the list of most used programmes in startups is missing in start menu options and computer is running slow.
There was a free vpn software which i uninstalled
the logs
FRST.txt
**************************
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-10-2015
Ran by User (administrator) on SAYANLAPTOP-PC (31-10-2015 02:20:00)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User & Guest)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Hewlett-Packard Company) C:\WINDOWS\System32\hpservice.exe
(Validity Sensors, Inc.) C:\WINDOWS\System32\vfsFPService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(WebEx Communications, Inc.) C:\WINDOWS\System32\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.5.4.24\nis.exe
(PC Tools) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\22.5.4.24\nis.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\WINDOWS\SMINST\BLService.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Cisco Systems, Inc.) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(WordWeb Software) C:\Program Files\WordWeb\wweb32.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
() C:\Program Files\Jagannatha Hora\bin\jhora.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-16] (Intel Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-03-14] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [OnScreenDisplay] => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554288 2007-11-02] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [DpAgent] => C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-09-29] (DigitalPersona, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2009-03-10] (CyberLink Corp.)
HKLM\...\Run: [nmctxth] => C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-07-21] (IDT, Inc.)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112 2014-01-17] (Symantec Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\realplayer\update\realsched.exe [295512 2013-11-16] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-09-12] (Apple Inc.)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [226904 2007-07-13] (Macrovision Corporation)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [80000 2014-07-05] (WordWeb Software)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [] => [X]
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Policies\Explorer: [NoInstrumentation] 1
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-10-12] (Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 121.242.190.180 192.168.12.25 192.168.12.112 8.8.8.8
Tcpip\..\Interfaces\{57A952AE-881C-4F89-9627-1D4EA5C788B9}: [DhcpNameServer] 121.242.190.180 8.8.8.8
Tcpip\..\Interfaces\{BDFC752B-05BB-48CC-966A-EE8C9707297C}: [DhcpNameServer] 121.242.190.180 192.168.12.25 192.168.12.112 8.8.8.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> DefaultScope {40E0921F-0FE4-4836-B12F-0565D580B1FD} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> {2BA04D11-8564-403A-B344-68B2683997B9} URL = hxxp://in.search.yahoo.com/search?ei=UTF-8&fr=cb-chennaionline&p={searchTerms}&Submit1=Search
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003 -> {40E0921F-0FE4-4836-B12F-0565D580B1FD} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-09-29] (DigitalPersona, Inc.)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll [2009-07-14] (Cisco Systems, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-26] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-25] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-11-16] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-11-16] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-01-22] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2014-02-06] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3273286156-3480778537-3055062599-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3273286156-3480778537-3055062599-1003: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin HKU\S-1-5-21-3273286156-3480778537-3055062599-1003: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-06-06] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-06-06] (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt [2009-10-22] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn [2015-10-30]
FF HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\Firefox\Extensions: [[email protected]] - C:\Program Files\WordWeb\WCaptureMoz
FF Extension: WordWeb one-click lookup - C:\Program Files\WordWeb\WCaptureMoz [2014-10-09] [not signed]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2015-04-29] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (TV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2015-03-26] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (The Economist) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebjgjhbjedcomcajgpodjgfjgkepgpl [2015-03-26] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (RealDownloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-07-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (My Chrome Theme) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-27]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-08-24]
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-08-24]
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-11-22]
CHR Extension: (TubeStop) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kckaiklmbnheffnnfoneanfbjjjodecj [2015-05-03] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk [2012-08-24] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT2504091&extensionData=\u003Cextension_data\u003E] <==== ATTENTION
CHR Extension: (Trovi search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-08-24]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Internet Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-09-23]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR StartupUrls: "hxxp://www.mystartsearch.com/?type=hp&ts=1430640960&from=wpc&uid=TOSHIBAXMK2552GSX_X8ENT434TXXX8ENT434T"
OPR Extension: (My IP Address) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\abehbenniobcbnjalhggdpkepkdeefao [2015-08-31]
OPR Extension: (Gismeteo weather forecast in speed-dial) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\kibhjejfdbbjhlhmhdcjcnjpiobjgkak [2015-08-31]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 DiskDoctorService; C:\Program Files\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150592 2014-01-17] (Symantec Corporation)
R2 DpHost; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [322624 2009-09-29] (DigitalPersona, Inc.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-01-27] (Hewlett-Packard Company) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\22.5.4.24\NIS.exe [282016 2015-09-24] (Symantec Corporation)
R2 nmservice; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [647216 2009-07-07] (Cisco Systems, Inc.)
