.log
2015-06-23 14:09 - 2015-06-23 14:09 - 01415680 _____ (wj32) C:\Program Files\4DBKT20F.exe
2015-06-23 14:05 - 2015-06-23 14:05 - 01415680 _____ (wj32) C:\Program Files\PTMF81UA.exe
2015-06-22 09:36 - 2015-06-22 09:36 - 00005060 _____ C:\Windows\system32\.crusader
2015-06-22 09:04 - 2015-06-23 16:59 - 00000000 ____D C:\AdwCleaner
2015-06-22 09:03 - 2015-06-23 14:11 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-22 09:02 - 2015-06-22 09:36 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-21 12:23 - 2015-06-21 12:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-21 10:10 - 2015-06-21 10:10 - 00003304 ____N C:\bootsqm.dat
2015-06-16 09:44 - 2015-06-16 09:44 - 00001096 _____ C:\Advertisement.txt
2015-06-16 09:42 - 2015-06-16 10:11 - 00001130 _____ C:\Users\saijyotika\Desktop\Advertisement.txt
2015-06-12 07:37 - 2015-06-02 00:46 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-12 07:37 - 2015-06-01 23:37 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-12 07:37 - 2015-05-27 20:05 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-12 07:37 - 2015-05-27 19:38 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-12 07:37 - 2015-05-23 08:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-12 07:37 - 2015-05-23 08:45 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-12 07:37 - 2015-05-23 08:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-12 07:37 - 2015-05-23 08:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-12 07:37 - 2015-05-23 08:44 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-12 07:37 - 2015-05-23 08:43 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-12 07:37 - 2015-05-23 08:40 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-12 07:37 - 2015-05-23 08:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-12 07:37 - 2015-05-23 08:38 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-12 07:37 - 2015-05-23 08:36 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-12 07:37 - 2015-05-23 08:35 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-12 07:37 - 2015-05-23 08:35 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-12 07:37 - 2015-05-23 08:34 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-12 07:37 - 2015-05-23 08:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-12 07:37 - 2015-05-23 08:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-12 07:37 - 2015-05-23 08:19 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-12 07:37 - 2015-05-23 08:18 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-12 07:37 - 2015-05-23 08:17 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-12 07:37 - 2015-05-23 08:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-12 07:37 - 2015-05-23 08:08 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-12 07:37 - 2015-05-23 08:07 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-12 07:37 - 2015-05-23 08:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-12 07:37 - 2015-05-23 07:58 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-12 07:37 - 2015-05-23 07:50 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-12 07:37 - 2015-05-23 07:46 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-12 07:37 - 2015-05-23 07:44 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-12 07:37 - 2015-05-23 00:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-12 07:37 - 2015-05-23 00:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-12 07:37 - 2015-05-23 00:31 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-12 07:37 - 2015-05-23 00:30 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-12 07:37 - 2015-05-23 00:30 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-12 07:37 - 2015-05-23 00:30 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-12 07:37 - 2015-05-23 00:30 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-12 07:37 - 2015-05-23 00:29 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-12 07:37 - 2015-05-23 00:23 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-12 07:37 - 2015-05-23 00:22 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-12 07:37 - 2015-05-23 00:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-12 07:37 - 2015-05-23 00:18 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-12 07:37 - 2015-05-23 00:17 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-12 07:37 - 2015-05-23 00:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-12 07:37 - 2015-05-23 00:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-12 07:37 - 2015-05-23 00:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-12 07:37 - 2015-05-23 00:10 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-12 07:37 - 2015-05-23 00:06 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-12 07:37 - 2015-05-22 23:59 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-12 07:37 - 2015-05-22 23:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-12 07:37 - 2015-05-22 23:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-12 07:37 - 2015-05-22 23:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-12 07:37 - 2015-05-22 23:37 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-12 07:37 - 2015-05-22 23:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-12 07:37 - 2015-05-22 23:35 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-12 07:37 - 2015-05-22 23:35 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-12 07:37 - 2015-05-22 23:27 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-12 07:37 - 2015-05-22 23:20 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-12 07:37 - 2015-05-22 23:08 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-12 07:37 - 2015-05-22 22:56 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-11 18:38 - 2015-05-22 23:48 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-11 18:38 - 2015-05-22 23:48 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-11 18:38 - 2015-05-22 23:48 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-11 18:38 - 2015-05-22 23:48 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-11 18:38 - 2015-05-22 23:48 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-11 18:38 - 2015-05-22 23:48 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-11 18:38 - 2015-05-22 23:43 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-11 18:38 - 2015-05-21 18:49 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-11 18:38 - 2015-04-29 23:52 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 18:38 - 2015-04-29 23:51 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 18:38 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 18:38 - 2015-04-29 23:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 18:38 - 2015-04-29 23:49 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 18:38 - 2015-04-29 23:37 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-11 18:38 - 2015-04-29 23:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-11 18:38 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 18:38 - 2015-04-29 23:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-11 18:38 - 2015-04-29 23:35 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 18:37 - 2015-05-25 23:54 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-11 18:37 - 2015-05-25 23:53 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-11 18:37 - 2015-05-25 23:53 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-11 18:37 - 2015-05-25 23:51 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-11 18:37 - 2015-05-25 23:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-11 18:37 - 2015-05-25 23:48 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-11 18:37 - 2015-05-25 23:48 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-11 18:37 - 2015-05-25 23:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-11 18:37 - 2015-05-25 23:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-11 18:37 - 2015-05-25 23:48 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-11 18:37 - 2015-05-25 23:44 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-11 18:37 - 2015-05-25 23:44 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:37 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 18:37 - 2015-05-25 23:37 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 18:37 - 2015-05-25 23:34 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-11 18:37 - 2015-05-25 23:31 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 18:37 - 2015-05-25 23:30 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 18:37 - 2015-05-25 23:30 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-11 18:37 - 2015-05-25 23:30 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-11 18:37 - 2015-05-25 23:30 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-11 18:37 - 2015-05-25 23:30 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-11 18:37 - 2015-05-25 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-11 18:37 - 2015-05-25 23:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-11 18:37 - 2015-05-25 23:29 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-11 18:37 - 2015-05-25 23:29 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 18:37 - 2015-05-25 23:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-11 18:37 - 2015-05-25 23:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-11 18:37 - 2015-05-25 23:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-11 18:37 - 2015-05-25 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 23:25 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 22:38 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 18:37 - 2015-05-25 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-11 18:37 - 2015-05-25 22:20 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-11 18:37 - 2015-05-25 22:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-11 18:37 - 2015-05-25 22:18 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 22:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 22:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 18:37 - 2015-05-25 22:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-11 18:37 - 2015-04-24 23:47 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 18:37 - 2015-04-24 23:26 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-08 09:04 - 2015-06-08 09:04 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2015-06-02 07:36 - 2015-06-02 07:36 - 00000000 ____D C:\Users\saijyotika\AppData\Local\GWX
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-24 02:05 - 2010-08-29 13:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-24 02:05 - 2009-12-07 14:38 - 00019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-24 02:05 - 2009-12-07 14:38 - 00019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-24 01:57 - 2009-12-13 11:52 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3934694455-2046814312-3196483240-1000UA.job
2015-06-24 01:56 - 2012-09-16 07:05 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{700BD26A-509F-470D-8E2F-318AAB45FC67}
2015-06-24 01:54 - 2011-03-10 09:03 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\Skype
2015-06-24 01:50 - 2010-08-29 13:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-24 01:50 - 2009-07-14 10:39 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-24 01:49 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-23 20:13 - 2012-01-30 19:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-23 17:06 - 2011-02-12 14:00 - 00001945 _____ C:\Windows\epplauncher.mif
2015-06-23 16:01 - 2014-12-27 18:21 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 14:31 - 2010-08-29 13:17 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-23 14:31 - 2009-10-17 16:00 - 00000000 ____D C:\Users\saijyotika\AppData\Local\Google
2015-06-23 14:31 - 2009-07-14 10:43 - 00803202 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-23 14:22 - 2009-12-13 11:52 - 00000000 ____D C:\Users\saijyotika\AppData\Local\Deployment
2015-06-23 11:05 - 2011-12-09 12:39 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\Nitro PDF
2015-06-22 14:25 - 2012-01-30 18:01 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\NCH Software
2015-06-22 14:25 - 2012-01-30 18:01 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-06-22 14:25 - 2011-03-09 00:36 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-06-22 14:24 - 2010-08-21 19:03 - 00000000 ____D C:\Program Files (x86)\FileHippo.com
2015-06-22 14:24 - 2009-09-22 17:12 - 00000000 ____D C:\Program Files (x86)\Belarc
2015-06-22 14:23 - 2015-03-02 23:18 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\Samsung
2015-06-22 14:23 - 2015-03-02 23:17 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-06-22 14:23 - 2009-09-22 17:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-22 11:29 - 2015-05-16 08:52 - 00000024 _____ C:\Users\saijyotika\AppData\Roaming\appdataFr25.bin
2015-06-22 09:08 - 2011-11-13 13:38 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\AnvSoft
2015-06-19 06:57 - 2009-12-13 11:52 - 00000876 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3934694455-2046814312-3196483240-1000Core.job
2015-06-17 10:52 - 2009-07-14 10:38 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-15 13:36 - 2012-01-30 19:17 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-15 13:36 - 2012-01-30 19:17 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-15 13:36 - 2011-05-13 19:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-15 13:31 - 2014-08-30 12:08 - 00000000 ____D C:\Users\saijyotika\AppData\Local\Adobe
2015-06-14 10:11 - 2014-10-17 11:51 - 00000511 _____ C:\Users\saijyotika\Desktop\Pension.website
2015-06-12 08:00 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-12 07:44 - 2013-07-11 10:00 - 00000000 ____D C:\Windows\system32\MRT
2015-06-12 07:39 - 2009-12-09 13:35 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-12 07:25 - 2014-12-11 14:19 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-12 07:25 - 2014-04-24 17:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-08 08:40 - 2011-03-10 09:02 - 00000000 ____D C:\ProgramData\Skype
2015-06-06 08:54 - 2015-01-29 08:59 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-06 08:54 - 2015-01-29 08:59 - 00000000 ____D C:\Program Files\CCleaner
2015-06-04 20:20 - 2015-04-21 07:07 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\vlc
2015-06-03 11:02 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\rescache
2015-06-03 07:56 - 2013-04-23 07:58 - 00000000 ____D C:\Users\saijyotika\Documents\Cucusoft
2015-05-29 11:29 - 2014-09-20 05:45 - 00000000 ___RD C:\Program Files (x86)\Skype
 
==================== Files in the root of some directories =======
 
2015-06-23 14:09 - 2015-06-23 14:09 - 1415680 _____ (wj32) C:\Program Files\4DBKT20F.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 1415680 _____ (wj32) C:\Program Files\5ECLU3CR.exe
2015-06-23 15:24 - 2015-06-23 15:24 - 1415680 _____ (wj32) C:\Program Files\CAJSKZ8N.exe
2015-06-23 17:01 - 2015-06-23 17:01 - 1415680 _____ (wj32) C:\Program Files\HKZX6FDS.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 1415680 _____ (wj32) C:\Program Files\JS1A8HKU.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 1415680 _____ (wj32) C:\Program Files\JSKZ8HFU.exe
2015-06-23 14:05 - 2015-06-23 14:05 - 1415680 _____ (wj32) C:\Program Files\PTMF81UA.exe
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.dat
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.tif
2015-05-16 08:52 - 2015-06-22 11:29 - 0000024 _____ () C:\Users\saijyotika\AppData\Roaming\appdataFr25.bin
2012-08-01 18:10 - 2012-08-01 18:14 - 0053696 _____ () C:\Users\saijyotika\AppData\Roaming\Debut.dmp
2010-06-09 11:30 - 2010-06-09 16:14 - 0000235 _____ () C:\Users\saijyotika\AppData\Roaming\devices.xml
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH () C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2010-06-09 11:30 - 2010-06-09 16:14 - 0000012 _____ () C:\Users\saijyotika\AppData\Roaming\settings.xml
2014-07-31 06:31 - 2015-02-19 10:31 - 0000104 _____ () C:\Users\saijyotika\AppData\Roaming\WB.CFG
2010-08-12 09:29 - 2013-06-10 20:52 - 0036864 _____ () C:\Users\saijyotika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-11-20 22:50 - 2013-04-25 18:02 - 0004096 ____H () C:\Users\saijyotika\AppData\Local\keyfile3.drm
2011-03-06 16:38 - 2012-04-13 18:43 - 0007607 _____ () C:\Users\saijyotika\AppData\Local\resmon.resmoncfg
2015-05-16 12:20 - 2015-05-16 12:20 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\Temp.dat
2011-11-12 21:08 - 2011-11-12 21:08 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{1F2AB4A1-E313-40AA-9B6F-29EB251BAAFC}
2011-11-04 18:38 - 2011-11-04 18:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{276A830F-4910-4E12-BB79-8B023095E8BF}
2011-05-21 14:04 - 2011-05-21 14:05 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{27A44C4E-4902-4952-909C-DCCC9DF48261}
2011-05-23 11:54 - 2011-05-23 11:54 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{33805E63-373D-433A-9E67-F2B21498DB78}
2011-11-22 19:45 - 2011-11-22 19:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{5AEB4708-779A-44E0-9FC4-6372C028CD02}
2011-11-18 23:55 - 2011-11-18 23:55 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{77FB61F3-2B43-4B84-B363-5F73A1BACE57}
2011-05-21 14:15 - 2011-05-21 14:16 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{919F015F-0DA8-4B6C-9829-55FE212F0EB3}
2015-02-04 18:40 - 2015-02-04 18:40 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{97E823C2-0E53-4C9B-8769-EB67EBA43A68}
2011-08-18 14:24 - 2011-08-18 14:24 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A6C30661-5DEE-4869-80CE-570C30209333}
2012-01-30 13:38 - 2012-01-30 13:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A73018EF-DFA7-4DA4-B59B-F9A7D4522813}
2011-07-04 09:14 - 2011-07-04 09:14 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A9747031-F7D4-409D-8AB4-06B2F2626F59}
2011-11-13 08:04 - 2011-11-13 08:04 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{AE40C17C-1B15-4D9C-B978-C85EEB63FFD5}
2011-10-21 10:07 - 2011-10-21 10:07 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{B4B420C1-B0BF-49ED-9DF3-D2520E7146C8}
2012-01-30 13:37 - 2012-01-30 13:37 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C1140E17-1EE9-47DA-8AAA-AB472BE6C48C}
2011-11-03 08:45 - 2011-11-03 08:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C5B7C6CE-0515-4AD0-B487-C38E0F47AF4B}
2012-01-04 18:21 - 2012-01-04 18:21 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{CF49B7B1-7436-4237-917F-21312EA98085}
2011-07-03 17:16 - 2011-07-03 17:17 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{D1019BFE-6056-4011-B13E-9B2636E4F789}
2011-09-11 20:23 - 2011-09-11 20:23 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{FFFE9FFE-7F05-4B4A-838D-CA33349AC20D}
2015-06-23 16:35 - 2015-06-23 16:35 - 0324652 _____ () C:\ProgramData\1435057034.bdinstall.bin
2015-06-23 16:49 - 2015-06-23 16:49 - 0037823 _____ () C:\ProgramData\1435058361.bdinstall.bin
2015-06-23 16:50 - 2015-06-23 16:50 - 0098892 _____ () C:\ProgramData\1435058366.bdinstall.bin
2015-06-23 17:06 - 2015-06-23 17:06 - 0045521 _____ () C:\ProgramData\1435059351.bdinstall.bin
2015-06-23 17:07 - 2015-06-23 17:07 - 0000189 _____ () C:\ProgramData\1435059440.3464.bin
2015-06-23 17:07 - 2015-06-23 17:07 - 0002060 _____ () C:\ProgramData\1435059440.480.bin
2015-06-23 17:07 - 2015-06-23 17:07 - 0042930 _____ () C:\ProgramData\1435059440.5052.bin
2015-06-23 17:10 - 2015-06-23 17:10 - 0193828 _____ () C:\ProgramData\1435059568.bdinstall.bin
2013-06-06 15:36 - 2013-06-06 15:36 - 0000140 _____ () C:\ProgramData\defraggler_list.txt
2011-02-15 11:19 - 2011-02-15 11:19 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-06-07 08:29 - 2011-06-07 08:29 - 0000145 ____H () C:\ProgramData\hpothb07.dat
2011-06-07 08:29 - 2011-06-07 08:29 - 0000255 ____H () C:\ProgramData\hpothb07.tif
2013-02-20 11:51 - 2013-07-17 10:08 - 0016502 _____ () C:\ProgramData\hpzinstall.log
2011-02-28 13:20 - 2011-02-28 13:20 - 0004900 _____ () C:\ProgramData\hvcatrnw.tht
 