R2 NU16StartManagerSvc; C:\Program Files\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795776 2014-01-17] (PC Tools)
S4 OracleJobSchedulerDATABASE1; c:\app\user\product\11.2.0\dbhome_1\Bin\extjob.exe [49152 2010-04-02] () [File not signed]
S3 OracleMTSRecoveryService; C:\app\User\product\11.2.0\dbhome_1\bin\omtsreco.exe [69632 2010-04-01] (Oracle Corporation) [File not signed]
S3 OracleOraDb11g_home1ClrAgent; C:\app\User\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe [38400 2010-02-28] (Oracle Corporation) [File not signed]
S3 OracleServiceDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\ORACLE.EXE [106487808 2010-04-02] (Oracle Corporation) [File not signed]
S3 OracleVssWriterDATABASE1; c:\app\user\product\11.2.0\dbhome_1\bin\OraVSSW.exe [159744 2010-04-02] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [292216 2009-01-12] ()
S2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [116080 2009-01-12] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [341328 2008-03-27] ()
R2 ScrybeUpdater; C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [189536 2004-09-10] (SafeNet, Inc)
S3 SpeedDiskService; C:\Program Files\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163904 2014-01-17] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe [221266 2009-07-21] (IDT, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S3 OracleOraDb11g_home1TNSListener; C:\app\User\product\11.2.0\dbhome_1\BIN\TNSLSNR [X]
S2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20151022.001\BHDrvx86.sys [1193032 2015-10-09] (Symantec Corporation)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [50688 2009-10-01] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1605040.018\ccSetx86.sys [137456 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389456 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [122192 2015-08-27] (Symantec Corporation)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20151029.001\IDSvix86.sys [580344 2015-10-20] (Symantec Corporation)
S3 iscFlash; C:\SwSetup\sp42557\iscflash.sys [11520 2008-08-05] (Insyde Software) [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-10-24] (Malwarebytes)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151030.006\NAVENG.SYS [104440 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151030.006\NAVEX15.SYS [1647216 2015-10-27] (Symantec Corporation)
R2 pnarp; C:\Windows\System32\DRIVERS\pnarp.sys [26672 2009-07-07] (Cisco Systems, Inc.)
R2 purendis; C:\Windows\System32\DRIVERS\purendis.sys [27696 2009-07-07] (Cisco Systems, Inc.)
R2 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [84064 2004-09-10] (Rainbow Technologies, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-01-10] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1605040.018\SRTSP.SYS [713960 2015-09-24] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1605040.018\SRTSPX.SYS [44792 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NIS\1605040.018\SYMEFASI.SYS [1286896 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [103152 2015-08-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1605040.018\Ironx86.SYS [234744 2015-07-11] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1605040.018\SYMTDIV.SYS [358104 2015-09-24] (Symantec Corporation)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 u302bus; C:\Windows\System32\DRIVERS\u302bus.sys [119112 2010-07-30] (MCCI Corporation)
S3 u302mdfl; C:\Windows\System32\DRIVERS\u302mdfl.sys [14920 2010-07-30] (MCCI Corporation)
S3 u302mdm; C:\Windows\System32\DRIVERS\u302mdm.sys [135880 2010-07-30] (MCCI Corporation)
S3 u302mgmt; C:\Windows\System32\DRIVERS\u302mgmt.sys [129992 2010-07-30] (MCCI Corporation)
R3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV.sys [X]
U1 eabfiltr; no ImagePath
S3 eapihdrv; \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys [X]
S3 EraserUtilDrv11411; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11411.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-19] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-31 02:20 - 2015-10-31 02:21 - 00033385 _____ C:\Users\User\Desktop\FRST.txt
2015-10-31 02:18 - 2015-10-31 02:20 - 00000000 ____D C:\FRST
2015-10-31 02:18 - 2015-10-31 02:17 - 01701888 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2015-10-31 02:16 - 2015-10-31 02:17 - 01701888 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2015-10-30 23:27 - 2015-10-30 23:37 - 00000037 _____ C:\Users\User\Desktop\New Text Document.txt
2015-10-30 22:46 - 2015-10-30 22:46 - 00142968 _____ C:\Windows\Minidump\Mini103015-01.dmp
2015-10-30 22:03 - 2015-10-30 22:06 - 00000000 ____D C:\Users\User\Desktop\New Folder (2)
2015-10-30 01:32 - 2015-10-30 01:32 - 00000000 ____D C:\ProgramData\Hotspot Shield
2015-10-29 22:16 - 2015-10-30 08:46 - 00000000 ____D C:\Users\User\Desktop\New Folder
2015-10-26 02:01 - 2015-10-26 02:02 - 05134526 _____ C:\Users\User\Desktop\68666.mp4
2015-10-21 01:04 - 2015-10-21 01:04 - 00000000 ____D C:\Windows\system32\Hotspot Shield
2015-10-20 20:31 - 2015-10-20 20:31 - 00000000 ____D C:\Users\User\Downloads\Z for Zachariah (2015)
2015-10-20 20:30 - 2015-10-20 20:41 - 00000000 ____D C:\Users\User\Downloads\The Stereo Love Show
2015-10-20 11:11 - 2015-10-20 11:11 - 00000000 ____H C:\Users\User\AppData\Local\BIT1.tmp
2015-10-20 11:10 - 2015-10-20 11:10 - 00000000 _____ C:\Users\User\AppData\Local\{0A4A5BE8-FB61-4B68-9E43-DA3F49F2F3C2}
2015-10-20 01:14 - 2015-10-20 01:14 - 00008354 _____ C:\Users\User\Downloads\Z For Zachariah (2015) [720p] YIFY - YTS.torrent
2015-10-19 22:37 - 2015-10-20 00:47 - 00000000 ____D C:\Users\User\Downloads\Demi Lovato - Confident [Deluxe Edition] [2015] [MP3-320KBPS] [H4CKUS] [GloDLS]