Files to move or delete:
====================
C:\ProgramData\hpothb07.dat
C:\Users\Public\hpothb07.dat
C:\Users\saijyotika\hpothb07.dat
 
 
Some files in TEMP:
====================
C:\Users\saijyotika\AppData\Local\Temp\cdo3655539098.dll
C:\Users\saijyotika\AppData\Local\Temp\cdo522972452.dll
C:\Users\saijyotika\AppData\Local\Temp\HitmanPro.exe
C:\Users\saijyotika\AppData\Local\Temp\mpam-4eee1d54.exe
C:\Users\saijyotika\AppData\Local\Temp\Quarantine.exe
C:\Users\saijyotika\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-23 18:28
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by saijyotika at 2015-06-24 02:11:10
Running from C:\Users\saijyotika\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3934694455-2046814312-3196483240-500 - Administrator - Disabled)
Guest (S-1-5-21-3934694455-2046814312-3196483240-501 - Limited - Disabled)
saijyotika (S-1-5-21-3934694455-2046814312-3196483240-1000 - Administrator - Enabled) => C:\Users\saijyotika
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
BufferChm (x32 Version: 130.0.327.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Diagnostic Tool for the Microsoft VM (HKLM-x32\...\{86844E31-42CC-49C8-B647-7213009F4719}) (Version: 1.2.40329.00 - Microsoft)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Chrome (HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth (HKLM-x32\...\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
GPBaseService2 (x32 Version: 130.0.367.000 - Hewlett-Packard) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Scanjet 2400 (HKLM\...\{7B604AC7-B496-473F-A17C-489398E38BEA}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hpg2410 (x32 Version: 14.0.0.0 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.367.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Gadgets for Windows SideShow (HKLM-x32\...\{3DCF21FE-A8CB-41DE-AEA3-D5FBEF108CD5}) (Version: 1.0.7252.0 - Microsoft Corporation)
Microsoft Office PowerPoint Remote (HKLM-x32\...\{21550042-EA9F-4419-A8D7-DF732DCEB76E}) (Version: 1.0.7252.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nitro Reader 3 (HKLM\...\{4436B9BD-CA66-4D69-9091-2D2EB62F09AD}) (Version: 3.5.2.10 - Nitro)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
pdfforge Toolbar v4.6 (HKLM-x32\...\{E6098043-1183-4580-89EF-423CBF807188}) (Version: 4.6 - Spigot, Inc.) <==== ATTENTION
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ShareIns (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 130.0.369.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.128.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\saijyotika\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\saijyotika\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
15-05-2015 16:03:35 Windows Update
17-05-2015 06:30:56 Windows Update
20-05-2015 09:49:53 Windows Update
20-05-2015 17:12:37 Windows Update
24-05-2015 09:03:01 Windows Update
28-05-2015 06:51:59 Windows Update
02-06-2015 07:07:05 Windows Update
05-06-2015 09:53:55 Windows Update
09-06-2015 06:22:56 Windows Update
11-06-2015 18:38:15 Windows Update
12-06-2015 07:22:10 Windows Update
12-06-2015 07:37:59 Windows Update
15-06-2015 10:43:05 Windows Update
18-06-2015 11:32:56 Windows Update
22-06-2015 09:18:40 Windows Update
22-06-2015 09:34:58 Checkpoint by HitmanPro
22-06-2015 09:36:23 Checkpoint by HitmanPro
22-06-2015 14:23:04 Removed Samsung Kies3
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 18:04 - 2006-09-19 03:07 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009} - System32\Tasks\{D70652D8-538B-44D1-A26B-4EAF6359B513} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {05466467-526D-43DF-B8A5-443E0112F757} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {0C9BAAB4-4DC8-4D96-9977-EC1CEDD98E6E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3934694455-2046814312-3196483240-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {0DC527DC-B055-4F32-B2BD-370E1B8DEA8F} - System32\Tasks\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8} => pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files (x86)\InterVideo\WinDVD\Uninst.isu"
Task: {1999A20F-5D54-476B-973C-37830BD5E039} - System32\Tasks\{56263581-B2C3-412D-98EF-FAB3F852C3F2} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\solutoinstaller.exe -d C:\Users\saijyotika\Desktop\Downloads
Task: {25279F6B-1FC4-4DFA-A80D-1AAD92263AF7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3934694455-2046814312-3196483240-1000UA => C:\Users\saijyotika\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {284D2FDF-3FD0-40A7-8739-AAB8B2235107} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - saijyotika => C:\Program Files\Windows Calendar\WinCal.exe
Task: {2AB24CA0-AF6E-4F5B-9606-38A1465620E3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
Task: {31880E2F-980B-4427-ACEC-A985164233C9} - System32\Tasks\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {333B0A07-20CC-4034-9FC3-A2B0E3D17C06} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
Task: {3BCA3028-666D-476E-A4CC-D06C8B678B8E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {3F03FEBC-F790-44E8-90AB-EFA00165FDA6} - System32\Tasks\{BC004276-8B44-44A7-A063-FC3F2A141A98} => pcalua.exe -a C:\Users\saijyotika\Downloads\msicu.exe -d C:\Users\saijyotika\Downloads
Task: {44ADCD33-18D5-4E5D-A8B9-665ADB612A85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-15] (Adobe Systems Incorporated)
Task: {46E9769B-8010-47B2-8948-00A59113300B} - System32\Tasks\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3} => Chrome.exe http://www.skype.com...38;LastError=-3
Task: {4AC9C05B-0A8B-4AD8-B783-B28135E969A8} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {4BBD77E2-CDD8-46AB-A318-2BC00F855834} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3934694455-2046814312-3196483240-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {55C5C643-0BE9-4CD8-8FE8-B882C652970E} - System32\Tasks\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {5D5ABB35-707C-4962-9CA3-BC5A84FBAB02} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-09] (Piriform Ltd)
Task: {5D65F921-4847-45E4-A0EE-8564CFF28DE7} - System32\Tasks\{3305BA6C-87A8-45AC-A134-A67535231164} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\64bit_Vista_Win7_R266.exe -d C:\Windows\system32
Task: {5F842E90-D010-4FD8-8E0C-5E1B2C424373} - System32\Tasks\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD} => pcalua.exe -a "C:\Users\saijyotika\Downloads\chromeinstall-8u40 (1).exe" -d C:\Users\saijyotika\Downloads
Task: {68B69077-D72A-4D27-BC5E-4D546912E1E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3934694455-2046814312-3196483240-1000Core => C:\Users\saijyotika\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {690991EA-A416-484D-9C9E-897ADA72490E} - System32\Tasks\{9AF16205-6971-47A7-814F-792E1ECFABF1} => pcalua.exe -a "C:\Program Files (x86)\V2 Corporation\vmuvc\wmpcdcs8.exe" -d "C:\Program Files (x86)\V2 Corporation\vmuvc"
Task: {6BAB9E7F-BDA8-453A-883E-6A2A8C25C4BE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {6C074F4E-5077-4910-B362-3546EC84DEEE} - System32\Tasks\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8} => pcalua.exe -a C:\Users\saijyotika\Downloads\SetupDVDDecrypter_3.5.4.0.exe -d C:\Users\saijyotika\Downloads
Task: {6CFFEB01-DD41-4586-8399-0452402DF4A9} - System32\Tasks\{73D761BC-6A5E-4912-88B4-5649A810DC66} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {719E9847-344C-4820-BCED-8FFECB28AD52} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F} - System32\Tasks\{783F347B-BA43-42F5-8345-09A16E7A37B0} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {75B0A16A-E0E9-4A80-990E-FDED77B4D961} - System32\Tasks\{A29518F9-CE72-488B-9C5F-47EAC825C7F4} => pcalua.exe -a C:\Users\saijyotika\Desktop\R220849\Setup.exe -d C:\Users\saijyotika\Desktop\R220849
Task: {7823AE4A-B827-4D80-A3C5-E1F20493808D} - System32\Tasks\{068D93AE-4654-428F-A625-E03EB695F1E6} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\Debut\uninst.exe"
Task: {7E6117D8-3EC5-4982-90E0-EB66943AA7BD} - System32\Tasks\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3} => Chrome.exe http://www.skype.com...LastError=12002
Task: {7E98DED5-7B36-44ED-8DF1-1290F636E6EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {8FF90337-29F9-4AC0-9363-CB37C67DCD25} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
Task: {9E79362A-B32D-483C-899A-5CF943A47E85} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {A28BA13C-AB34-48A2-89D0-CD9DDDA648E0} - System32\Tasks\{83A4760B-8E7A-4B78-98C3-C0304D07B18D} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A2FD0EAE-9244-40AA-A210-DA86E5D98FBD} - System32\Tasks\{B8F4C49B-89A7-4BEC-8ABB-94F499304097} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A7C95505-3061-4856-A0CA-766AC0361408} - System32\Tasks\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E} => pcalua.exe -a C:\Users\saijyotika\Desktop\setup_basic_2436.exe -d C:\Users\saijyotika\Desktop
Task: {AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D} - System32\Tasks\{162316C4-CEF1-4B16-B4C1-BBB5028845FA} => pcalua.exe -a C:\Users\saijyotika\Downloads\shabdanjali\stardict-2.4.7.exe -d C:\Users\saijyotika\Downloads\shabdanjali
Task: {AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10} - System32\Tasks\{A74E32F8-4462-4A1D-B578-190B7F2FB16E} => pcalua.exe -a C:\Users\saijyotika\AppData\Local\Temp\Temp2_pres$1coin_2007.zip\setup.exe
Task: {B50FC28A-3521-4A61-B2DD-DEC4F0441A54} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-02-24] (Microsoft Corporation)
Task: {B541EA42-FDED-4F7C-820E-0261BC954CBC} - System32\Tasks\{9E26A334-76A7-4146-8DAF-CD1310BC3795} => Chrome.exe http://www.skype.com...LastError=12007
Task: {C3B99FE9-EB69-4DD0-84C7-65682B8971CB} - System32\Tasks\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E} => pcalua.exe -a "C:\Program Files (x86)\Windows Live Safety Center\wlschost.exe" -c -Uninstall
Task: {C59E12E6-A263-4AC2-B848-8859EFD4F897} - System32\Tasks\{2678F4D3-9EBC-4D45-8B2D-1E66C117B208} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)
Task: {CEAA3929-26DE-4791-96E9-2E5D85938AE1} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe
Task: {DE671C81-C95D-40CB-8785-7C3D4E9D911F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {DFC055A3-8F34-4A4E-B08F-1675E6AF8EC0} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {EFDEC4A3-6E31-4514-B140-3014BCD7B695} - System32\Tasks\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F} => Chrome.exe http://www.skype.com...38;LastError=-3
Task: {FF06690E-091D-44A6-A4D5-77485A257999} - System32\Tasks\{2798662F-98DB-4DB6-9047-DAA0971D3F3E} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-02] (Skype Technologies S.A.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3934694455-2046814312-3196483240-1000Core.job => C:\Users\saijyotika\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3934694455-2046814312-3196483240-1000UA.job => C:\Users\saijyotika\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-06-23 17:10 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2015-06-23 17:10 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2015-06-23 15:58 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-06-23 15:58 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-06-23 14:31 - 2015-06-20 11:16 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\saijyotika\Desktop\msert.exe:BDU
AlternateDataStreams: C:\Users\saijyotika\Downloads\FRST64.exe:BDU
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 119.235.48.3 - 119.235.48.2
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dell Remote Access.lnk => C:\Windows\pss\Dell Remote Access.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrettyRun.lnk => C:\Windows\pss\PrettyRun.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^saijyotika^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopEarth AutoStart.lnk => C:\Windows\pss\DesktopEarth AutoStart.lnk.Startup
MSCONFIG\startupfolder: C:^Users^saijyotika^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopEarth.lnk => C:\Windows\pss\DesktopEarth.lnk.Startup
MSCONFIG\startupfolder: C:^Users^saijyotika^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MouseFix.exe => C:\Windows\pss\MouseFix.exe.Startup
MSCONFIG\startupfolder: C:^Users^saijyotika^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^saijyotika^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^The Simpsons Unleashed.lnk => C:\Windows\pss\The Simpsons Unleashed.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_TRAY => C:\Program Files (x86)\AVG\AVG10\avgtray.exe
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: Google Update => "C:\Users\saijyotika\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LockStatusTray => C:\Windows\LockStatusTray.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\system32\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RegistryMechanic => C:\Program Files (x86)\Registry Mechanic\RMTray.exe /H
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: Search Protection => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Share-to-Web Namespace Daemon => C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Win7_Upgrade => C:\Users\saijyotika\AppData\Local\DellWin7Upgrade\Win7_Upgrade_Start.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
MSCONFIG\startupreg: YSearchProtection => "C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{A7538CA8-4934-4062-BC5B-1CC9021CB20F}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{E695C1F0-F80B-4724-9CAA-8AA25360D46C}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{22D884AD-3A33-4BBC-90D2-F385494DD8BD}] => (Allow) svchost.exe
FirewallRules: [{16516192-AC86-428A-A6E1-58BB6C784C65}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{047AAC41-22B0-482F-9B37-7C1685C254BB}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{9E230C5E-8428-41B5-9C8A-780259F8B6D0}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{82A3397C-532C-4168-92CC-9F54F0F47633}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{330D6957-FC86-4675-BA26-F6F6CDD9602F}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{E93A2CC5-9CDD-4491-A874-72397137EDC5}] => (Allow) C:\Users\saijyotika\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{7CE0D8FE-9A29-4946-ABCE-AF191522D840}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{32D0F626-F867-42A9-A261-880C9CFB64DC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B27C0C95-1009-4C4A-A1B2-73FFBC5490FA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5CDC289C-FF46-4789-865A-335AC5F16B4F}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{667C84A8-9189-4549-B9F0-1D7C58558CE1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{70380C8E-218D-49E2-9653-4272EC66F440}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{354B0B60-29D8-4043-B1F2-035CCD7DBA40}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{C6719191-4BBB-473A-AA38-98199BED3818}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{508DB546-5F59-4BAB-A485-8AADD2C46668}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{CF27C362-1E0D-44E3-BE40-B5B147BE4082}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\hp software update\hpwucli.exe
FirewallRules: [{96AA6883-B279-46C6-B531-3DC5A67C633D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1A34F091-0EAB-4146-BBD5-B2EBB15502F9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FE210536-8093-4473-8E5C-8B2001BB968D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C7E993FA-6C4B-4E79-A0E8-284CD371CD5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{23E2DDA5-C599-4F41-A0A3-1250C611D7B7}] => (Allow) LPort=2869
FirewallRules: [{9D508EE0-4D39-4ABE-BEB4-27C7783DD5F9}] => (Allow) LPort=1900
FirewallRules: [{DA97AACB-3FEA-4BF3-BA2C-079CA34244C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/23/2015 04:39:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program gziface.exe version 1.0.21.1099 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 8e0
 
Start Time: 01d0ada4bf2d0c3a
 
Termination Time: 11
 
Application Path: C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
 
Report Id: 486968e5-1998-11e5-84c5-002564827095
 
 
System errors:
=============
Error: (06/24/2015 01:50:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Volume Shadow Copy Service service failed to start due to the following error: 
%%1053
 
Error: (06/24/2015 01:50:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy Service service to connect.
 