2015-10-19 02:48 - 2015-10-19 02:48 - 00000000 ____D C:\Users\User\AppData\Local\CrashRpt
2015-10-19 02:39 - 2015-10-19 02:39 - 00000455 _____ C:\Windows\certutil.log
2015-10-19 02:31 - 2015-10-19 02:36 - 13697176 _____ C:\Users\User\Downloads\HSS-5.0.2-install-plain-773-plain.exe
2015-10-19 01:30 - 2015-10-19 01:30 - 00011838 _____ C:\Users\User\Downloads\[kat.cr]demi.lovato.confident.deluxe.edition.2015.mp3.320kbps.h4ckus.glodls.torrent
2015-10-16 12:34 - 2015-10-16 12:34 - 00000260 _____ C:\Users\User\Downloads\debug.log
2015-10-16 09:53 - 2015-09-11 12:51 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-16 09:53 - 2015-09-11 12:49 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-16 09:53 - 2015-09-11 12:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-16 09:53 - 2015-09-11 12:45 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-16 09:53 - 2015-09-11 12:44 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-16 09:52 - 2015-09-11 12:52 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-16 09:52 - 2015-09-11 12:47 - 09751552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-16 09:52 - 2015-09-11 12:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-16 09:52 - 2015-09-11 12:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-16 09:52 - 2015-09-11 12:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-16 09:52 - 2015-09-11 12:44 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-16 09:52 - 2015-09-11 12:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-16 09:52 - 2015-09-11 12:44 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-16 09:52 - 2015-09-11 12:44 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-15 11:57 - 2015-10-15 11:57 - 00000000 ____D C:\9852493a8095665029
2015-10-15 11:46 - 2015-07-18 18:44 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 11:46 - 2015-07-18 18:44 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 11:43 - 2015-09-28 22:47 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-15 11:43 - 2015-09-26 21:39 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-15 11:43 - 2015-09-26 21:39 - 03554240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-15 11:41 - 2015-07-29 06:16 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-12 19:14 - 2015-10-12 19:15 - 00142968 _____ C:\Windows\Minidump\Mini101215-01.dmp
2015-10-12 05:49 - 2015-10-12 05:49 - 00012261 _____ C:\Users\User\Downloads\[kat.cr]edward.maya.the.stereo.love.show.2013.album.torrent
2015-10-10 20:25 - 2015-10-10 20:25 - 00008778 _____ C:\Users\User\Downloads\[kat.cr]z.for.zachariah.2015.720p.brrip.x264.yify.torrent
2015-10-02 23:29 - 2015-10-02 23:29 - 00075770 _____ C:\Users\User\Downloads\D120.tmp
2015-10-02 19:52 - 2015-10-02 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-02 19:49 - 2015-10-02 19:52 - 00000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-10-02 19:49 - 2015-10-02 19:52 - 00000000 ____D C:\Program Files\iTunes
2015-10-02 19:49 - 2015-10-02 19:49 - 00000000 ____D C:\Program Files\iPod
2015-10-02 19:35 - 2015-10-02 19:35 - 00000000 ____D C:\Program Files\Apple Software Update
2015-10-02 19:24 - 2015-10-02 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-10-02 19:23 - 2015-10-02 19:24 - 00000000 ____D C:\Program Files\QuickTime
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-31 01:56 - 2013-05-27 14:23 - 00000336 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-10-31 01:43 - 2011-10-02 11:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-10-31 01:39 - 2012-05-03 09:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-31 01:39 - 2009-06-30 10:53 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2015-10-31 01:31 - 2009-01-08 00:34 - 01300346 _____ C:\Windows\WindowsUpdate.log
2015-10-31 01:25 - 2012-05-18 23:30 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-31 00:46 - 2009-07-03 00:27 - 00000000 ____D C:\ProgramData\Skype
2015-10-31 00:46 - 2006-11-02 18:15 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-31 00:46 - 2006-11-02 18:15 - 00004784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-31 00:25 - 2012-05-18 23:30 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-30 23:48 - 2012-12-27 14:43 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job
2015-10-30 23:00 - 2009-02-27 22:38 - 00000000 ____D C:\Program Files\Opera
2015-10-30 22:50 - 2009-12-20 02:54 - 00000286 _____ C:\ProgramData\hpqp.ini
2015-10-30 22:48 - 2014-02-25 12:39 - 00000274 _____ C:\Windows\Tasks\NUAutoUpdate.job
2015-10-30 22:48 - 2009-01-07 06:20 - 00000000 ____D C:\ProgramData\TEMP
2015-10-30 22:47 - 2006-11-02 18:28 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-30 22:46 - 2015-08-15 04:16 - 279702263 _____ C:\Windows\MEMORY.DMP
2015-10-30 22:46 - 2010-12-01 12:30 - 00000000 ____D C:\Windows\Minidump
2015-10-30 18:39 - 2009-06-30 10:53 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2015-10-30 08:42 - 2012-07-04 11:39 - 01210124 _____ C:\Windows\PFRO.log
2015-10-30 03:18 - 2009-01-08 00:36 - 00003204 _____ C:\Windows\bthservsdp.dat
2015-10-30 03:18 - 2006-11-02 18:28 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-30 03:16 - 2013-08-25 21:15 - 00000000 ____D C:\Users\User\AppData\Local\NPE
2015-10-29 18:09 - 2012-12-27 14:43 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job
2015-10-26 22:26 - 2015-04-17 14:04 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2015-10-26 19:35 - 2014-02-25 12:39 - 00000266 _____ C:\Windows\Tasks\NUSchedule.job
2015-10-26 19:06 - 2012-10-21 19:00 - 00000394 _____ C:\Windows\system32\AppLog.log
2015-10-26 19:00 - 2014-02-25 19:11 - 00000000 ____D C:\Users\User\AppData\Roaming\Norton Utilities 16
2015-10-26 10:04 - 2012-05-03 09:57 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-26 10:04 - 2011-05-14 01:02 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-25 05:38 - 2015-03-26 13:26 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-10-24 22:25 - 2015-05-03 17:23 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-24 22:17 - 2015-05-03 17:22 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-24 09:55 - 2009-01-17 19:46 - 00006756 _____ C:\Users\User\AppData\Local\d3d9caps.dat
2015-10-24 07:30 - 2009-12-20 02:58 - 00000021 _____ C:\ProgramData\hpqp.txt
2015-10-22 16:43 - 2013-05-04 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-10-20 22:44 - 2015-02-06 22:00 - 00000000 ____D C:\Users\User\AppData\Roaming\BitTorrent
2015-10-18 17:58 - 2014-07-16 14:06 - 00000000 ____D C:\Users\User\Desktop\MTNL
2015-10-17 21:41 - 2009-01-07 06:21 - 00133120 _____ C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-17 11:16 - 2006-11-02 16:03 - 00830468 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-17 11:08 - 2006-11-02 16:48 - 00000000 ____D C:\Windows\rescache
2015-10-17 09:38 - 2014-11-27 19:02 - 00016985 _____ C:\Windows\setupact.log
2015-10-17 06:34 - 2008-07-03 11:07 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-16 09:23 - 2009-02-28 02:40 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-10-15 11:57 - 2013-08-07 20:56 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 11:57 - 2006-11-02 15:54 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-10-13 07:35 - 2015-08-02 14:18 - 00000000 ____D C:\Users\User\Desktop\MDI
2015-10-11 23:03 - 2011-10-11 23:41 - 00000000 ____D C:\Users\User\AppData\Roaming\Nokia
2015-10-05 09:50 - 2015-05-03 17:22 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-05 09:50 - 2015-05-03 17:22 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2015-05-03 17:22 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-10-05 00:02 - 2015-08-02 17:38 - 00000000 ____D C:\Windows\system32\Drivers\NIS
2015-10-05 00:01 - 2015-08-07 13:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-10-05 00:01 - 2015-08-02 17:39 - 00002107 _____ C:\Users\Public\Desktop\Norton Internet Security.LNK
2015-10-03 17:58 - 2015-08-22 15:48 - 00000000 ____D C:\Users\User\Desktop\15PGHR56
2015-10-02 19:49 - 2011-08-06 00:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-02 19:35 - 2011-08-06 00:43 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
==================== Files in the root of some directories =======
2014-06-09 11:34 - 2014-06-09 11:34 - 0000052 _____ () C:\Users\User\AppData\Roaming\Camdata.ini
2014-06-09 11:34 - 2014-06-09 11:34 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini
2014-06-09 11:34 - 2014-06-09 11:34 - 0000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini
2014-06-09 11:18 - 2014-06-09 11:34 - 0004535 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg
2009-05-27 20:02 - 2009-05-27 20:02 - 0000268 ____R () C:\Users\User\AppData\Roaming\Comedy Noises
2011-03-10 14:23 - 2011-03-10 14:23 - 0000019 _____ () C:\Users\User\AppData\Roaming\graaruh
2011-02-28 17:59 - 2011-02-28 23:10 - 0000008 ____H () C:\Users\User\AppData\Roaming\mb_list.db
2010-10-31 23:12 - 2010-10-31 23:12 - 0006710 _____ () C:\Users\User\AppData\Roaming\MhoraOptions.xml
2009-07-21 02:40 - 2012-10-22 23:41 - 0027043 _____ () C:\Users\User\AppData\Roaming\UserTile.png
2014-06-09 11:15 - 2014-06-09 11:15 - 0000096 _____ () C:\Users\User\AppData\Roaming\version2.xml
2009-01-07 06:10 - 2009-01-07 06:10 - 0000000 _____ () C:\Users\User\AppData\Local\AtStart.txt
2015-10-20 11:11 - 2015-10-20 11:11 - 0000000 ____H () C:\Users\User\AppData\Local\BIT1.tmp
2015-09-26 21:28 - 2015-09-26 21:28 - 0000000 ____H () C:\Users\User\AppData\Local\BITE688.tmp
2009-01-17 19:46 - 2015-10-24 09:55 - 0006756 _____ () C:\Users\User\AppData\Local\d3d9caps.dat
2009-01-07 06:21 - 2015-10-17 21:41 - 0133120 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-01-07 06:10 - 2009-01-07 06:10 - 0000000 _____ () C:\Users\User\AppData\Local\DSwitch.txt
2009-07-30 02:41 - 2012-09-13 18:49 - 0000000 _____ () C:\Users\User\AppData\Local\FnF4.txt
2009-01-07 06:10 - 2009-01-07 06:10 - 0000000 _____ () C:\Users\User\AppData\Local\QSwitch.txt
2015-10-20 11:10 - 2015-10-20 11:10 - 0000000 _____ () C:\Users\User\AppData\Local\{0A4A5BE8-FB61-4B68-9E43-DA3F49F2F3C2}
2015-09-26 21:26 - 2015-09-26 21:26 - 0000000 _____ () C:\Users\User\AppData\Local\{DAED93CB-7D9C-456D-880C-BC896067688A}
2009-05-27 20:02 - 2009-05-27 20:02 - 0000268 ____R () C:\ProgramData\Components
2014-10-03 14:02 - 2014-10-03 14:02 - 2989660 _____ (Macromedia, Inc.) C:\ProgramData\DVD.exe
2014-10-03 14:02 - 2014-10-03 14:02 - 2231606 _____ (Macromedia, Inc.) C:\ProgramData\Games.exe
2009-12-20 02:54 - 2015-10-30 22:50 - 0000286 _____ () C:\ProgramData\hpqp.ini
2009-12-20 02:58 - 2015-10-24 07:30 - 0000021 _____ () C:\ProgramData\hpqp.txt
2008-07-03 11:34 - 2011-03-07 12:38 - 0013441 _____ () C:\ProgramData\hpzinstall.log
2014-10-03 14:02 - 2014-10-03 14:02 - 2331174 _____ (Macromedia, Inc.) C:\ProgramData\Karaoke.exe
2011-01-03 19:47 - 2011-01-03 20:10 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-10-03 14:02 - 2014-10-03 14:02 - 3063561 _____ (Macromedia, Inc.) C:\ProgramData\MobileTV.exe
2014-10-03 14:02 - 2014-10-03 14:02 - 2864396 _____ (Macromedia, Inc.) C:\ProgramData\MPV.exe
2009-05-27 20:02 - 2011-12-08 15:39 - 0000020 ____N () C:\ProgramData\PKP_DLdu.DAT
Files to move or delete:
====================
C:\ProgramData\DVD.exe
C:\ProgramData\Games.exe
C:\ProgramData\Karaoke.exe
C:\ProgramData\MobileTV.exe
C:\ProgramData\MPV.exe