Error: (06/23/2015 06:00:08 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer WININDIA5
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DF9F7C96-B51D-47FC-AC8A-3C46401AE9E6}.
The master browser is stopping or an election is being forced.
 
Error: (06/23/2015 05:48:07 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer WININDIA5
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DF9F7C96-B51D-47FC-AC8A-3C46401AE9E6}.
The master browser is stopping or an election is being forced.
 
Error: (06/23/2015 05:36:07 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer WININDIA5
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{DF9F7C96-B51D-47FC-AC8A-3C46401AE9E6}.
The master browser is stopping or an election is being forced.
 
Error: (06/23/2015 05:30:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Volume Shadow Copy Service service failed to start due to the following error: 
%%1053
 
Error: (06/23/2015 05:30:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy Service service to connect.
 
Error: (06/23/2015 05:29:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:19:17 PM on ‎6/‎23/‎2015 was unexpected.
 
Error: (06/23/2015 05:13:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
 
Error: (06/23/2015 05:12:35 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The MBAMService service depends the following service: MBAMProtector. This service might not be installed.
 
 
Microsoft Office:
=========================
Error: (06/23/2015 04:39:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gziface.exe1.0.21.10998e001d0ada4bf2d0c3a11C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe486968e5-1998-11e5-84c5-002564827095
 
 
CodeIntegrity Errors:
===================================
  Date: 2009-12-03 21:07:13.766
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2009-12-03 21:07:13.735
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2009-12-03 21:07:13.672
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2009-12-03 21:07:13.610
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2009-12-03 21:07:13.532
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E7500 @ 2.93GHz
Percentage of memory in use: 43%
Total physical RAM: 4086.12 MB
Available physical RAM: 2289.3 MB
Total Pagefile: 8170.44 MB
Available Pagefile: 6026.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (Jyotika Naru) (Fixed) (Total:283.04 GB) (Free:227.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:15 GB) (Free:14.85 GB) NTFS
Drive e: (VolumeLabel) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 10000000)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)
 
==================== End of log ============================
 
 
 

Attached Files


  • 0

Advertisements


#2
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,215 posts


Hi jyotikanaru,

Welcome to Geeks to Go. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:
  • Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
  • All of the assistants and staff at Geeks to Go are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date. That being said, please notice the following Geeks to Go rule:
  • Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
  • Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
  • If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
  • While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
  • Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
  • Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.


- Save ALL Tools to your Desktop-


All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Quoted from and used by permission of BrianDrab. Thank you.


Let's get started....

Formalities out of the way....

Are you saying that BitDefender Free and / or Malwarebytes' Antimalware will not run / load / scan at all?

(I am reviewing the logs and will return shortly.)
  • 0

#3
jyotikanaru

jyotikanaru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Hi jyotikanaru,

Welcome to Geeks to Go. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

  • Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
  • All of the assistants and staff at Geeks to Go are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date. That being said, please notice the following Geeks to Go rule:
  • Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
  • Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
  • If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
  • While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
  • Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
  • Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.


- Save ALL Tools to your Desktop-

 

All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Quoted from and used by permission of BrianDrab. Thank you.


Let's get started....

Formalities out of the way....

Are you saying that BitDefender Free and / or Malwarebytes' Antimalware will not run / load / scan at all?

(I am reviewing the logs and will return shortly.)

 

   

First the problem encountered with MS Security Essentials. I was unable to scan the system or update the antivirus. Also, there was no real time protection. I uninstalled the MS SE. and reinstalled couple of times but same problem.

 

I also installed Avast, AVG antivirus, Bitdefender. Same Problem. I am unable to scan with antivirus and unable to update. Simple the antivirus does not respond.

 

Thanks.


  • 0

#4
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,215 posts

Thank you for the reply. We need to make sure of what we are dealing with here.

File Scanner
There are some files I need you to upload for checking

  • Please go to VirusTotal.com FREE on-line scan service
  • Click on the "Choose file" box in the middle of the page
  • Using the File Upload window that opens, navigate to a file on the list below
    • C:\Windows\explorer.exe
    • C:\Windows\SysWOW64\explorer.exe
    • C:\Windows\System32\svchost.exe
    • C:\Windows\SysWOW64\svchost.exe
    • C:\Windows\System32\userinit.exe
    • C:\Windows\SysWOW64\userinit.exe
  • Click on the Upload button and then the Scan It! button on the main VirusTotal web page.
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, left click on the Address bar of your browser (this should select the entire address of the web page with the scan results), right click on the highlighted address and select Copy.
  • Paste the copied address in your next reply.

Thank you.

 

If these come back clean, I will post the Fixlist script next.


  • 0

#5
jyotikanaru

jyotikanaru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
 
 
 
 
 

  • 0

#6
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,215 posts

Thank you for the VirusTotal scans / links. There was a hint in one of the malware research results that pointed to a true virus infection; we just needed to be sure before moving on.
 

FIRST >>>>

Please go to START (Windows Orb) >> Control Panel >> Uninstall a Program or Programs and Features and remove the following (if listed):

pdfforge Toolbar v4.6
Yahoo! Detect


To do so, left clicking on the name once and then click Uninstall/Change at the bar above the list window.

Follow the prompts of the uninstaller BUT please read carefully any questions it asks before answering; some uninstallers will try and deceive you into keeping the software.


SECOND >>>>

Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
 

Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Run: [GoogleChromeAutoLaunch_DDA0BB41EE412DD5FED2E787CB077A19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b.lnk [2015-06-05]
ShortcutTarget: b.lnk -> C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF Extension: YouTube Video Downloader - For Context Menu - C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected] [2015-05-20]
CHR Extension: (Bouncy Mouse) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb [2015-06-23]
CHR Extension: (Google Search) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-23]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
Task: {008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009} - System32\Tasks\{D70652D8-538B-44D1-A26B-4EAF6359B513} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {0DC527DC-B055-4F32-B2BD-370E1B8DEA8F} - System32\Tasks\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8} => pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files (x86)\InterVideo\WinDVD\Uninst.isu"
Task: {1999A20F-5D54-476B-973C-37830BD5E039} - System32\Tasks\{56263581-B2C3-412D-98EF-FAB3F852C3F2} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\solutoinstaller.exe -d C:\Users\saijyotika\Desktop\Downloads
Task: {31880E2F-980B-4427-ACEC-A985164233C9} - System32\Tasks\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {3F03FEBC-F790-44E8-90AB-EFA00165FDA6} - System32\Tasks\{BC004276-8B44-44A7-A063-FC3F2A141A98} => pcalua.exe -a C:\Users\saijyotika\Downloads\msicu.exe -d C:\Users\saijyotika\Downloads
Task: {46E9769B-8010-47B2-8948-00A59113300B} - System32\Tasks\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3} => Chrome.exe http://www.skype.com...38;LastError=-3
Task: {55C5C643-0BE9-4CD8-8FE8-B882C652970E} - System32\Tasks\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {5D65F921-4847-45E4-A0EE-8564CFF28DE7} - System32\Tasks\{3305BA6C-87A8-45AC-A134-A67535231164} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\64bit_Vista_Win7_R266.exe -d C:\Windows\system32
Task: {5F842E90-D010-4FD8-8E0C-5E1B2C424373} - System32\Tasks\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD} => pcalua.exe -a "C:\Users\saijyotika\Downloads\chromeinstall-8u40 (1).exe" -d C:\Users\saijyotika\Downloads
Task: {690991EA-A416-484D-9C9E-897ADA72490E} - System32\Tasks\{9AF16205-6971-47A7-814F-792E1ECFABF1} => pcalua.exe -a "C:\Program Files (x86)\V2 Corporation\vmuvc\wmpcdcs8.exe" -d "C:\Program Files (x86)\V2 Corporation\vmuvc"
Task: {6C074F4E-5077-4910-B362-3546EC84DEEE} - System32\Tasks\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8} => pcalua.exe -a C:\Users\saijyotika\Downloads\SetupDVDDecrypter_3.5.4.0.exe -d C:\Users\saijyotika\Downloads
Task: {6CFFEB01-DD41-4586-8399-0452402DF4A9} - System32\Tasks\{73D761BC-6A5E-4912-88B4-5649A810DC66} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F} - System32\Tasks\{783F347B-BA43-42F5-8345-09A16E7A37B0} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {75B0A16A-E0E9-4A80-990E-FDED77B4D961} - System32\Tasks\{A29518F9-CE72-488B-9C5F-47EAC825C7F4} => pcalua.exe -a C:\Users\saijyotika\Desktop\R220849\Setup.exe -d C:\Users\saijyotika\Desktop\R220849
Task: {7823AE4A-B827-4D80-A3C5-E1F20493808D} - System32\Tasks\{068D93AE-4654-428F-A625-E03EB695F1E6} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\Debut\uninst.exe"
Task: {7E6117D8-3EC5-4982-90E0-EB66943AA7BD} - System32\Tasks\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A28BA13C-AB34-48A2-89D0-CD9DDDA648E0} - System32\Tasks\{83A4760B-8E7A-4B78-98C3-C0304D07B18D} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A2FD0EAE-9244-40AA-A210-DA86E5D98FBD} - System32\Tasks\{B8F4C49B-89A7-4BEC-8ABB-94F499304097} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A7C95505-3061-4856-A0CA-766AC0361408} - System32\Tasks\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E} => pcalua.exe -a C:\Users\saijyotika\Desktop\setup_basic_2436.exe -d C:\Users\saijyotika\Desktop
Task: {AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D} - System32\Tasks\{162316C4-CEF1-4B16-B4C1-BBB5028845FA} => pcalua.exe -a C:\Users\saijyotika\Downloads\shabdanjali\stardict-2.4.7.exe -d C:\Users\saijyotika\Downloads\shabdanjali
Task: {AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10} - System32\Tasks\{A74E32F8-4462-4A1D-B578-190B7F2FB16E} => pcalua.exe -a C:\Users\saijyotika\AppData\Local\Temp\Temp2_pres$1coin_2007.zip\setup.exe
Task: {B541EA42-FDED-4F7C-820E-0261BC954CBC} - System32\Tasks\{9E26A334-76A7-4146-8DAF-CD1310BC3795} => Chrome.exe http://www.skype.com...LastError=12007
Task: {C3B99FE9-EB69-4DD0-84C7-65682B8971CB} - System32\Tasks\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E} => pcalua.exe -a "C:\Program Files (x86)\Windows Live Safety Center\wlschost.exe" -c -Uninstall
Task: {EFDEC4A3-6E31-4514-B140-3014BCD7B695} - System32\Tasks\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F} => Chrome.exe http://www.skype.com...38;LastError=-3
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\saijyotika\Desktop\msert.exe:BDU
AlternateDataStreams: C:\Users\saijyotika\Downloads\FRST64.exe:BDU
C:\Program Files (x86)\AVG
C:\Program Files (x86)\Common Files\Spigot
C:\Program Files (x86)\Internet Download Manager
C:\Program Files (x86)\NCH Software
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension
C:\Program Files (x86)\Yahoo!\Search Protection
C:\Program Files\kprocesshacker.sys
C:\ProgramData\hpothb07.dat
C:\Users\Public\hpothb07.dat
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
C:\Users\saijyotika\AppData\Local\Temp\cdo3655539098.dll
C:\Users\saijyotika\AppData\Local\Temp\cdo522972452.dll
C:\Users\saijyotika\AppData\Local\Temp\HitmanPro.exe
C:\Users\saijyotika\AppData\Local\Temp\mpam-4eee1d54.exe
C:\Users\saijyotika\AppData\Local\Temp\Quarantine.exe
C:\Users\saijyotika\AppData\Local\Temp\sqlite3.dll
C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected]
C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
C:\Users\saijyotika\hpothb07.dat
C:\Windows\system32\DRIVERS\BAPIDRV64.sys
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.dat
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.tif
2011-05-21 14:04 - 2011-05-21 14:05 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{27A44C4E-4902-4952-909C-DCCC9DF48261}
2011-05-21 14:15 - 2011-05-21 14:16 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{919F015F-0DA8-4B6C-9829-55FE212F0EB3}
2011-05-23 11:54 - 2011-05-23 11:54 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{33805E63-373D-433A-9E67-F2B21498DB78}
2011-06-07 08:29 - 2011-06-07 08:29 - 0000145 ____H () C:\ProgramData\hpothb07.dat
2011-06-07 08:29 - 2011-06-07 08:29 - 0000255 ____H () C:\ProgramData\hpothb07.tif
2011-07-03 17:16 - 2011-07-03 17:17 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{D1019BFE-6056-4011-B13E-9B2636E4F789}
2011-07-04 09:14 - 2011-07-04 09:14 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A9747031-F7D4-409D-8AB4-06B2F2626F59}
2011-08-18 14:24 - 2011-08-18 14:24 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A6C30661-5DEE-4869-80CE-570C30209333}
2011-09-11 20:23 - 2011-09-11 20:23 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{FFFE9FFE-7F05-4B4A-838D-CA33349AC20D}
2011-10-21 10:07 - 2011-10-21 10:07 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{B4B420C1-B0BF-49ED-9DF3-D2520E7146C8}
2011-11-03 08:45 - 2011-11-03 08:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C5B7C6CE-0515-4AD0-B487-C38E0F47AF4B}
2011-11-04 18:38 - 2011-11-04 18:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{276A830F-4910-4E12-BB79-8B023095E8BF}
2011-11-12 21:08 - 2011-11-12 21:08 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{1F2AB4A1-E313-40AA-9B6F-29EB251BAAFC}
2011-11-13 08:04 - 2011-11-13 08:04 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{AE40C17C-1B15-4D9C-B978-C85EEB63FFD5}
2011-11-18 23:55 - 2011-11-18 23:55 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{77FB61F3-2B43-4B84-B363-5F73A1BACE57}
2011-11-22 19:45 - 2011-11-22 19:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{5AEB4708-779A-44E0-9FC4-6372C028CD02}
2012-01-04 18:21 - 2012-01-04 18:21 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{CF49B7B1-7436-4237-917F-21312EA98085}
2012-01-30 13:37 - 2012-01-30 13:37 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C1140E17-1EE9-47DA-8AAA-AB472BE6C48C}
2012-01-30 13:38 - 2012-01-30 13:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A73018EF-DFA7-4DA4-B59B-F9A7D4522813}
2015-02-04 18:40 - 2015-02-04 18:40 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{97E823C2-0E53-4C9B-8769-EB67EBA43A68}
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH () C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2015-06-22 14:25 - 2011-03-09 00:36 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-06-22 14:25 - 2012-01-30 18:01 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-06-23 14:05 - 2015-06-23 14:05 - 01415680 _____ (wj32) C:\Program Files\PTMF81UA.exe
2015-06-23 14:09 - 2015-06-23 14:09 - 01415680 _____ (wj32) C:\Program Files\4DBKT20F.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\5ECLU3CR.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JS1A8HKU.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JSKZ8HFU.exe
2015-06-23 15:24 - 2015-06-23 15:24 - 01415680 _____ (wj32) C:\Program Files\CAJSKZ8N.exe
2015-06-23 16:01 - 2015-06-23 16:01 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\AVAST Software
2015-06-23 17:01 - 2015-06-23 17:01 - 1415680 _____ (wj32) C:\Program Files\HKZX6FDS.exe
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
Reboot:
end


NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Start FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait.

Press%20the%20FIX%20button_zpsdd5zi3mt.p

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 


  • 0

#7
jyotikanaru

jyotikanaru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by saijyotika at 2015-06-24 21:33:50 Run:1
Running from C:\Users\saijyotika\Desktop
Loaded Profiles: saijyotika (Available Profiles: saijyotika)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Run: [GoogleChromeAutoLaunch_DDA0BB41EE412DD5FED2E787CB077A19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b.lnk [2015-06-05]
ShortcutTarget: b.lnk -> C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF Extension: YouTube Video Downloader - For Context Menu - C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected] [2015-05-20]
CHR Extension: (Bouncy Mouse) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb [2015-06-23]
CHR Extension: (Google Search) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-23]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
Task: {008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009} - System32\Tasks\{D70652D8-538B-44D1-A26B-4EAF6359B513} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {0DC527DC-B055-4F32-B2BD-370E1B8DEA8F} - System32\Tasks\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8} => pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files (x86)\InterVideo\WinDVD\Uninst.isu"
Task: {1999A20F-5D54-476B-973C-37830BD5E039} - System32\Tasks\{56263581-B2C3-412D-98EF-FAB3F852C3F2} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\solutoinstaller.exe -d C:\Users\saijyotika\Desktop\Downloads
Task: {31880E2F-980B-4427-ACEC-A985164233C9} - System32\Tasks\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {3F03FEBC-F790-44E8-90AB-EFA00165FDA6} - System32\Tasks\{BC004276-8B44-44A7-A063-FC3F2A141A98} => pcalua.exe -a C:\Users\saijyotika\Downloads\msicu.exe -d C:\Users\saijyotika\Downloads
Task: {46E9769B-8010-47B2-8948-00A59113300B} - System32\Tasks\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3} => Chrome.exe http://www.skype.com...38;LastError=-3
Task: {55C5C643-0BE9-4CD8-8FE8-B882C652970E} - System32\Tasks\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {5D65F921-4847-45E4-A0EE-8564CFF28DE7} - System32\Tasks\{3305BA6C-87A8-45AC-A134-A67535231164} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\64bit_Vista_Win7_R266.exe -d C:\Windows\system32
Task: {5F842E90-D010-4FD8-8E0C-5E1B2C424373} - System32\Tasks\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD} => pcalua.exe -a "C:\Users\saijyotika\Downloads\chromeinstall-8u40 (1).exe" -d C:\Users\saijyotika\Downloads
Task: {690991EA-A416-484D-9C9E-897ADA72490E} - System32\Tasks\{9AF16205-6971-47A7-814F-792E1ECFABF1} => pcalua.exe -a "C:\Program Files (x86)\V2 Corporation\vmuvc\wmpcdcs8.exe" -d "C:\Program Files (x86)\V2 Corporation\vmuvc"
Task: {6C074F4E-5077-4910-B362-3546EC84DEEE} - System32\Tasks\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8} => pcalua.exe -a C:\Users\saijyotika\Downloads\SetupDVDDecrypter_3.5.4.0.exe -d C:\Users\saijyotika\Downloads
Task: {6CFFEB01-DD41-4586-8399-0452402DF4A9} - System32\Tasks\{73D761BC-6A5E-4912-88B4-5649A810DC66} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F} - System32\Tasks\{783F347B-BA43-42F5-8345-09A16E7A37B0} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {75B0A16A-E0E9-4A80-990E-FDED77B4D961} - System32\Tasks\{A29518F9-CE72-488B-9C5F-47EAC825C7F4} => pcalua.exe -a C:\Users\saijyotika\Desktop\R220849\Setup.exe -d C:\Users\saijyotika\Desktop\R220849
Task: {7823AE4A-B827-4D80-A3C5-E1F20493808D} - System32\Tasks\{068D93AE-4654-428F-A625-E03EB695F1E6} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\Debut\uninst.exe"
Task: {7E6117D8-3EC5-4982-90E0-EB66943AA7BD} - System32\Tasks\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A28BA13C-AB34-48A2-89D0-CD9DDDA648E0} - System32\Tasks\{83A4760B-8E7A-4B78-98C3-C0304D07B18D} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A2FD0EAE-9244-40AA-A210-DA86E5D98FBD} - System32\Tasks\{B8F4C49B-89A7-4BEC-8ABB-94F499304097} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A7C95505-3061-4856-A0CA-766AC0361408} - System32\Tasks\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E} => pcalua.exe -a C:\Users\saijyotika\Desktop\setup_basic_2436.exe -d C:\Users\saijyotika\Desktop
Task: {AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D} - System32\Tasks\{162316C4-CEF1-4B16-B4C1-BBB5028845FA} => pcalua.exe -a C:\Users\saijyotika\Downloads\shabdanjali\stardict-2.4.7.exe -d C:\Users\saijyotika\Downloads\shabdanjali
Task: {AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10} - System32\Tasks\{A74E32F8-4462-4A1D-B578-190B7F2FB16E} => pcalua.exe -a C:\Users\saijyotika\AppData\Local\Temp\Temp2_pres$1coin_2007.zip\setup.exe
Task: {B541EA42-FDED-4F7C-820E-0261BC954CBC} - System32\Tasks\{9E26A334-76A7-4146-8DAF-CD1310BC3795} => Chrome.exe http://www.skype.com...LastError=12007
Task: {C3B99FE9-EB69-4DD0-84C7-65682B8971CB} - System32\Tasks\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E} => pcalua.exe -a "C:\Program Files (x86)\Windows Live Safety Center\wlschost.exe" -c -Uninstall
Task: {EFDEC4A3-6E31-4514-B140-3014BCD7B695} - System32\Tasks\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F} => Chrome.exe http://www.skype.com...38;LastError=-3
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\saijyotika\Desktop\msert.exe:BDU
AlternateDataStreams: C:\Users\saijyotika\Downloads\FRST64.exe:BDU
C:\Program Files (x86)\AVG
C:\Program Files (x86)\Common Files\Spigot
C:\Program Files (x86)\Internet Download Manager
C:\Program Files (x86)\NCH Software
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension
C:\Program Files (x86)\Yahoo!\Search Protection
C:\Program Files\kprocesshacker.sys
C:\ProgramData\hpothb07.dat
C:\Users\Public\hpothb07.dat
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
C:\Users\saijyotika\AppData\Local\Temp\cdo3655539098.dll
C:\Users\saijyotika\AppData\Local\Temp\cdo522972452.dll
C:\Users\saijyotika\AppData\Local\Temp\HitmanPro.exe
C:\Users\saijyotika\AppData\Local\Temp\mpam-4eee1d54.exe
C:\Users\saijyotika\AppData\Local\Temp\Quarantine.exe
C:\Users\saijyotika\AppData\Local\Temp\sqlite3.dll
C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected]
C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
C:\Users\saijyotika\hpothb07.dat
C:\Windows\system32\DRIVERS\BAPIDRV64.sys
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.dat
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.tif
2011-05-21 14:04 - 2011-05-21 14:05 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{27A44C4E-4902-4952-909C-DCCC9DF48261}
2011-05-21 14:15 - 2011-05-21 14:16 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{919F015F-0DA8-4B6C-9829-55FE212F0EB3}
2011-05-23 11:54 - 2011-05-23 11:54 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{33805E63-373D-433A-9E67-F2B21498DB78}
2011-06-07 08:29 - 2011-06-07 08:29 - 0000145 ____H () C:\ProgramData\hpothb07.dat
2011-06-07 08:29 - 2011-06-07 08:29 - 0000255 ____H () C:\ProgramData\hpothb07.tif
2011-07-03 17:16 - 2011-07-03 17:17 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{D1019BFE-6056-4011-B13E-9B2636E4F789}
2011-07-04 09:14 - 2011-07-04 09:14 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A9747031-F7D4-409D-8AB4-06B2F2626F59}
2011-08-18 14:24 - 2011-08-18 14:24 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A6C30661-5DEE-4869-80CE-570C30209333}
2011-09-11 20:23 - 2011-09-11 20:23 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{FFFE9FFE-7F05-4B4A-838D-CA33349AC20D}
2011-10-21 10:07 - 2011-10-21 10:07 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{B4B420C1-B0BF-49ED-9DF3-D2520E7146C8}
2011-11-03 08:45 - 2011-11-03 08:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C5B7C6CE-0515-4AD0-B487-C38E0F47AF4B}
2011-11-04 18:38 - 2011-11-04 18:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{276A830F-4910-4E12-BB79-8B023095E8BF}
2011-11-12 21:08 - 2011-11-12 21:08 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{1F2AB4A1-E313-40AA-9B6F-29EB251BAAFC}
2011-11-13 08:04 - 2011-11-13 08:04 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{AE40C17C-1B15-4D9C-B978-C85EEB63FFD5}
2011-11-18 23:55 - 2011-11-18 23:55 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{77FB61F3-2B43-4B84-B363-5F73A1BACE57}
2011-11-22 19:45 - 2011-11-22 19:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{5AEB4708-779A-44E0-9FC4-6372C028CD02}
2012-01-04 18:21 - 2012-01-04 18:21 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{CF49B7B1-7436-4237-917F-21312EA98085}
2012-01-30 13:37 - 2012-01-30 13:37 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C1140E17-1EE9-47DA-8AAA-AB472BE6C48C}
2012-01-30 13:38 - 2012-01-30 13:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A73018EF-DFA7-4DA4-B59B-F9A7D4522813}
2015-02-04 18:40 - 2015-02-04 18:40 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{97E823C2-0E53-4C9B-8769-EB67EBA43A68}
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH () C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2015-06-22 14:25 - 2011-03-09 00:36 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-06-22 14:25 - 2012-01-30 18:01 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-06-23 14:05 - 2015-06-23 14:05 - 01415680 _____ (wj32) C:\Program Files\PTMF81UA.exe
2015-06-23 14:09 - 2015-06-23 14:09 - 01415680 _____ (wj32) C:\Program Files\4DBKT20F.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\5ECLU3CR.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JS1A8HKU.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JSKZ8HFU.exe
2015-06-23 15:24 - 2015-06-23 15:24 - 01415680 _____ (wj32) C:\Program Files\CAJSKZ8N.exe
2015-06-23 16:01 - 2015-06-23 16:01 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\AVAST Software
2015-06-23 17:01 - 2015-06-23 17:01 - 1415680 _____ (wj32) C:\Program Files\HKZX6FDS.exe
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
Reboot:
end
*****************
 