Some files in TEMP:
====================
C:\Users\User\AppData\Local\Temp\HssInstaller.exe
C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-30 22:55
==================== End of FRST.txt ============================
ADDItion.txt
******************************************************************
Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-10-2015
Ran by User (2015-10-31 02:25:14)
Running from C:\Users\User\Desktop
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) (2009-01-07 19:07:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3273286156-3480778537-3055062599-500 - Administrator - Disabled)
Guest (S-1-5-21-3273286156-3480778537-3055062599-501 - Limited - Enabled) => C:\Users\Guest
User (S-1-5-21-3273286156-3480778537-3055062599-1003 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
5600 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600_Help (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS5 (HKLM\...\{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AIO_CDB_ProductContext (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A75CA58D-DB9C-4D14-9428-E0C7B0F623DC}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Panorama Maker 4 (HKLM\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version: - ArcSoft)
Avro Keyboard 5.5.0 (HKLM\...\Avro Keyboard_is1) (Version: 5.5.0 - OmicronLab)
bestadblocker (HKLM\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - ) <==== ATTENTION
BitTorrent (HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.26 - Broadcom Corporation)
BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
calibre (HKLM\...\{0305E6D9-E11E-445C-B468-CAA3996641BA}) (Version: 1.18.0 - Kovid Goyal)
Camersoft Fake Webcam 3.1.08 (HKLM\...\Camersoft Fake Webcam_is1) (Version: - Camersoft Studio)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
Cisco Network Magic (Version: 5.5.09195.0 - Pure Networks) Hidden
Copy (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1519 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2519 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DigitalPersona Personal 4.11 (HKLM\...\{1A5D65E1-B438-4148-97E3-1BC3627BEC71}) (Version: 4.11.3805 - DigitalPersona, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
EatCam Webcam Recorder 5.0 for Yahoo Messenger (HKLM\...\EatCam Webcam Recorder 5.0 for Yahoo Messenger_is1) (Version: 5.0 - EatCam.com)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Free Video Call Recorder for Skype version 1.2.28.324 (HKLM\...\Free Video Call Recorder for Skype_is1) (Version: 1.2.28.324 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Drive (HKLM\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Goravani Jyotish Studio 3.9 (HKLM\...\{D18CEC90-7219-4047-B2CC-9B8B9472AAA7}_is1) (Version: - Goravani)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}) (Version: 5.7.0.2630 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6204 - HP)
HP MULTIPLE MODEM INSTALLER for VISTA (HKLM\...\{45A136EC-88BF-4B95-99F5-C45D3930E1CC}) (Version: 1.0.0.30 - Hewlett Packard)
HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 D1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 D1 - Hewlett-Packard)
HP QuickPlay 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.6310 - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM\...\{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}) (Version: 1.0.9 - Hewlett-Packard)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.1.3359.2635 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0102 (HKLM\...\{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{A5CE7175-080D-49AC-B5A3-E7E3502428F5}) (Version: 3.00 I2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.0.7 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}) (Version: 2.1.3.0000 - Hewlett Packard Development Company L.P.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{868B9974-4F23-494D-B6BC-4FAB92B2755D}) (Version: 12.1.3.6 - Apple Inc.)
Jagannatha Hora 7.66 (HKLM\...\Jagannatha Hora_is1) (Version: 7.66 - PVR Narasimha Rao)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2719 - CyberLink Corp.)
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - )
LightScribe System Software (HKLM\...\{4A9849CA-E11C-4F24-8BB1-97C717A1C898}) (Version: 1.18.1.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version: - )
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTNL 3G version 1.0 (HKLM\...\{6B1C21DC-F011-4917-A6AB-4C707D5276EB}_is1) (Version: 1.0 - MTNL)
muvee autoProducer 6.1 (HKLM\...\{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.43 - WildTangent)
NaturalReaderFree (HKLM\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
Network Magic (HKLM\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.0 - Nikon)
NirSoft VideoCacheView (HKLM\...\NirSoft VideoCacheView) (Version: - )
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Internet Access (HKLM\...\Nokia PC Internet Access) (Version: 2.0.2.2 - Nokia)
Nokia PC Internet Access (Version: 2.0.2.2 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (Version: 3.8.54.0 - Nokia) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 22.5.4.24 - Symantec Corporation)
Norton Utilities 16 (HKLM\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
OL School Atlas (HKLM\...\{630E9109-D2B8-4614-93BA-77FDF37FAA73}) (Version: 1.00.0000 - Orient Longman)
Opera Stable 32.0.1948.69 (HKLM\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Oracle Data Provider for .NET Help (HKLM\...\{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}) (Version: 11.2.010 - Oracle Corporation)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3919 - CyberLink Corp.)