Error: (0) Failed to create a restore point.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_DDA0BB41EE412DD5FED2E787CB077A19 => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b.lnk not found.
C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected] => moved successfully.
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb => moved successfully.
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => moved successfully.
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully.
BAPIDRV => Service removed successfully
KProcessHacker2 => Service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009}" => key removed successfully
C:\Windows\System32\Tasks\{D70652D8-538B-44D1-A26B-4EAF6359B513} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D70652D8-538B-44D1-A26B-4EAF6359B513}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DC527DC-B055-4F32-B2BD-370E1B8DEA8F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DC527DC-B055-4F32-B2BD-370E1B8DEA8F}" => key removed successfully
C:\Windows\System32\Tasks\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1999A20F-5D54-476B-973C-37830BD5E039}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1999A20F-5D54-476B-973C-37830BD5E039}" => key removed successfully
C:\Windows\System32\Tasks\{56263581-B2C3-412D-98EF-FAB3F852C3F2} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{56263581-B2C3-412D-98EF-FAB3F852C3F2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31880E2F-980B-4427-ACEC-A985164233C9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31880E2F-980B-4427-ACEC-A985164233C9}" => key removed successfully
C:\Windows\System32\Tasks\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F03FEBC-F790-44E8-90AB-EFA00165FDA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F03FEBC-F790-44E8-90AB-EFA00165FDA6}" => key removed successfully
C:\Windows\System32\Tasks\{BC004276-8B44-44A7-A063-FC3F2A141A98} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC004276-8B44-44A7-A063-FC3F2A141A98}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46E9769B-8010-47B2-8948-00A59113300B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46E9769B-8010-47B2-8948-00A59113300B}" => key removed successfully
C:\Windows\System32\Tasks\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55C5C643-0BE9-4CD8-8FE8-B882C652970E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55C5C643-0BE9-4CD8-8FE8-B882C652970E}" => key removed successfully
C:\Windows\System32\Tasks\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D65F921-4847-45E4-A0EE-8564CFF28DE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D65F921-4847-45E4-A0EE-8564CFF28DE7}" => key removed successfully
C:\Windows\System32\Tasks\{3305BA6C-87A8-45AC-A134-A67535231164} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3305BA6C-87A8-45AC-A134-A67535231164}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F842E90-D010-4FD8-8E0C-5E1B2C424373}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F842E90-D010-4FD8-8E0C-5E1B2C424373}" => key removed successfully
C:\Windows\System32\Tasks\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{690991EA-A416-484D-9C9E-897ADA72490E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{690991EA-A416-484D-9C9E-897ADA72490E}" => key removed successfully
C:\Windows\System32\Tasks\{9AF16205-6971-47A7-814F-792E1ECFABF1} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9AF16205-6971-47A7-814F-792E1ECFABF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C074F4E-5077-4910-B362-3546EC84DEEE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C074F4E-5077-4910-B362-3546EC84DEEE}" => key removed successfully
C:\Windows\System32\Tasks\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CFFEB01-DD41-4586-8399-0452402DF4A9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CFFEB01-DD41-4586-8399-0452402DF4A9}" => key removed successfully
C:\Windows\System32\Tasks\{73D761BC-6A5E-4912-88B4-5649A810DC66} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{73D761BC-6A5E-4912-88B4-5649A810DC66}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F}" => key removed successfully
C:\Windows\System32\Tasks\{783F347B-BA43-42F5-8345-09A16E7A37B0} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{783F347B-BA43-42F5-8345-09A16E7A37B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75B0A16A-E0E9-4A80-990E-FDED77B4D961}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75B0A16A-E0E9-4A80-990E-FDED77B4D961}" => key removed successfully
C:\Windows\System32\Tasks\{A29518F9-CE72-488B-9C5F-47EAC825C7F4} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A29518F9-CE72-488B-9C5F-47EAC825C7F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7823AE4A-B827-4D80-A3C5-E1F20493808D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7823AE4A-B827-4D80-A3C5-E1F20493808D}" => key removed successfully
C:\Windows\System32\Tasks\{068D93AE-4654-428F-A625-E03EB695F1E6} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{068D93AE-4654-428F-A625-E03EB695F1E6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E6117D8-3EC5-4982-90E0-EB66943AA7BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E6117D8-3EC5-4982-90E0-EB66943AA7BD}" => key removed successfully
C:\Windows\System32\Tasks\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A28BA13C-AB34-48A2-89D0-CD9DDDA648E0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A28BA13C-AB34-48A2-89D0-CD9DDDA648E0}" => key removed successfully
C:\Windows\System32\Tasks\{83A4760B-8E7A-4B78-98C3-C0304D07B18D} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{83A4760B-8E7A-4B78-98C3-C0304D07B18D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2FD0EAE-9244-40AA-A210-DA86E5D98FBD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2FD0EAE-9244-40AA-A210-DA86E5D98FBD}" => key removed successfully
C:\Windows\System32\Tasks\{B8F4C49B-89A7-4BEC-8ABB-94F499304097} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B8F4C49B-89A7-4BEC-8ABB-94F499304097}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7C95505-3061-4856-A0CA-766AC0361408}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C95505-3061-4856-A0CA-766AC0361408}" => key removed successfully
C:\Windows\System32\Tasks\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D}" => key removed successfully
C:\Windows\System32\Tasks\{162316C4-CEF1-4B16-B4C1-BBB5028845FA} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{162316C4-CEF1-4B16-B4C1-BBB5028845FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10}" => key removed successfully
C:\Windows\System32\Tasks\{A74E32F8-4462-4A1D-B578-190B7F2FB16E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A74E32F8-4462-4A1D-B578-190B7F2FB16E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B541EA42-FDED-4F7C-820E-0261BC954CBC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B541EA42-FDED-4F7C-820E-0261BC954CBC}" => key removed successfully
C:\Windows\System32\Tasks\{9E26A334-76A7-4146-8DAF-CD1310BC3795} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9E26A334-76A7-4146-8DAF-CD1310BC3795}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3B99FE9-EB69-4DD0-84C7-65682B8971CB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3B99FE9-EB69-4DD0-84C7-65682B8971CB}" => key removed successfully
C:\Windows\System32\Tasks\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFDEC4A3-6E31-4514-B140-3014BCD7B695}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFDEC4A3-6E31-4514-B140-3014BCD7B695}" => key removed successfully
C:\Windows\System32\Tasks\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F}" => key removed successfully
C:\ProgramData\TEMP => ":5D432CE3" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
"C:\Users\saijyotika\Desktop\msert.exe" => ":BDU" ADS not found.
"C:\Users\saijyotika\Downloads\FRST64.exe" => ":BDU" ADS not found.
"C:\Program Files (x86)\AVG" => File/Folder not found.
"C:\Program Files (x86)\Common Files\Spigot" => File/Folder not found.
"C:\Program Files (x86)\Internet Download Manager" => File/Folder not found.
C:\Program Files (x86)\NCH Software => moved successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension => moved successfully.
"C:\Program Files (x86)\Yahoo!\Search Protection" => File/Folder not found.
"C:\Program Files\kprocesshacker.sys" => File/Folder not found.
C:\ProgramData\hpothb07.dat => moved successfully.
C:\Users\Public\hpothb07.dat => moved successfully.
"C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\cdo3655539098.dll" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\cdo522972452.dll" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\HitmanPro.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\mpam-4eee1d54.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\Quarantine.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\sqlite3.dll" => File/Folder not found.
"C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected]" => File/Folder not found.
"C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe" => File/Folder not found.
C:\Users\saijyotika\hpothb07.dat => moved successfully.
"C:\Windows\system32\DRIVERS\BAPIDRV64.sys" => File/Folder not found.
C:\Program Files (x86)\hpothb07.dat => moved successfully.
C:\Program Files (x86)\hpothb07.tif => moved successfully.
C:\Users\saijyotika\AppData\Local\{27A44C4E-4902-4952-909C-DCCC9DF48261} => moved successfully.
C:\Users\saijyotika\AppData\Local\{919F015F-0DA8-4B6C-9829-55FE212F0EB3} => moved successfully.
C:\Users\saijyotika\AppData\Local\{33805E63-373D-433A-9E67-F2B21498DB78} => moved successfully.
"C:\ProgramData\hpothb07.dat" => File/Folder not found.
C:\ProgramData\hpothb07.tif => moved successfully.
C:\Users\saijyotika\AppData\Local\{D1019BFE-6056-4011-B13E-9B2636E4F789} => moved successfully.
C:\Users\saijyotika\AppData\Local\{A9747031-F7D4-409D-8AB4-06B2F2626F59} => moved successfully.
C:\Users\saijyotika\AppData\Local\{A6C30661-5DEE-4869-80CE-570C30209333} => moved successfully.
C:\Users\saijyotika\AppData\Local\{FFFE9FFE-7F05-4B4A-838D-CA33349AC20D} => moved successfully.
C:\Users\saijyotika\AppData\Local\{B4B420C1-B0BF-49ED-9DF3-D2520E7146C8} => moved successfully.
C:\Users\saijyotika\AppData\Local\{C5B7C6CE-0515-4AD0-B487-C38E0F47AF4B} => moved successfully.
C:\Users\saijyotika\AppData\Local\{276A830F-4910-4E12-BB79-8B023095E8BF} => moved successfully.
C:\Users\saijyotika\AppData\Local\{1F2AB4A1-E313-40AA-9B6F-29EB251BAAFC} => moved successfully.
C:\Users\saijyotika\AppData\Local\{AE40C17C-1B15-4D9C-B978-C85EEB63FFD5} => moved successfully.
C:\Users\saijyotika\AppData\Local\{77FB61F3-2B43-4B84-B363-5F73A1BACE57} => moved successfully.
C:\Users\saijyotika\AppData\Local\{5AEB4708-779A-44E0-9FC4-6372C028CD02} => moved successfully.
C:\Users\saijyotika\AppData\Local\{CF49B7B1-7436-4237-917F-21312EA98085} => moved successfully.
C:\Users\saijyotika\AppData\Local\{C1140E17-1EE9-47DA-8AAA-AB472BE6C48C} => moved successfully.
C:\Users\saijyotika\AppData\Local\{A73018EF-DFA7-4DA4-B59B-F9A7D4522813} => moved successfully.
C:\Users\saijyotika\AppData\Local\{97E823C2-0E53-4C9B-8769-EB67EBA43A68} => moved successfully.
"C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe" => File/Folder not found.
C:\Windows\System32\Tasks\NCH Software => moved successfully.
"C:\Program Files (x86)\NCH Software" => File/Folder not found.
C:\Program Files\PTMF81UA.exe => moved successfully.
C:\Program Files\4DBKT20F.exe => moved successfully.
C:\Program Files\5ECLU3CR.exe => moved successfully.
C:\Program Files\JS1A8HKU.exe => moved successfully.
C:\Program Files\JSKZ8HFU.exe => moved successfully.
C:\Program Files\CAJSKZ8N.exe => moved successfully.
C:\Users\saijyotika\AppData\Roaming\AVAST Software => moved successfully.
C:\Program Files\HKZX6FDS.exe => moved successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  DEL %TEMP%\*.* /F /S /Q =========
 
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161248907_farbar-recovery-scan-tool.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\AdobeARM.log
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\DMI52E0.tmp
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\DMI88AF.tmp
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\farbar-recovery-scan-tool.exe
C:\Users\SAIJYO~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\gziface.log
C:\Users\SAIJYO~1\AppData\Local\Temp\gziface1.log
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\mpam-a4b0e18f.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\MpCmdRun.log
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\qs-en-utf16.txt
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\StructuredQuery.log
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161037599\istartsurf_distribution.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161037599\setup_gmsd_us.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161230448\istartsurf_distribution.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161230448\setup_gmsd_us.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\additional.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\additional.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\avcheck.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\avcheck.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdardrv.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdardrv.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdmetrics.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdmetrics.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.ini
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.ini.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.ipv4
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\contacts.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\contacts.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\detection.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzflt.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzflt.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzfltum.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzfltum.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\htmlayout.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\htmlayout.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\Installer.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\Installer.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\installerpackage.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\installerpackage.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x64.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x64.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x86.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x86.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\no_connection.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\no_connection.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\npcomm.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\npcomm.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\servers.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\servers.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\setuplauncher.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\setuplauncher.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\standalone.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\standalone.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\ThreatScanner.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\ThreatScanner.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\unrar64.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\unrar64.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update_config.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update_config.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\UserGuide.pdf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\UserGuide.pdf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wslib.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wslib.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wspack.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wspack.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wsutils.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wsutils.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\core\bdcore.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\core\bdcore.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ACA.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Ad-Aware.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Advanced_System_Protect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\alading.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\AntiVir.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\avast5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\AVG.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Avira.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\BackWeb-4476822.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\BBC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender 2011.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Anti-Theft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Bussiness Client.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Internet Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Total Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\BullGuard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\cciss.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\COMODO.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\DRWEB.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ESET.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\eTrust.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\F-Secure.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\G Data.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\GUIDs.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\JiangMin.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Kaspersky.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Kingsoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\kingsoftSafeguard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\kv antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Lavasoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\McAfee.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\MicroPoint.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Microsoft Security Essentials.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Mobile.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\MSC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Norman.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Norton.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\OfficeScan95.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\OfficeScanNT.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Panda.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\PC Tools.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Premium.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\qqpcmgr.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\qqprotect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Rav.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\RFW.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Ris.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\safeguard360.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ServerProtect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\SunBelt.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Trend Micro.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\VETWIN32Vp5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Virus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Webroot.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\WinSS.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ZoneAlarm.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow1.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow1.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow2.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow2.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\bdHtmlBox.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\bdHtmlBox.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\cpptexts.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\cpptexts.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\en-US.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\en-US.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text_en.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text_en.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\general.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\general.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpaph.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpaph.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpgeneric.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpgeneric.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpmalware.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpmalware.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\installer.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\installer.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\it-IT.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\it-IT.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml.online
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml.online.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\logs.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\logs.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\main.ui.css
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\main.ui.css.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\notifications.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\notifications.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm_p.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm_p.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\repair_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\repair_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\setup_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\setup_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\uninstall_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\uninstall_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\welcome.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\welcome.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_middle.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_middle.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\award.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\award.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\back.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\back.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_award_flow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_award_flow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_install_steps.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_install_steps.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_tall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_tall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_uninstall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_uninstall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bd_logo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bd_logo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_AlertWindow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_AlertWindow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_header_image.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_header_image.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_picture.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_picture.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\close.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\close.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\delete_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\delete_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\details_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\details_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\feedback_banner.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\feedback_banner.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\flow_background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\flow_background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_alert.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_alert.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_informative.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_informative.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_notok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_notok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_sb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_sb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_skipped.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_skipped.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\input_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\input_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\loader_install.gif
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\loader_install.gif.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\lock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\lock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\minimize.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\minimize.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\open_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\open_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\pending.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\pending.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\products_chart.jpg
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\products_chart.jpg.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_not_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_not_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_next.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_next.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_prev.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_prev.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_fb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_fb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_go.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_go.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_line.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_line.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tabel.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tabel.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_top_text.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_top_text.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tw.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tw.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\small_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\small_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\status_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\status_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\top_header_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\top_header_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\unlock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\unlock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\additional.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\additional.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\avcheck.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\avcheck.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdardrv.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdardrv.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdmetrics.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdmetrics.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.ini
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.ini.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.ipv4
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\contacts.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\contacts.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\detection.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzflt.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzflt.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzfltum.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzfltum.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\htmlayout.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\htmlayout.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\Installer.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\Installer.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\installerpackage.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\installerpackage.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x64.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x64.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x86.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x86.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\no_connection.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\no_connection.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\npcomm.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\npcomm.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\servers.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\servers.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\setuplauncher.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\setuplauncher.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\standalone.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\standalone.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\ThreatScanner.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\ThreatScanner.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\unrar64.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\unrar64.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update_config.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update_config.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\UserGuide.pdf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\UserGuide.pdf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter4.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter4.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wslib.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wslib.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wspack.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wspack.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wsutils.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wsutils.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\core\bdcore.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\core\bdcore.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ACA.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Ad-Aware.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Advanced_System_Protect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\alading.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\AntiVir.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\avast5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\AVG.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Avira.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\BackWeb-4476822.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\BBC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender 2011.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Anti-Theft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Bussiness Client.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Internet Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Total Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\BullGuard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\cciss.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\COMODO.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\DRWEB.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ESET.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\eTrust.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\F-Secure.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\G Data.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\GUIDs.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\JiangMin.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Kaspersky.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Kingsoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\kingsoftSafeguard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\kv antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Lavasoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\McAfee.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\MicroPoint.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Microsoft Security Essentials.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Mobile.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\MSC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Norman.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Norton.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\OfficeScan95.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\OfficeScanNT.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Panda.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\PC Tools.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Premium.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\qqpcmgr.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\qqprotect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Rav.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\RFW.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Ris.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\safeguard360.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ServerProtect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\SunBelt.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Trend Micro.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\VETWIN32Vp5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Virus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Webroot.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\WinSS.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ZoneAlarm.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow1.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow1.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow2.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow2.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\bdHtmlBox.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\bdHtmlBox.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\cpptexts.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\cpptexts.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\en-US.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\en-US.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text_en.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text_en.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\general.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\general.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpaph.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpaph.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpgeneric.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpgeneric.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpmalware.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpmalware.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\installer.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\installer.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\it-IT.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\it-IT.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml.online
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml.online.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\logs.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\logs.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\main.ui.css
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\main.ui.css.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\notifications.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\notifications.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\pt-BR.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\pt-BR.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm_p.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm_p.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\repair_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\repair_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\ro-RO.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\ro-RO.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\setup_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\setup_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\uninstall_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\uninstall_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\welcome.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\welcome.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_middle.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_middle.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\award.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\award.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\back.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\back.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_award_flow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_award_flow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_install_steps.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_install_steps.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_tall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_tall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_uninstall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_uninstall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bd_logo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bd_logo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_AlertWindow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_AlertWindow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_header_image.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_header_image.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_picture.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_picture.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\close.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\close.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\delete_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\delete_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\details_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\details_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\feedback_banner.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\feedback_banner.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\flow_background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\flow_background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_alert.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_alert.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_informative.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_informative.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_notok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_notok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_sb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_sb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_skipped.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_skipped.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\input_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\input_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\loader_install.gif
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\loader_install.gif.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\lock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\lock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\minimize.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\minimize.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\open_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\open_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\pending.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\pending.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\products_chart.jpg
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\products_chart.jpg.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_not_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_not_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_next.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_next.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_prev.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_prev.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_fb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_fb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_go.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_go.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_line.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_line.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tabel.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tabel.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_top_text.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_top_text.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tw.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tw.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\small_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\small_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\status_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\status_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\top_header_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\top_header_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\unlock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\unlock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\additional.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\additional.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\avcheck.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\avcheck.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdardrv.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdardrv.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdmetrics.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdmetrics.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.ini
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.ini.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.ipv4
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\contacts.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\contacts.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\detection.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzflt.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzflt.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzfltum.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzfltum.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\htmlayout.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\htmlayout.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\Installer.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\Installer.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\installerpackage.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\installerpackage.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x64.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x64.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x86.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x86.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\no_connection.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\no_connection.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\npcomm.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\npcomm.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\servers.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\servers.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\setuplauncher.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\setuplauncher.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\standalone.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\standalone.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\ThreatScanner.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\ThreatScanner.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\unrar64.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\unrar64.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update_config.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update_config.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\UserGuide.pdf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\UserGuide.pdf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter4.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter4.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wslib.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wslib.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wspack.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wspack.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wsutils.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wsutils.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\core\bdcore.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\core\bdcore.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ACA.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Ad-Aware.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Advanced_System_Protect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\alading.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\AntiVir.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\avast5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\AVG.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Avira.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\BackWeb-4476822.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\BBC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender 2011.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Anti-Theft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Bussiness Client.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Internet Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Total Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\BullGuard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\cciss.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\COMODO.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\DRWEB.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ESET.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\eTrust.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\F-Secure.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\G Data.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\GUIDs.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\JiangMin.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Kaspersky.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Kingsoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\kingsoftSafeguard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\kv antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Lavasoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\McAfee.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\MicroPoint.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Microsoft Security Essentials.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Mobile.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\MSC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Norman.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Norton.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\OfficeScan95.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\OfficeScanNT.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Panda.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\PC Tools.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Premium.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\qqpcmgr.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\qqprotect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Rav.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\RFW.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Ris.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\safeguard360.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ServerProtect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\SunBelt.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Trend Micro.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\VETWIN32Vp5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Virus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Webroot.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\WinSS.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ZoneAlarm.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow1.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow1.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow2.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow2.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\bdHtmlBox.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\bdHtmlBox.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\cpptexts.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\cpptexts.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\en-US.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\en-US.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text_en.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text_en.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\general.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\general.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpaph.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpaph.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpgeneric.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpgeneric.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpmalware.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpmalware.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\installer.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\installer.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\it-IT.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\it-IT.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml.online
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml.online.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\logs.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\logs.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\main.ui.css
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\main.ui.css.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\notifications.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\notifications.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\pt-BR.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\pt-BR.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm_p.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm_p.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\repair_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\repair_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\ro-RO.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\ro-RO.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\setup_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\setup_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\uninstall_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\uninstall_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\welcome.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\welcome.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_middle.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_middle.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\award.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\award.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\back.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\back.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_award_flow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_award_flow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_install_steps.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_install_steps.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_tall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_tall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_uninstall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_uninstall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bd_logo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bd_logo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_AlertWindow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_AlertWindow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_header_image.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_header_image.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_picture.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_picture.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\close.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\close.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\delete_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\delete_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\details_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\details_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\feedback_banner.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\feedback_banner.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\flow_background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\flow_background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_alert.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_alert.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_informative.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_informative.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_notok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_notok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_sb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_sb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_skipped.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_skipped.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\input_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\input_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\loader_install.gif
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\loader_install.gif.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\lock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\lock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\minimize.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\minimize.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\open_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\open_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\pending.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\pending.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\products_chart.jpg
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\products_chart.jpg.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_not_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_not_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_next.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_next.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_prev.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_prev.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_fb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_fb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_go.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_go.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_line.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_line.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tabel.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tabel.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_top_text.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_top_text.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tw.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tw.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\small_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\small_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\status_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\status_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\top_header_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\top_header_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\unlock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\unlock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\Skype\gilasterr.log
 
========= End of CMD: =========
 
 
=========  RD /S /Q %TEMP% =========
 
C:\Users\SAIJYO~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.
C:\Users\SAIJYO~1\AppData\Local\Temp\gziface1.log - The process cannot access the file because it is being used by another process.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.. 
 
==== End of Fixlog 21:34:00 ====

  • 0

#8
jyotikanaru

jyotikanaru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by saijyotika at 2015-06-24 21:33:50 Run:1
Running from C:\Users\saijyotika\Desktop
Loaded Profiles: saijyotika (Available Profiles: saijyotika)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\...\Run: [GoogleChromeAutoLaunch_DDA0BB41EE412DD5FED2E787CB077A19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b.lnk [2015-06-05]
ShortcutTarget: b.lnk -> C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3934694455-2046814312-3196483240-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF Extension: YouTube Video Downloader - For Context Menu - C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected] [2015-05-20]
CHR Extension: (Bouncy Mouse) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb [2015-06-23]
CHR Extension: (Google Search) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-23]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 KProcessHacker2; \??\C:\Program Files\kprocesshacker.sys [X]
Task: {008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009} - System32\Tasks\{D70652D8-538B-44D1-A26B-4EAF6359B513} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {0DC527DC-B055-4F32-B2BD-370E1B8DEA8F} - System32\Tasks\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8} => pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files (x86)\InterVideo\WinDVD\Uninst.isu"
Task: {1999A20F-5D54-476B-973C-37830BD5E039} - System32\Tasks\{56263581-B2C3-412D-98EF-FAB3F852C3F2} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\solutoinstaller.exe -d C:\Users\saijyotika\Desktop\Downloads
Task: {31880E2F-980B-4427-ACEC-A985164233C9} - System32\Tasks\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {3F03FEBC-F790-44E8-90AB-EFA00165FDA6} - System32\Tasks\{BC004276-8B44-44A7-A063-FC3F2A141A98} => pcalua.exe -a C:\Users\saijyotika\Downloads\msicu.exe -d C:\Users\saijyotika\Downloads
Task: {46E9769B-8010-47B2-8948-00A59113300B} - System32\Tasks\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3} => Chrome.exe http://www.skype.com...38;LastError=-3
Task: {55C5C643-0BE9-4CD8-8FE8-B882C652970E} - System32\Tasks\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50} => Chrome.exe http://ui.skype.com/...;LastError=1603
Task: {5D65F921-4847-45E4-A0EE-8564CFF28DE7} - System32\Tasks\{3305BA6C-87A8-45AC-A134-A67535231164} => pcalua.exe -a C:\Users\saijyotika\Desktop\Downloads\64bit_Vista_Win7_R266.exe -d C:\Windows\system32
Task: {5F842E90-D010-4FD8-8E0C-5E1B2C424373} - System32\Tasks\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD} => pcalua.exe -a "C:\Users\saijyotika\Downloads\chromeinstall-8u40 (1).exe" -d C:\Users\saijyotika\Downloads
Task: {690991EA-A416-484D-9C9E-897ADA72490E} - System32\Tasks\{9AF16205-6971-47A7-814F-792E1ECFABF1} => pcalua.exe -a "C:\Program Files (x86)\V2 Corporation\vmuvc\wmpcdcs8.exe" -d "C:\Program Files (x86)\V2 Corporation\vmuvc"
Task: {6C074F4E-5077-4910-B362-3546EC84DEEE} - System32\Tasks\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8} => pcalua.exe -a C:\Users\saijyotika\Downloads\SetupDVDDecrypter_3.5.4.0.exe -d C:\Users\saijyotika\Downloads
Task: {6CFFEB01-DD41-4586-8399-0452402DF4A9} - System32\Tasks\{73D761BC-6A5E-4912-88B4-5649A810DC66} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F} - System32\Tasks\{783F347B-BA43-42F5-8345-09A16E7A37B0} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {75B0A16A-E0E9-4A80-990E-FDED77B4D961} - System32\Tasks\{A29518F9-CE72-488B-9C5F-47EAC825C7F4} => pcalua.exe -a C:\Users\saijyotika\Desktop\R220849\Setup.exe -d C:\Users\saijyotika\Desktop\R220849
Task: {7823AE4A-B827-4D80-A3C5-E1F20493808D} - System32\Tasks\{068D93AE-4654-428F-A625-E03EB695F1E6} => pcalua.exe -a "C:\Program Files (x86)\NCH Software\Debut\uninst.exe"
Task: {7E6117D8-3EC5-4982-90E0-EB66943AA7BD} - System32\Tasks\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A28BA13C-AB34-48A2-89D0-CD9DDDA648E0} - System32\Tasks\{83A4760B-8E7A-4B78-98C3-C0304D07B18D} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A2FD0EAE-9244-40AA-A210-DA86E5D98FBD} - System32\Tasks\{B8F4C49B-89A7-4BEC-8ABB-94F499304097} => Chrome.exe http://www.skype.com...LastError=12002
Task: {A7C95505-3061-4856-A0CA-766AC0361408} - System32\Tasks\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E} => pcalua.exe -a C:\Users\saijyotika\Desktop\setup_basic_2436.exe -d C:\Users\saijyotika\Desktop
Task: {AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D} - System32\Tasks\{162316C4-CEF1-4B16-B4C1-BBB5028845FA} => pcalua.exe -a C:\Users\saijyotika\Downloads\shabdanjali\stardict-2.4.7.exe -d C:\Users\saijyotika\Downloads\shabdanjali
Task: {AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10} - System32\Tasks\{A74E32F8-4462-4A1D-B578-190B7F2FB16E} => pcalua.exe -a C:\Users\saijyotika\AppData\Local\Temp\Temp2_pres$1coin_2007.zip\setup.exe
Task: {B541EA42-FDED-4F7C-820E-0261BC954CBC} - System32\Tasks\{9E26A334-76A7-4146-8DAF-CD1310BC3795} => Chrome.exe http://www.skype.com...LastError=12007
Task: {C3B99FE9-EB69-4DD0-84C7-65682B8971CB} - System32\Tasks\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E} => pcalua.exe -a "C:\Program Files (x86)\Windows Live Safety Center\wlschost.exe" -c -Uninstall
Task: {EFDEC4A3-6E31-4514-B140-3014BCD7B695} - System32\Tasks\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F} => Chrome.exe http://www.skype.com...38;LastError=-3
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\saijyotika\Desktop\msert.exe:BDU
AlternateDataStreams: C:\Users\saijyotika\Downloads\FRST64.exe:BDU
C:\Program Files (x86)\AVG
C:\Program Files (x86)\Common Files\Spigot
C:\Program Files (x86)\Internet Download Manager
C:\Program Files (x86)\NCH Software
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension
C:\Program Files (x86)\Yahoo!\Search Protection
C:\Program Files\kprocesshacker.sys
C:\ProgramData\hpothb07.dat
C:\Users\Public\hpothb07.dat
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
C:\Users\saijyotika\AppData\Local\Temp\cdo3655539098.dll
C:\Users\saijyotika\AppData\Local\Temp\cdo522972452.dll
C:\Users\saijyotika\AppData\Local\Temp\HitmanPro.exe
C:\Users\saijyotika\AppData\Local\Temp\mpam-4eee1d54.exe
C:\Users\saijyotika\AppData\Local\Temp\Quarantine.exe
C:\Users\saijyotika\AppData\Local\Temp\sqlite3.dll
C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected]
C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
C:\Users\saijyotika\hpothb07.dat
C:\Windows\system32\DRIVERS\BAPIDRV64.sys
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.dat
2010-06-09 16:14 - 2010-06-09 16:14 - 0000000 ____H () C:\Program Files (x86)\hpothb07.tif
2011-05-21 14:04 - 2011-05-21 14:05 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{27A44C4E-4902-4952-909C-DCCC9DF48261}
2011-05-21 14:15 - 2011-05-21 14:16 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{919F015F-0DA8-4B6C-9829-55FE212F0EB3}
2011-05-23 11:54 - 2011-05-23 11:54 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{33805E63-373D-433A-9E67-F2B21498DB78}
2011-06-07 08:29 - 2011-06-07 08:29 - 0000145 ____H () C:\ProgramData\hpothb07.dat
2011-06-07 08:29 - 2011-06-07 08:29 - 0000255 ____H () C:\ProgramData\hpothb07.tif
2011-07-03 17:16 - 2011-07-03 17:17 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{D1019BFE-6056-4011-B13E-9B2636E4F789}
2011-07-04 09:14 - 2011-07-04 09:14 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A9747031-F7D4-409D-8AB4-06B2F2626F59}
2011-08-18 14:24 - 2011-08-18 14:24 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A6C30661-5DEE-4869-80CE-570C30209333}
2011-09-11 20:23 - 2011-09-11 20:23 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{FFFE9FFE-7F05-4B4A-838D-CA33349AC20D}
2011-10-21 10:07 - 2011-10-21 10:07 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{B4B420C1-B0BF-49ED-9DF3-D2520E7146C8}
2011-11-03 08:45 - 2011-11-03 08:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C5B7C6CE-0515-4AD0-B487-C38E0F47AF4B}
2011-11-04 18:38 - 2011-11-04 18:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{276A830F-4910-4E12-BB79-8B023095E8BF}
2011-11-12 21:08 - 2011-11-12 21:08 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{1F2AB4A1-E313-40AA-9B6F-29EB251BAAFC}
2011-11-13 08:04 - 2011-11-13 08:04 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{AE40C17C-1B15-4D9C-B978-C85EEB63FFD5}
2011-11-18 23:55 - 2011-11-18 23:55 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{77FB61F3-2B43-4B84-B363-5F73A1BACE57}
2011-11-22 19:45 - 2011-11-22 19:45 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{5AEB4708-779A-44E0-9FC4-6372C028CD02}
2012-01-04 18:21 - 2012-01-04 18:21 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{CF49B7B1-7436-4237-917F-21312EA98085}
2012-01-30 13:37 - 2012-01-30 13:37 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{C1140E17-1EE9-47DA-8AAA-AB472BE6C48C}
2012-01-30 13:38 - 2012-01-30 13:38 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{A73018EF-DFA7-4DA4-B59B-F9A7D4522813}
2015-02-04 18:40 - 2015-02-04 18:40 - 0000000 _____ () C:\Users\saijyotika\AppData\Local\{97E823C2-0E53-4C9B-8769-EB67EBA43A68}
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH () C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2015-06-05 18:07 - 2015-06-05 18:07 - 101695488 __RSH C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe
2015-06-22 14:25 - 2011-03-09 00:36 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software
2015-06-22 14:25 - 2012-01-30 18:01 - 00000000 ____D C:\Program Files (x86)\NCH Software
2015-06-23 14:05 - 2015-06-23 14:05 - 01415680 _____ (wj32) C:\Program Files\PTMF81UA.exe
2015-06-23 14:09 - 2015-06-23 14:09 - 01415680 _____ (wj32) C:\Program Files\4DBKT20F.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\5ECLU3CR.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JS1A8HKU.exe
2015-06-23 14:27 - 2015-06-23 14:27 - 01415680 _____ (wj32) C:\Program Files\JSKZ8HFU.exe
2015-06-23 15:24 - 2015-06-23 15:24 - 01415680 _____ (wj32) C:\Program Files\CAJSKZ8N.exe
2015-06-23 16:01 - 2015-06-23 16:01 - 00000000 ____D C:\Users\saijyotika\AppData\Roaming\AVAST Software
2015-06-23 17:01 - 2015-06-23 17:01 - 1415680 _____ (wj32) C:\Program Files\HKZX6FDS.exe
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
Reboot:
end
*****************
 