ProtectSmart Hard Drive Protection (HKLM\...\{AAD72731-807A-4B79-AE05-9190B7002B7B}) (Version: 3.10 A7 - Hewlett-Packard)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
Pure Networks Platform (Version: 11.2.09195.1 - Pure Networks) Hidden
Python 3.4.1 (HKLM\...\{df32bb9e-3ed8-36b5-a649-e8c845c5f3a2}) (Version: 3.4.1150 - Python Software Foundation)
QuickTime 7 (HKLM\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SalePlus (HKLM\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version: - ) <==== ATTENTION
Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Security Task Manager 1.8c (HKLM\...\Security Task Manager) (Version: 1.8c - Neuber Software)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Sentinel Protection Installer 7.0.0 (HKLM\...\{547D4265-AF45-42E9-A62A-C58182AA35B9}) (Version: 7.0.0 - SafeNet, Inc.)
Skype™ 7.13 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Status (Version: 82.0.173.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe (HKLM\...\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}) (Version: 1.6.5.17120 - Synaptics Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Toolbox (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.34 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebEx Support Manager for Internet Explorer (HKLM\...\{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}) (Version: 6.5.4917 - WebEx Communications Inc.)
WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden
WildTangent Games App for HP (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent)
WinDirStat 1.1.2 (HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\WinDirStat) (Version: - )
Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (HKLM\...\7DE39862CC26DCE2446838AAF7CD5C163F835A57) (Version: 09/04/2008 2.6.0.0 - ENE)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WordWeb (HKLM\...\WordWeb) (Version: 7 - WordWeb Software)
XAMPP (HKLM\...\xampp) (Version: 1.8.3-2 - BitNami)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\User\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\User\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> no filepath
==================== Restore Points =========================
27-10-2015 06:33:08 Windows Update
28-10-2015 03:00:53 Windows Update
29-10-2015 07:48:37 Windows Update
30-10-2015 01:41:38 Windows Update
30-10-2015 03:01:02 Windows Update
30-10-2015 03:17:13 Windows Update
30-10-2015 13:33:12 Windows Update
30-10-2015 21:58:43 Windows Update
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {004C4FDA-4E77-4569-98BA-3319E360E3A2} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {01FB1988-EE2F-47E7-A62D-95FB47A133DC} - System32\Tasks\{A48771FC-8214-4001-97F0-9D8EB30FF409} => pcalua.exe -a C:\Users\User\Downloads\Package\Package\setup.exe -d C:\Users\User\Downloads\Package\Package
Task: {0A06C75F-BF98-4CCF-BD4C-305A0FF15B30} - System32\Tasks\Core Temp Autostart User => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {14AB7F55-A002-454D-AB41-D70C6A2215A6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: {176CB84D-20CE-42D1-A876-CF81EA560AD7} - System32\Tasks\{AE002024-D544-4569-BBA5-84F34DD341A5} => pcalua.exe -a "C:\Users\User\Documents\Azureus Downloads\Parashara_s_Light_6.1\Parashara's Light 6.1\SETUP.EXE" -d "C:\Users\User\Documents\Azureus Downloads\Parashara_s_Light_6.1\Parashara's Light 6.1"
Task: {1B347BAA-5746-44AD-845C-2ED13D482D66} - System32\Tasks\{656BEA03-63D6-40B0-84D3-7DDF0447700A} => C:\Program Files\Skype\Phone\Skype.exe [2015-10-14] (Skype Technologies S.A.)
Task: {2616AF83-0D8E-4261-B537-0993D00CED11} - System32\Tasks\{FD5C0253-2C4D-42E3-A0AC-EC70755A10AC} => pcalua.exe -a C:\ProgramData\Installations\{EE60BB9B-E721-454C-9B61-34EE8B36B8A7}\INSTALLER.EXE
Task: {290B2CDA-E91A-436F-AC7E-B91FC315BE4D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {299D416C-9E38-4E5D-B814-7986908B89D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {2E7A36EE-79AD-4D56-A962-F206C6139298} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2FD6238A-8F93-4043-B995-57399A71056C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {351D51B7-0FCA-4E34-88C0-E0C6E8D30647} - \5aa3d933-32c7-4b03-9bcf-13d56020c4b9-2 -> No File <==== ATTENTION
Task: {3EB6C526-C1D5-413D-9E82-2AC118675739} - \Bidaily Synchronize Task -> No File <==== ATTENTION
Task: {449B3246-7601-48F4-8032-2A96B047B393} - System32\Tasks\NUSchedule => C:\Program Files\Symantec\Norton Utilities 16\nu.exe [2015-03-31] (Symantec)
Task: {4DAC4BF3-C831-4972-AFD4-08D983460C45} - System32\Tasks\{F62D94F8-4254-4873-9281-6D19B98B1AEA} => pcalua.exe -a C:\Users\User\Downloads\windirstat1_1_2_setup.exe -d C:\Users\User\Downloads
Task: {5203D9EE-8E0B-4363-9AA8-04AED42518F3} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {556AEF19-A9CF-431C-955B-B4CBE4356909} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5683914D-9A98-4BFC-B612-D1211376647C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5C11A32E-5037-48D6-8235-D5972DF94E0E} - System32\Tasks\{1635C5D7-F67F-4221-9551-BC85C3626EFC} => pcalua.exe -a "C:\Users\User\Desktop\KUNDLI_PACK\KUNDLI PACK\Kundli Parashara Lite 7.0\Setup.exe" -d "C:\Users\User\Desktop\KUNDLI_PACK\KUNDLI PACK\Kundli Parashara Lite 7.0"
Task: {6B55480D-FA3D-407A-B29B-02EEA46217BC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6CE32B5D-F782-438D-8D41-7D8800A6C64D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-26] (Adobe Systems Incorporated)
Task: {6DD0F3D3-17A7-48CA-9CBD-06F93EA755E9} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {77CB15C1-B973-456E-AAD4-4335DAFFF4C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1009 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {784E5B70-70A5-47B5-8AC4-291B189E8A60} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7E7A9EA8-2A42-42CD-B9E0-C52416863446} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-05-26] ()
Task: {863B4D33-F00F-4FE1-8474-4266BF4FF794} - System32\Tasks\{4D7D025E-2B49-45AE-8660-5E1BBAB9B5BF} => pcalua.exe -a F:\INSTALLER.EXE -d F:\
Task: {95AA2056-04CC-48E3-8BCB-0E1019FC1020} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-27] (Facebook Inc.)