Error: (0) Failed to create a restore point.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\TaskbarNoNotification => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value removed successfully
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_DDA0BB41EE412DD5FED2E787CB077A19 => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE => value removed successfully
C:\Users\saijyotika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b.lnk not found.
C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found. 
C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected] => moved successfully.
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb => moved successfully.
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => moved successfully.
C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => moved successfully.
BAPIDRV => Service removed successfully
KProcessHacker2 => Service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{008DDD58-C1B6-4CE9-AEE9-CEEC94A7E009}" => key removed successfully
C:\Windows\System32\Tasks\{D70652D8-538B-44D1-A26B-4EAF6359B513} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D70652D8-538B-44D1-A26B-4EAF6359B513}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0DC527DC-B055-4F32-B2BD-370E1B8DEA8F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DC527DC-B055-4F32-B2BD-370E1B8DEA8F}" => key removed successfully
C:\Windows\System32\Tasks\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A260E71C-6AE1-476C-ACFB-B8FD507FB0B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1999A20F-5D54-476B-973C-37830BD5E039}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1999A20F-5D54-476B-973C-37830BD5E039}" => key removed successfully
C:\Windows\System32\Tasks\{56263581-B2C3-412D-98EF-FAB3F852C3F2} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{56263581-B2C3-412D-98EF-FAB3F852C3F2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31880E2F-980B-4427-ACEC-A985164233C9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31880E2F-980B-4427-ACEC-A985164233C9}" => key removed successfully
C:\Windows\System32\Tasks\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0C702ADF-6E98-4AD2-8905-E24B5E7484EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F03FEBC-F790-44E8-90AB-EFA00165FDA6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F03FEBC-F790-44E8-90AB-EFA00165FDA6}" => key removed successfully
C:\Windows\System32\Tasks\{BC004276-8B44-44A7-A063-FC3F2A141A98} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC004276-8B44-44A7-A063-FC3F2A141A98}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46E9769B-8010-47B2-8948-00A59113300B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46E9769B-8010-47B2-8948-00A59113300B}" => key removed successfully
C:\Windows\System32\Tasks\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{51296A9F-C28C-4C11-BB7A-6E8EFC5EF0D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55C5C643-0BE9-4CD8-8FE8-B882C652970E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55C5C643-0BE9-4CD8-8FE8-B882C652970E}" => key removed successfully
C:\Windows\System32\Tasks\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{88D586D2-8A1B-4A7B-A460-76C3BF30DB50}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D65F921-4847-45E4-A0EE-8564CFF28DE7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D65F921-4847-45E4-A0EE-8564CFF28DE7}" => key removed successfully
C:\Windows\System32\Tasks\{3305BA6C-87A8-45AC-A134-A67535231164} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3305BA6C-87A8-45AC-A134-A67535231164}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F842E90-D010-4FD8-8E0C-5E1B2C424373}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F842E90-D010-4FD8-8E0C-5E1B2C424373}" => key removed successfully
C:\Windows\System32\Tasks\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A360AB1B-A059-49AA-B12C-5048B3A7ACDD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{690991EA-A416-484D-9C9E-897ADA72490E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{690991EA-A416-484D-9C9E-897ADA72490E}" => key removed successfully
C:\Windows\System32\Tasks\{9AF16205-6971-47A7-814F-792E1ECFABF1} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9AF16205-6971-47A7-814F-792E1ECFABF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C074F4E-5077-4910-B362-3546EC84DEEE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C074F4E-5077-4910-B362-3546EC84DEEE}" => key removed successfully
C:\Windows\System32\Tasks\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CF7D40F4-077B-4B1F-8D79-D55143A31AC8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CFFEB01-DD41-4586-8399-0452402DF4A9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CFFEB01-DD41-4586-8399-0452402DF4A9}" => key removed successfully
C:\Windows\System32\Tasks\{73D761BC-6A5E-4912-88B4-5649A810DC66} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{73D761BC-6A5E-4912-88B4-5649A810DC66}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72A6A6F0-F1CC-49F4-B1D3-8C60EBBD629F}" => key removed successfully
C:\Windows\System32\Tasks\{783F347B-BA43-42F5-8345-09A16E7A37B0} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{783F347B-BA43-42F5-8345-09A16E7A37B0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75B0A16A-E0E9-4A80-990E-FDED77B4D961}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75B0A16A-E0E9-4A80-990E-FDED77B4D961}" => key removed successfully
C:\Windows\System32\Tasks\{A29518F9-CE72-488B-9C5F-47EAC825C7F4} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A29518F9-CE72-488B-9C5F-47EAC825C7F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7823AE4A-B827-4D80-A3C5-E1F20493808D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7823AE4A-B827-4D80-A3C5-E1F20493808D}" => key removed successfully
C:\Windows\System32\Tasks\{068D93AE-4654-428F-A625-E03EB695F1E6} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{068D93AE-4654-428F-A625-E03EB695F1E6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E6117D8-3EC5-4982-90E0-EB66943AA7BD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E6117D8-3EC5-4982-90E0-EB66943AA7BD}" => key removed successfully
C:\Windows\System32\Tasks\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8ADD2BDD-C8F6-4637-B763-5F40CDDC25E3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A28BA13C-AB34-48A2-89D0-CD9DDDA648E0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A28BA13C-AB34-48A2-89D0-CD9DDDA648E0}" => key removed successfully
C:\Windows\System32\Tasks\{83A4760B-8E7A-4B78-98C3-C0304D07B18D} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{83A4760B-8E7A-4B78-98C3-C0304D07B18D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2FD0EAE-9244-40AA-A210-DA86E5D98FBD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2FD0EAE-9244-40AA-A210-DA86E5D98FBD}" => key removed successfully
C:\Windows\System32\Tasks\{B8F4C49B-89A7-4BEC-8ABB-94F499304097} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B8F4C49B-89A7-4BEC-8ABB-94F499304097}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7C95505-3061-4856-A0CA-766AC0361408}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7C95505-3061-4856-A0CA-766AC0361408}" => key removed successfully
C:\Windows\System32\Tasks\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A735B66-5B56-42EB-8C61-CCBF0A34C15E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE4AFFD5-86FD-41D3-8075-72CA8E88EA2D}" => key removed successfully
C:\Windows\System32\Tasks\{162316C4-CEF1-4B16-B4C1-BBB5028845FA} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{162316C4-CEF1-4B16-B4C1-BBB5028845FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE4EA441-CA3E-45DA-A71D-4BD1EDAD5E10}" => key removed successfully
C:\Windows\System32\Tasks\{A74E32F8-4462-4A1D-B578-190B7F2FB16E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A74E32F8-4462-4A1D-B578-190B7F2FB16E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B541EA42-FDED-4F7C-820E-0261BC954CBC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B541EA42-FDED-4F7C-820E-0261BC954CBC}" => key removed successfully
C:\Windows\System32\Tasks\{9E26A334-76A7-4146-8DAF-CD1310BC3795} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9E26A334-76A7-4146-8DAF-CD1310BC3795}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3B99FE9-EB69-4DD0-84C7-65682B8971CB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3B99FE9-EB69-4DD0-84C7-65682B8971CB}" => key removed successfully
C:\Windows\System32\Tasks\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CCFCB9B7-6BCB-4DEC-8DF4-CBCAA75EFD6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFDEC4A3-6E31-4514-B140-3014BCD7B695}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFDEC4A3-6E31-4514-B140-3014BCD7B695}" => key removed successfully
C:\Windows\System32\Tasks\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1C5E620-670B-429F-B2EE-BBBBC4C4278F}" => key removed successfully
C:\ProgramData\TEMP => ":5D432CE3" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
"C:\Users\saijyotika\Desktop\msert.exe" => ":BDU" ADS not found.
"C:\Users\saijyotika\Downloads\FRST64.exe" => ":BDU" ADS not found.
"C:\Program Files (x86)\AVG" => File/Folder not found.
"C:\Program Files (x86)\Common Files\Spigot" => File/Folder not found.
"C:\Program Files (x86)\Internet Download Manager" => File/Folder not found.
C:\Program Files (x86)\NCH Software => moved successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension => moved successfully.
"C:\Program Files (x86)\Yahoo!\Search Protection" => File/Folder not found.
"C:\Program Files\kprocesshacker.sys" => File/Folder not found.
C:\ProgramData\hpothb07.dat => moved successfully.
C:\Users\Public\hpothb07.dat => moved successfully.
"C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdllcbmneiklcmbeclfegccdjholomb" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\cdo3655539098.dll" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\cdo522972452.dll" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\HitmanPro.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\mpam-4eee1d54.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\Quarantine.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Local\Temp\sqlite3.dll" => File/Folder not found.
"C:\Users\saijyotika\AppData\Roaming\Mozilla\Firefox\Profiles\enjigtlz.default\Extensions\[email protected]" => File/Folder not found.
"C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe" => File/Folder not found.
C:\Users\saijyotika\hpothb07.dat => moved successfully.
"C:\Windows\system32\DRIVERS\BAPIDRV64.sys" => File/Folder not found.
C:\Program Files (x86)\hpothb07.dat => moved successfully.
C:\Program Files (x86)\hpothb07.tif => moved successfully.
C:\Users\saijyotika\AppData\Local\{27A44C4E-4902-4952-909C-DCCC9DF48261} => moved successfully.
C:\Users\saijyotika\AppData\Local\{919F015F-0DA8-4B6C-9829-55FE212F0EB3} => moved successfully.
C:\Users\saijyotika\AppData\Local\{33805E63-373D-433A-9E67-F2B21498DB78} => moved successfully.
"C:\ProgramData\hpothb07.dat" => File/Folder not found.
C:\ProgramData\hpothb07.tif => moved successfully.
C:\Users\saijyotika\AppData\Local\{D1019BFE-6056-4011-B13E-9B2636E4F789} => moved successfully.
C:\Users\saijyotika\AppData\Local\{A9747031-F7D4-409D-8AB4-06B2F2626F59} => moved successfully.
C:\Users\saijyotika\AppData\Local\{A6C30661-5DEE-4869-80CE-570C30209333} => moved successfully.
C:\Users\saijyotika\AppData\Local\{FFFE9FFE-7F05-4B4A-838D-CA33349AC20D} => moved successfully.
C:\Users\saijyotika\AppData\Local\{B4B420C1-B0BF-49ED-9DF3-D2520E7146C8} => moved successfully.
C:\Users\saijyotika\AppData\Local\{C5B7C6CE-0515-4AD0-B487-C38E0F47AF4B} => moved successfully.
C:\Users\saijyotika\AppData\Local\{276A830F-4910-4E12-BB79-8B023095E8BF} => moved successfully.
C:\Users\saijyotika\AppData\Local\{1F2AB4A1-E313-40AA-9B6F-29EB251BAAFC} => moved successfully.
C:\Users\saijyotika\AppData\Local\{AE40C17C-1B15-4D9C-B978-C85EEB63FFD5} => moved successfully.
C:\Users\saijyotika\AppData\Local\{77FB61F3-2B43-4B84-B363-5F73A1BACE57} => moved successfully.
C:\Users\saijyotika\AppData\Local\{5AEB4708-779A-44E0-9FC4-6372C028CD02} => moved successfully.
C:\Users\saijyotika\AppData\Local\{CF49B7B1-7436-4237-917F-21312EA98085} => moved successfully.
C:\Users\saijyotika\AppData\Local\{C1140E17-1EE9-47DA-8AAA-AB472BE6C48C} => moved successfully.
C:\Users\saijyotika\AppData\Local\{A73018EF-DFA7-4DA4-B59B-F9A7D4522813} => moved successfully.
C:\Users\saijyotika\AppData\Local\{97E823C2-0E53-4C9B-8769-EB67EBA43A68} => moved successfully.
"C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe" => File/Folder not found.
"C:\Users\saijyotika\AppData\Roaming\obzirbvtrp.exe" => File/Folder not found.
C:\Windows\System32\Tasks\NCH Software => moved successfully.
"C:\Program Files (x86)\NCH Software" => File/Folder not found.
C:\Program Files\PTMF81UA.exe => moved successfully.
C:\Program Files\4DBKT20F.exe => moved successfully.
C:\Program Files\5ECLU3CR.exe => moved successfully.
C:\Program Files\JS1A8HKU.exe => moved successfully.
C:\Program Files\JSKZ8HFU.exe => moved successfully.
C:\Program Files\CAJSKZ8N.exe => moved successfully.
C:\Users\saijyotika\AppData\Roaming\AVAST Software => moved successfully.
C:\Program Files\HKZX6FDS.exe => moved successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state on =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3934694455-2046814312-3196483240-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
=========  DEL %TEMP%\*.* /F /S /Q =========
 