Task: {973DA91D-63EF-4B59-B178-7C5DB768ADF2} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3273286156-3480778537-3055062599-1009 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9CF3F4EF-F536-44CE-A181-1DD9FEF7D5F7} - System32\Tasks\{98FB32EF-A8DB-44A0-A54A-F8C79139276F} => pcalua.exe -a C:\Users\User\Desktop\sayan\vlc-1.0.1-win32.exe -d C:\Users\User\Desktop\sayan
Task: {A5E3B5AB-15A9-4119-9851-993A27A65A26} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\SymErr.exe [2015-09-09] (Symantec Corporation)
Task: {BE882345-73FA-4B83-AED6-5932CD99D546} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-27] (Facebook Inc.)
Task: {C23D46F1-9C6C-4ED0-BE47-33B014228E21} - System32\Tasks\Microsoft\Windows\RestartManager\{E3BCBBC5-0942-42e5-9A4F-4F2E5C3AD053} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {CA48EAC0-D403-467C-9FB1-674C5C8FD44B} - System32\Tasks\{C8BE5B44-943E-4721-BC4A-61C69C06D05E} => pcalua.exe -a C:\Users\User\Downloads\Compressed\win32_11gR2_database_1of2\database\setup.exe -d C:\Users\User\Downloads\Compressed\win32_11gR2_database_1of2\database
Task: {D473CF0A-D8D5-4784-8D78-7539277B45A6} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\SymErr.exe [2015-09-09] (Symantec Corporation)
Task: {D838B51B-4DE9-4826-A8ED-78EAC1621EA3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3273286156-3480778537-3055062599-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {DB68DD01-8809-4DC6-B223-E5A6EFF99DC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {EB0AF980-BB0A-4D59-B36D-8ECB98974415} - System32\Tasks\Opera scheduled Autoupdate 1388224918 => C:\Program Files\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {FB86B8BE-EEEA-47D0-AE5E-7DBF84B91926} - System32\Tasks\NUAutoUpdate => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe [2015-03-31] (Symantec)
Task: {FC4E3032-2BE9-42F4-8E36-E8796688B7E5} - System32\Tasks\{E5FFE41C-64E7-46D6-8815-11009A3E7680} => pcalua.exe -a C:\app\User\product\11.2.0\dbhome_1\oui\bin\setup.exe -d C:\app\User\product\11.2.0\dbhome_1\oui
Task: {FDC5EB3D-514E-4951-A4FB-FE683DA0D203} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3273286156-3480778537-3055062599-1003UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\NUAutoUpdate.job => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\Windows\Tasks\NUSchedule.job => C:\Program Files\Symantec\Norton Utilities 16\nu.exe
==================== Loaded Modules (Whitelisted) ==============
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00292216 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2009-12-20 02:53 - 2009-01-12 16:50 - 00259480 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2009-12-20 02:53 - 2009-01-12 16:50 - 00038184 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2008-07-03 12:09 - 2008-03-27 03:56 - 00341328 _____ () C:\Windows\SMINST\BLService.exe
2008-07-03 12:09 - 2006-09-14 02:24 - 00081920 _____ () C:\Windows\SMINST\STString.dll
2008-07-03 12:09 - 2007-11-15 04:16 - 00126976 _____ () C:\Windows\SMINST\STWmiM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2015-05-11 12:19 - 2010-07-30 18:33 - 00049152 _____ () C:\Program Files\Camersoft\Fake Webcam\fakewebcam.ax
2014-04-11 21:09 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 21:09 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2012-06-28 13:24 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2012-06-28 13:22 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files\Yahoo!\Messenger\pcre.dll
2010-02-24 22:19 - 2014-05-01 22:23 - 03178496 _____ () C:\Program Files\Jagannatha Hora\bin\jhora.exe
2010-02-24 22:19 - 2009-04-07 10:17 - 00479232 _____ () C:\Program Files\Jagannatha Hora\bin\swedll32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:792D4CF1
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\...\yieldmanager.com -> yieldmanager.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3273286156-3480778537-3055062599-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\img7.jpg
DNS Servers: 121.242.190.180 - 192.168.12.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: BcmSqlStartupSvc => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: MSSQL$MSSMLBIZ => 3
MSCONFIG\Services: odserv => 3
MSCONFIG\Services: ose => 3
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SQLBrowser => 2
MSCONFIG\Services: SQLWriter => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Avro Keyboard => C:\Program Files\Avro Keyboard\Avro Keyboard.exe
MSCONFIG\startupreg: BitTorrent =>
MSCONFIG\startupreg: Google Update => "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: googletalk =>
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: hpWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes' Anti-Malware =>
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: S301MD => C:\Program Files\MTNL 3G\Delhi\Resource\driver\MctlSuc.exe
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\realplayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: uTorrent => "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{251CC31A-E63E-4BB1-8325-BEC4F9E9CD08}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{AA6A0660-19A9-4D58-8FB5-40DCD54555CE}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [{DA32DE78-C5EF-4067-85C7-B348BD5ABDEC}] => (Allow) C:\Users\User\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{7B338455-CA0B-4505-BFC6-CC10BCB65EE7}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{600F4FF6-46FA-47A4-807B-41BEFEBC043F}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{B6BB6038-59A8-4130-993B-FB4F5E748E85}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A4149651-986A-471F-ABC1-D12B42EA3207}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{3AAABFC9-239A-489F-893D-82BA4E325E6D}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{3FC640ED-B52A-419F-82BD-0DB7461E49A4}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Block) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{3E36E433-F7AD-4CE7-B229-EC6EAB2FD627}] => (Allow) C:\Program Files\Naver\LINE\Line.exe
FirewallRules: [{12BB1B49-C843-40ED-A324-FE6F8D6A9EB9}] => (Allow) C:\Program Files\Naver\LINE\Line.exe
FirewallRules: [TCP Query User{1D594D6A-D5FF-4019-BFEE-C6FFA6B5C534}C:\from my computer\empire earth\empire earth.exe] => (Block) C:\from my computer\empire earth\empire earth.exe
FirewallRules: [UDP Query User{2562B7F1-F6E9-4E80-A992-3F7E12039F3E}C:\from my computer\empire earth\empire earth.exe] => (Block) C:\from my computer\empire earth\empire earth.exe
FirewallRules: [{D5DCC945-A1A1-41F5-BB64-D27B6431C139}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{FE45EDD1-0F6A-4769-8867-9D97981109C7}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{315251F0-2BB4-440B-B3C5-C3ED7F3FB07F}] => (Allow) C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D84870DC-4763-4267-986E-E8950B733743}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9D58FE96-5AA6-44BE-BE71-D3ECFE330A4E}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{93D6B219-57FA-4087-95CE-206A520D2244}] => (Allow) C:\Users\User\AppData\Local\Vivaldi\Application\vivaldi.exe
FirewallRules: [{916CD997-5284-4D3E-B241-786DD194BC46}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{C2823C6F-95FD-43B1-9FC5-05120398B36D}] => (Allow) C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{018D7C56-932D-4B06-A3C3-DC1347CB5D1F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{4FDABAAC-6969-4A3A-A5AC-7560C1384CEF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: isatap.{4AB83CFD-5FDE-4C28-9343-0812F075D9F2}
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter #9
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: HP Integrated Bluetooth module
Description: HP Integrated Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: HP
Service: BTHUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/31/2015 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 400455
Error: (10/31/2015 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 400455
Error: (10/31/2015 01:38:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/31/2015 01:37:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 398255
Error: (10/31/2015 01:37:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 398255
Error: (10/31/2015 01:37:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/31/2015 01:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 396586
Error: (10/31/2015 01:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 396586
Error: (10/31/2015 01:37:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/31/2015 01:37:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 394683
System errors:
=============
Error: (10/31/2015 01:44:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: QuickPlay Task Scheduler (QTS)1
Error: (10/30/2015 10:48:19 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.
Error: (10/30/2015 10:48:19 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.16.253, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
Error: (10/30/2015 10:48:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Cyberlink RichVideo Service(CRVS)%%2
Error: (10/30/2015 10:48:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (10/30/2015 10:47:43 PM) (Source: Print) (EventID: 23) (User: NT AUTHORITY)
Description: Printer Acrobat PDFWriter failed to initialize because a suitable Acrobat PDFWriter driver could not be found. The new printer settings that you specified have not taken effect. Install or reinstall the printer driver. You might need to contact the vendor for an updated driver.
Error: (10/30/2015 10:47:08 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: 2147942402
Error: (10/30/2015 10:46:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 22:45:03 on 30-10-2015 was unexpected.
Error: (10/30/2015 10:18:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x8007064aUpdate for Microsoft Office Outlook 2007 Junk Email Filter (KB3085617){D9F08FDC-BB6D-4574-84BE-1AA6D6F95472}200
Error: (10/30/2015 08:37:03 PM) (Source: VDS Dynamic Provider) (EventID: 10) (User: )
Description: The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505
CodeIntegrity:
===================================
Date: 2015-10-31 02:23:22.055
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:23:20.009
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:23:18.251
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:23:15.872
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:23:12.060
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:23:10.336
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:23:08.528
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:23:06.683
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:21:42.906
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
Date: 2015-10-31 02:21:41.730
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core™2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 72%
Total physical RAM: 3002.45 MB
Available physical RAM: 837.64 MB
Total Virtual: 6227.14 MB
Available Virtual: 3202.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.81 GB) (Free:21.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:9.07 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 4F102E62)
Partition 1: (Active) - (Size=223.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Sign In
Create Account