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161248907_farbar-recovery-scan-tool.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\AdobeARM.log
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\DMI52E0.tmp
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\DMI88AF.tmp
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\farbar-recovery-scan-tool.exe
C:\Users\SAIJYO~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\gziface.log
C:\Users\SAIJYO~1\AppData\Local\Temp\gziface1.log
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\mpam-a4b0e18f.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\MpCmdRun.log
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\qs-en-utf16.txt
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\StructuredQuery.log
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161037599\istartsurf_distribution.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161037599\setup_gmsd_us.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161230448\istartsurf_distribution.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\1435161230448\setup_gmsd_us.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\additional.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\additional.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\avcheck.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\avcheck.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdardrv.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdardrv.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdmetrics.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdmetrics.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.ini
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.ini.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\bdnc.ipv4
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\contacts.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\contacts.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\detection.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzflt.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzflt.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzfltum.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\gzfltum.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\htmlayout.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\htmlayout.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\Installer.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\Installer.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\installerpackage.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\installerpackage.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x64.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x64.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x86.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\install_x86.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\no_connection.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\no_connection.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\npcomm.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\npcomm.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\servers.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\servers.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\setuplauncher.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\setuplauncher.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\standalone.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\standalone.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\ThreatScanner.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\ThreatScanner.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\trufos.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\unrar64.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\unrar64.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update_config.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\update_config.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\UserGuide.pdf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\UserGuide.pdf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\WPFKickstarter4.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wslib.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wslib.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wspack.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wspack.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wsutils.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\wsutils.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\core\bdcore.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\core\bdcore.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ACA.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Ad-Aware.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Advanced_System_Protect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\alading.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\AntiVir.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\avast5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\AVG.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Avira.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\BackWeb-4476822.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\BBC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender 2011.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Anti-Theft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Bussiness Client.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Internet Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Bitdefender Total Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\BullGuard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\cciss.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\COMODO.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\DRWEB.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ESET.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\eTrust.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\F-Secure.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\G Data.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\GUIDs.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\JiangMin.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Kaspersky.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Kingsoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\kingsoftSafeguard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\kv antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Lavasoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\McAfee.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\MicroPoint.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Microsoft Security Essentials.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Mobile.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\MSC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Norman.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Norton.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\OfficeScan95.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\OfficeScanNT.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Panda.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\PC Tools.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Premium.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\qqpcmgr.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\qqprotect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Rav.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\RFW.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Ris.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\safeguard360.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ServerProtect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\SunBelt.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Trend Micro.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\VETWIN32Vp5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Virus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\Webroot.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\WinSS.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\extern\ZoneAlarm.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow1.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow1.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow2.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\award_flow2.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\bdHtmlBox.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\bdHtmlBox.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\cpptexts.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\cpptexts.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\en-US.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\en-US.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text_en.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\eula_text_en.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\general.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\general.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpaph.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpaph.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpgeneric.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpgeneric.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpmalware.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\httpmalware.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\installer.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\installer.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\it-IT.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\it-IT.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml.online
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\lang.xml.online.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\logs.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\logs.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\main.ui.css
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\main.ui.css.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\notifications.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\notifications.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\pt-BR.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm_p.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\rem_confirm_p.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\repair_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\repair_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\ro-RO.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\setup_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\setup_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\uninstall_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\uninstall_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\welcome.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\welcome.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_margin_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_middle.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\alert_middle.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\award.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\award.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\back.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\back.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_award_flow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_award_flow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_install_steps.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_install_steps.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_tall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_tall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_uninstall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\background_uninstall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bd_logo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bd_logo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_AlertWindow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_AlertWindow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_header_image.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_header_image.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\bg_number_events_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_picture.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_picture.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\big_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\btn_combo_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_off_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\checkbox_on_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\close.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\close.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\delete_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\delete_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\details_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\details_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\feedback_banner.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\feedback_banner.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\flow_background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\flow_background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_alert.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_alert.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_critical_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_done_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_informative.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_informative.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_notok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_notok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_sb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_sb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_skipped.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\icon_skipped.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\input_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\input_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_big_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\install_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\loader_install.gif
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\loader_install.gif.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\lock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\lock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\minimize.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\minimize.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\open_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\open_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\pending.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\pending.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\products_chart.jpg
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\products_chart.jpg.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_not_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_not_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bar_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\progress_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_next.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_next.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_prev.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\scroll_prev.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_fb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_fb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_go.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_go.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_line.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_line.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tabel.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tabel.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_top_text.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_top_text.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tw.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\share_tw.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\small_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\small_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sswitch_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\status_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\status_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\sys_btn_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_feedback_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_left_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\tabs_bg_right_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\top_header_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\top_header_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\unlock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX0\lang\images\unlock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\additional.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\additional.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\avcheck.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\avcheck.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdardrv.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdardrv.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdmetrics.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdmetrics.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.ini
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.ini.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\bdnc.ipv4
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\contacts.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\contacts.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\detection.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzflt.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzflt.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzfltum.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\gzfltum.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\htmlayout.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\htmlayout.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\Installer.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\Installer.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\installerpackage.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\installerpackage.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x64.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x64.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x86.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\install_x86.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\no_connection.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\no_connection.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\npcomm.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\npcomm.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\servers.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\servers.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\setuplauncher.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\setuplauncher.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\standalone.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\standalone.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\ThreatScanner.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\ThreatScanner.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\trufos.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\unrar64.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\unrar64.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update_config.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\update_config.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\UserGuide.pdf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\UserGuide.pdf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter4.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\WPFKickstarter4.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wslib.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wslib.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wspack.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wspack.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wsutils.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\wsutils.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\core\bdcore.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\core\bdcore.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ACA.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Ad-Aware.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Advanced_System_Protect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\alading.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\AntiVir.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\avast5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\AVG.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Avira.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\BackWeb-4476822.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\BBC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender 2011.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Anti-Theft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Bussiness Client.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Internet Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Bitdefender Total Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\BullGuard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\cciss.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\COMODO.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\DRWEB.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ESET.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\eTrust.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\F-Secure.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\G Data.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\GUIDs.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\JiangMin.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Kaspersky.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Kingsoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\kingsoftSafeguard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\kv antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Lavasoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\McAfee.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\MicroPoint.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Microsoft Security Essentials.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Mobile.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\MSC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Norman.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Norton.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\OfficeScan95.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\OfficeScanNT.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Panda.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\PC Tools.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Premium.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\qqpcmgr.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\qqprotect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Rav.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\RFW.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Ris.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\safeguard360.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ServerProtect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\SunBelt.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Trend Micro.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\VETWIN32Vp5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Virus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\Webroot.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\WinSS.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\extern\ZoneAlarm.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow1.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow1.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow2.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\award_flow2.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\bdHtmlBox.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\bdHtmlBox.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\cpptexts.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\cpptexts.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\en-US.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\en-US.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text_en.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\eula_text_en.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\general.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\general.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpaph.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpaph.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpgeneric.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpgeneric.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpmalware.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\httpmalware.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\installer.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\installer.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\it-IT.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\it-IT.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml.online
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\lang.xml.online.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\logs.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\logs.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\main.ui.css
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\main.ui.css.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\notifications.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\notifications.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\pt-BR.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\pt-BR.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm_p.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\rem_confirm_p.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\repair_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\repair_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\ro-RO.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\ro-RO.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\setup_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\setup_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\uninstall_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\uninstall_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\welcome.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\welcome.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_margin_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_middle.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\alert_middle.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\award.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\award.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\back.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\back.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_award_flow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_award_flow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_install_steps.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_install_steps.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_tall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_tall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_uninstall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\background_uninstall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bd_logo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bd_logo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_AlertWindow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_AlertWindow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_header_image.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_header_image.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\bg_number_events_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_picture.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_picture.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\big_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\btn_combo_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_off_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\checkbox_on_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\close.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\close.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\delete_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\delete_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\details_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\details_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\feedback_banner.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\feedback_banner.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\flow_background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\flow_background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_alert.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_alert.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_critical_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_done_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_informative.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_informative.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_notok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_notok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_sb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_sb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_skipped.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\icon_skipped.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\input_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\input_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_big_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\install_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\loader_install.gif
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\loader_install.gif.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\lock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\lock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\minimize.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\minimize.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\open_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\open_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\pending.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\pending.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\products_chart.jpg
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\products_chart.jpg.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_not_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_not_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bar_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\progress_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_next.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_next.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_prev.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\scroll_prev.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_fb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_fb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_go.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_go.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_line.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_line.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tabel.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tabel.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_top_text.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_top_text.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tw.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\share_tw.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\small_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\small_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sswitch_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\status_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\status_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\sys_btn_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_feedback_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_left_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\tabs_bg_right_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\top_header_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\top_header_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\unlock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX1\lang\images\unlock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\additional.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\additional.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\avcheck.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\avcheck.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdardrv.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdardrv.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdmetrics.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdmetrics.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.ini
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.ini.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\bdnc.ipv4
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\contacts.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\contacts.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\detection.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzflt.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzflt.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzfltum.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\gzfltum.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\htmlayout.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\htmlayout.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\Installer.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\Installer.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\installerpackage.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\installerpackage.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x64.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x64.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x86.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\install_x86.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\no_connection.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\no_connection.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\npcomm.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\npcomm.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\servers.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\servers.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\setuplauncher.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\setuplauncher.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\standalone.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\standalone.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\ThreatScanner.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\ThreatScanner.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.sys
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\trufos.sys.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\unrar64.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\unrar64.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update_config.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\update_config.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\UserGuide.pdf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\UserGuide.pdf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter4.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\WPFKickstarter4.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wslib.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wslib.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wspack.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wspack.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wsutils.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\wsutils.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\core\bdcore.dll
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\core\bdcore.dll.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ACA.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Ad-Aware.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Advanced_System_Protect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\alading.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\AntiVir.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\avast5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\AVG.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Avira.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\BackWeb-4476822.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\BBC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender 2011.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Anti-Theft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Bussiness Client.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Internet Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Bitdefender Total Security.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\BullGuard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\cciss.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\COMODO.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\DRWEB.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ESET.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\eTrust.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\F-Secure.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\G Data.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\GUIDs.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\JiangMin.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Kaspersky.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Kingsoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\kingsoftSafeguard.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\kv antivirus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Lavasoft.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\McAfee.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\MicroPoint.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Microsoft Security Essentials.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Mobile.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\MSC.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Norman.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Norton.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\OfficeScan95.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\OfficeScanNT.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Panda.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\PC Tools.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Premium.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\qqpcmgr.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\qqprotect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Rav.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\RFW.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Ris.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\safeguard360.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ServerProtect.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\SunBelt.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Trend Micro.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\VETWIN32Vp5.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Virus.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\Webroot.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\WinSS.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\extern\ZoneAlarm.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow1.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow1.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow2.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\award_flow2.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\bdHtmlBox.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\bdHtmlBox.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\cpptexts.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\cpptexts.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\en-US.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\en-US.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text_en.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\eula_text_en.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\general.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\general.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpaph.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpaph.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpgeneric.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpgeneric.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpmalware.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\httpmalware.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\installer.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\installer.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\it-IT.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\it-IT.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml.online
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\lang.xml.online.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\logs.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\logs.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\main.ui.css
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\main.ui.css.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\notifications.xlf
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\notifications.xlf.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\pt-BR.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\pt-BR.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm_p.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\rem_confirm_p.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\repair_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\repair_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\ro-RO.exe
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\ro-RO.exe.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\setup_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\setup_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\uninstall_progress.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\uninstall_progress.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\welcome.html
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\welcome.html.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_margin_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_middle.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\alert_middle.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\award.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\award.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\back.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\back.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_award_flow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_award_flow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_install_steps.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_install_steps.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_tall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_tall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_uninstall.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\background_uninstall.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bd_logo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bd_logo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_AlertWindow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_AlertWindow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_header_image.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_header_image.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\bg_number_events_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_picture.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_picture.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\big_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\btn_combo_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_off_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_disabled.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_disabled.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\checkbox_on_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\close.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\close.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\delete_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\delete_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\details_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\details_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\feedback_banner.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\feedback_banner.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\flow_background.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\flow_background.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_alert.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_alert.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_critical_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done_big.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_done_big.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_informative.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_informative.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_notok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_notok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_sb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_sb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_skipped.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\icon_skipped.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\input_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\input_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_big_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\install_button_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\loader_install.gif
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\loader_install.gif.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\lock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\lock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\minimize.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\minimize.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\open_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\open_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\pending.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\pending.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\products_chart.jpg
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\products_chart.jpg.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_not_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_not_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_ok.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bar_ok.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\progress_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\qs_scan_log.xsl
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\qs_scan_log.xsl.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_next.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_next.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_prev.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\scroll_prev.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_fb.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_fb.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_go.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_go.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_line.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_line.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tabel.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tabel.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_top_text.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_top_text.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tw.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\share_tw.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\small_shadow.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\small_shadow.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_off.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_off.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_on.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sswitch_on.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\status_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\status_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_active.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_active.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\sys_btn_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_feedback_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_left_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right_hover.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\tabs_bg_right_hover.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\top_header_bg.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\top_header_bg.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\unlock_normal.png
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\RarSFX3\lang\images\unlock_normal.png.md5
Deleted file - C:\Users\SAIJYO~1\AppData\Local\Temp\Skype\gilasterr.log
 
========= End of CMD: =========
 
 
=========  RD /S /Q %TEMP% =========
 
C:\Users\SAIJYO~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.
C:\Users\SAIJYO~1\AppData\Local\Temp\gziface1.log - The process cannot access the file because it is being used by another process.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.. 
 
==== End of Fixlog 21:34:00 ====

  • 0

#9
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,215 posts
How is your system running now? 
 
By the way, you should start to "Follow this topic".  You can enable this in one of two ways; the first is to go to the top right hand corner of this thread and click the Button labeled "Follow this topic".  The other way is to selec the "Follow this topic" option listed in the Post Options to the right of every post edit window.


FIRST >>>>

Please download Farbar Service Scanner to your desktop and double click on the file to run it.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
SECOND >>>>

AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

    AdwCleaner_v4111_zpsn56hzjza.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
  • Click the Report button to get the log.
  • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
  • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
Optional:

NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
  • 0

#10
jyotikanaru

jyotikanaru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Farbar Service Scanner Version: 17-01-2015
Ran by saijyotika (administrator) on 25-06-2015 at 07:07:22
Running from "C:\Users\saijyotika\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
 
ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
# AdwCleaner v4.207 - Logfile created 25/06/2015 at 07:15:22
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : saijyotika - JYOTIKA
# Running from : C:\Users\saijyotika\Desktop\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v43.0.2357.130
 
 
*************************
 
AdwCleaner[R0].txt - [1179 bytes] - [22/06/2015 09:04:53]
AdwCleaner[R1].txt - [1040 bytes] - [23/06/2015 16:57:41]
AdwCleaner[R2].txt - [1161 bytes] - [25/06/2015 07:12:59]
AdwCleaner[R3].txt - [961 bytes] - [25/06/2015 07:15:22]
AdwCleaner[S0].txt - [1251 bytes] - [22/06/2015 09:05:41]
AdwCleaner[S1].txt - [1107 bytes] - [23/06/2015 16:59:11]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1137 bytes] ##########
 

  • 0

Advertisements


#11
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,215 posts

FIRST >>>>

Re-run AdwCleaner

Close all open windows and browsers.

  • Double click the AdwCleaner icon to run AdwCleaner. (Vista and 7 users) Right click the AdwCleaner icon, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • Click the Scan button and wait for the scan to complete.
  • When the Scan has finished the Scan button will be grayed out and the Clean button will be activated.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.
  • Once done it will ask to reboot, allow this

    adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

SECOND >>>>

Please download the ESET Services Repair Tool from here .

Double click on ServicesRepair.exe; allow the file to run by clicking Run and / or Yes.

Once the utility is done, please reboot your system to allow the services to start properly.


LAST >>>>

Please download Farbar Service Scanner to your desktop and double click on the file to run it or just double click the FSS file on your desktop if it is still there.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

  • 0

#12
jyotikanaru

jyotikanaru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
# AdwCleaner v4.207 - Logfile created 25/06/2015 at 11:06:35
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : saijyotika - JYOTIKA
# Running from : C:\Users\saijyotika\Desktop\AdwCleaner (1).exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v43.0.2357.130
 
 
*************************
 
AdwCleaner[R0].txt - [1179 bytes] - [22/06/2015 09:04:53]
AdwCleaner[R1].txt - [1040 bytes] - [23/06/2015 16:57:41]
AdwCleaner[R2].txt - [1161 bytes] - [25/06/2015 07:12:59]
AdwCleaner[R3].txt - [1220 bytes] - [25/06/2015 07:15:22]
AdwCleaner[R4].txt - [1280 bytes] - [25/06/2015 11:05:40]
AdwCleaner[S0].txt - [1251 bytes] - [22/06/2015 09:05:41]
AdwCleaner[S1].txt - [1107 bytes] - [23/06/2015 16:59:11]
AdwCleaner[S2].txt - [1203 bytes] - [25/06/2015 11:06:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1262  bytes] ##########
Log Opened: 2015-06-25 @ 12:27:37
12:27:37 - -----------------
12:27:37 - | Begin Logging |
12:27:37 - -----------------
12:27:37 - Fix started on a WIN_7 X64 computer
12:27:37 - Prep in progress.  Please Wait.
12:27:38 - Prep complete
12:27:38 - Repairing Services Now.  Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>
 
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>
 
SetACL finished successfully.
12:27:40 - Services Repair Complete.
12:27:45 - Reboot Initiated
Farbar Service Scanner Version: 17-01-2015
Ran by saijyotika (administrator) on 25-06-2015 at 12:32:13
Running from "C:\Users\saijyotika\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
 
ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.
 
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****

  • 0

#13
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,215 posts

We need to see if there is a copy (good copy) of a needed file on your system.  Please run the following search and post the log here for review:

  • Right click on FRST64.exe on your desktop and select "Run as Administrator..." When the tool opens click Yes to disclaimer.
  • Let it update if it needs to; wait for the "The tool is ready to use." status message.
  • Type MpSvc.dll into the Search Box.
  • Press the Search Files button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
     

  • 0

#14
jyotikanaru

jyotikanaru

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by saijyotika at 2015-06-26 08:32:42
Running from C:\Users\saijyotika\Desktop
Boot Mode: Normal
 
================== Search Files: "MpSvc.dll" =============
 
C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpSvc.dll
[2013-07-10 11:36][2013-05-27 10:56] 1011712 ____A (Microsoft Corporation) 7B6CD2C784B13D63481B6BF49605C026 [File is signed]
 
C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpSvc.dll
[2013-07-10 11:36][2013-05-27 11:20] 1011712 ____A (Microsoft Corporation) 7CBB1D4D13DC62D7F529D87151FD3CD3 [File is signed]
 
C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpSvc.dll
[2009-07-14 05:24][2009-07-14 07:11] 1011712 ____A (Microsoft Corporation) CF318F60A84F15AF352439465A8D05F4 [File is signed]
 
====== End of Search ======

  • 0

#15
dbreeze

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,215 posts

FIRST >>>>

Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt




Start
CreateRestorePoint:
CloseProcesses:
Replace: C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpSvc.dll C:\Program Files\Windows Defender\MpSvc.dll
EmptyTemp:
Reboot:
end


NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST64 by right clicking on the FRST64.exe file, selecting "Run as Administrator..". The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.

The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.

Press%20the%20FIX%20button_zpsdd5zi3mt.p

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


SECOND >>>>


Malwarebytes' Anti-Malware
Please download the latest version of Malwarebytes' Anti-Malware from [a href="http://www.malwareby...mwb-download/"]Here[/a]. The version you have installed needs to be updated.

Double Click on the mbam-setup.exe file to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link
Main%20Screen_zpsnnwza0ky.png

Once the program has loaded and updated, select "Scan Now >>" to start the scan.
Main%20Screen_zpsnnwza0ky.png

The scan may take some time to finish, so please be patient.

If any malware is found, you will be presented with a screen like the one below.
mbam21-removeselected_zpsg83p7wis.jpg

If any malware is found, make sure that everything is checked, and click Remove Selected.
When the scan is complete, click View detailed log >> to view the results.
The report screen will open.
At the bottom click on Export and select as txt file, save the file to your desktop and click OK. When the export is complete, select OPEN.
The log file will be opened in your default text file viewer (usually Notepad); select the whole text (Ctrl + A) and copy (Ctrl + c) it to paste here in a reply.

LAST >>>>

How is your system running now?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP