Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer is infected


  • Please log in to reply

#1
Mahendra Babu

Mahendra Babu

    New Member

  • Member
  • Pip
  • 1 posts

Hello! My computer has been somehow infected, there are adds popping and its constantly running many strange processes

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2017 01
Ran by mahendrababu (administrator) on PMB-PC (19-02-2017 18:41:55)
Running from C:\Users\mahendrababu\Desktop
Loaded Profiles: mahendrababu (Available Profiles: mahendrababu)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ABBYY Production LLC) C:\Program Files\ABBYY FineReader 12\NetworkLicenseServer.exe
(ABBYY (BIT Software)) C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(New Softwares.net) C:\Windows\System32\WinFLService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7Debug\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Windows\System32\TearWinService.exe
(Secure Download Ltd.) C:\Program Files\SoftPlanet Software Assistant\spassist.exe
(hxxp://yourfiledownloader.com) C:\Program Files\YourFileDownloader Updater\YourFileUpdater.exe
(AimerSoft) C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
( New Softwares.net) C:\Windows\System32\WinFLTray.exe
() C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\coordinator.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avanquest Software) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ====================
ഊ⡉映慮⁥湴特⁩猠楮捬畤敤⁩渠瑨攠晩硬楳琬⁴桥⁲敧楳瑲礠楴敭⁷楬氠扥⁲敳瑯牥搠瑯⁤敦慵汴爠牥浯癥搮⁔桥⁦楬攠睩汬潴⁢攠浯癥搮⤍਍ੈ䭌䵜⸮⹜創渺⁛浯扩汥来湩⁤慥浯湝‽㸠䌺屐牯杲慭⁆楬敳屍潢潧敮楥屄慥浯湐牯捥獳⹥硥  䟤鲀렀쎄ᳩ몀ᰞéꦲᰀ䌺屗楮摯睳屳祳瑥洳㉜畳敲㌲⹤汬      뀀─臡붗耀6胡벤Ã萜耜 ã뾰
ੈ䭌䵜⸮⹜創渺⁛䑩癘䵥摩慓敲癥牝‽㸠䌺屐牯杲慭⁆楬敳屄楶塜䑩癘⁍敤楡⁓敲癥牜䑩癘䵥摩慓敲癥爮數攍ੈ䭌䵜⸮⹜創渺⁛䅐卄慥浯湝‽㸠䌺屐牯杲慭⁆楬敳屃潭浯渠䙩汥獜䅰灬敜䅰灬攠䅰灬楣慴楯渠卵灰潲瑜䅐卄慥浯渮數攠嬵㤷㈰′〱㌭〴ⴲ㉝
䅰灬攠䥮挮⤍ੈ䭌䵜⸮⹜創渺⁛䅩浥牳潦琠䡥汰敲⁃潭灡捴⹥硥崠㴾⁃㩜偲潧牡洠䙩汥獜䍯浭潮⁆楬敳屁業敲獯晴屁業敲獯晴⁈敬灥爠䍯浰慣瑜䅓䡥汰敲⹥硥⁛ㄷ㌴ㄴ㐠㈰ㄳⴰ㔭㌰崠⡁業敲卯晴⤍ੈ䭌䵜⸮⹜創渺⁛䉲潷獥牐汵杉湈敬灥牝‽㸠䌺屐牯杲慭⁆楬敳屁業敲獯晴屖楤敯⁃潮癥牴敲⁕汴業慴敜䉲潷獥牐汵杉湈敬灥爮數攍ੈ䭌䵜⸮⹜創渺⁛卵湊慶慕灤慴敓捨敤崠㴾•䌺屐牯杲慭⁆楬敳届慶慜橲攷屢楮屪畳捨敤⹥硥∍ੈ䭌䵜⸮⹜創渺⁛䅤潢攠剥慤敲⁓灥敤⁌慵湣桥牝‽㸠䌺屐牯杲慭⁆楬敳屁摯扥屒敡摥爠㤮ぜ剥慤敲屒敡摥牟獬⹥硥⁛㐱〵㘠㈰ㄳⴰ㔭〹崠⡁摯扥⁓祳瑥浳⁉湣潲灯牡瑥搩ഊ䡋䱍尮⸮屒畮㨠孙潵牆楬攠䑯睮汯慤敲䥮獴慬汥爠却慲瑥牝‽㸠≃㩜啳敲獜䵁䡅乄縱屁灰䑡瑡屌潣慬屔敭灜楮獴慬氱㔳㐴㜶㌮數攢‭獴慲瑵瀀慤敲⹥硥Ë밁ïꢸ쮤Ѐ裋밄؀îꞴ⇃뀀렡ꗧ骆飃ꣃ뀀   쎰îꚤ⇨鮯藠궸Ӄ뀀  쎰ê꾍봀îꞴ⇃뀀됡逡飧骊駡뾔鰡觧骅跧骅藡뾵飃ꣃ뀀냯뾿␀Ā  瀀뿯뾿뿯뾿鿧骅觧骅밡Ā Ā耡臧钷谡ꏧ骊触ꖑ뻯뾿跧骅뇧骅 藧骆
瑨攠摡瑡⁥湴特⁨慳‵㤠浯牥⁣桡牡捴敲猩⸠㰽㴽㴽⁁呔䕎呉低ഊ䡋䱍尮⸮屒畮㨠孈倠卯晴睡牥⁕灤慴敝‽㸠䌺屐牯杲慭⁆楬敳屈灜䡐⁓潦瑷慲攠啰摡瑥屈偗畓捨搲⹥硥⁛㤶〵㘠㈰ㄳⴰ㔭㌰崠⡈敷汥瑴ⵐ慣歡牤⤍ੈ䭌䵜⸮⹜創渺⁛䉯湵献卓刮䙒ㄲ崠㴾⁃㩜偲潧牡洠䙩汥獜䅂䉙夠䙩湥剥慤敲‱㉜䉯湵献卣牥敮獨潴剥慤敲⹥硥⁛ㄵㄷ〸㠠㈰ㄴⴱ〭〶崠⡁䉂奙⁐牯摵捴楯渠䱌䌮⤍ੈ䭌䵜⸮⹜創渺⁛䅶慳瑕䤮數敝‽㸠䌺屐牯杲慭⁆楬敳屁噁協⁓潦瑷慲敜䅶慳瑜䅶慳瑕䤮數攠嬹㄰㌹㜶′〱㘭〹ⴰ㥝
䅖䅓吠卯晴睡牥⤍ੈ䭌䵜⸮⹜創渺⁛䕭慩氠䵡牫整敲⁍潮楴潲崠㴾⁃㩜偲潧牡洠䙩汥獜䕭慩氠䵡牫整敲⁂畳楮敳猠䕤楴楯湜䵯湩瑯爮數攍ੈ䭌䵜⸮⹜坩湬潧潮㨠孕獥物湩瑝⁃㩜坩湤潷獜獹獴敭㌲屵獥物湩琮數攬⁛㈶㘲㐠㈰㄰ⴱㄭ㈱崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭌䵜⸮⹜坩湬潧潮㨠孓桥汬崠數灬潲敲⹥硥⁛㈶ㄶ㌲〠㈰㄰ⴱㄭ㈱崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴱ㥜⸮⹜創渺⁛卩摥扡牝‽㸠═牯杲慭䙩汥猥屗楮摯睳⁓楤敢慲屓楤敢慲⹥硥 慵瑯創渍ੈ䭕屓ⴱⴵⴱ㥜⸮⹜創湏湣攺⁛浣瑡摭楮崠㴾⁃㩜坩湤潷獜卹獴敭㌲屭捴慤浩渮數攠嬹㌶㤶′〰㤭〷ⴱ㑝
䵩捲潳潦琠䍯牰潲慴楯温ഊ䡋啜匭ㄭ㔭㈰尮⸮屒畮㨠孓楤敢慲崠㴾‥偲潧牡浆楬敳╜坩湤潷猠卩摥扡牜卩摥扡爮數攠⽡畴潒畮ഊ䡋啜匭ㄭ㔭㈰尮⸮屒畮佮捥㨠孭捴慤浩湝‽㸠䌺屗楮摯睳屓祳瑥洳㉜浣瑡摭楮⹥硥⁛㤳㘹㘠㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛卩摥扡牝‽㸠䌺屐牯杲慭⁆楬敳屗楮摯睳⁓楤敢慲屳楤敢慲⹥硥 慵瑯創渍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛卯湹⁐䌠䍯浰慮楯湝‽㸠䌺屐牯杲慭⁆楬敳屓潮祜卯湹⁐䌠䍯浰慮楯湜偃䍯浰慮楯渮數攠嬴㔷〸㠠㈰ㄵⴰ㤭㈳崠⡓潮礩ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屒畮㨠孄物癥牆楮摥牝‽㸠䠺層物癥爠晩湤敲⁦畬汜䑲楶敲䙩湤敲⹥硥⁛㔵ㄱ㌶㠠㈰ㄱⴰ㔭〳崠⠩ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屒畮㨠孂牯睳敲⁉湦牡獴牵捴畲攠䡥汰敲崠㴾⁃㩜啳敲獜浡桥湤牡扡扵屁灰䑡瑡屌潣慬屓浡牴扡牜䅰灬楣慴楯湜卮慰䑯⹥硥⁳瑡牴異ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屒畮㨠孏晦楣敓祮捐牯捥獳崠㴾⁃㩜偲潧牡洠䙩汥獜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䵓体奎䌮䕘䔠嬷ㄸ㈰㠠㈰㄰ⴰ㌭ㄶ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛坩湆䱔牡祝‽㸠䌺屗楮摯睳屳祳瑥洳㉜坩湆䱔牡礮數ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屒畮㨠孆䱂慣歵灝‽㸠䌺屐牯杲慭⁆楬敳屎敷卯晴睡牥❳屆潬摥爠䱯捫屆䱃潭卥牶䍴牬⹥砍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛䝯潧汥⁕灤慴敝‽㸠䌺展獥牳屭慨敮摲慢慢畜䅰灄慴慜䱯捡汜䝯潧汥展灤慴敜ㄮ㌮㌲⸷屇潯杬敕灤慴敃潲攮數攠嬶〱㜵㈠㈰ㄶⴱ㈭ㄷ崠⡇潯杬攠䥮挮⤍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛啰睯牫崠㴾⁃㩜偲潧牡洠䙩汥獜啰睯牫屵灷潲欮數攠嬲㈶㜹ㄲ′〱㘭〸ⴱ㥝
⤍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛䥓啓偍崠㴾⁃㩜偲潧牡浄慴慜䙌䕘湥瑜䍯湮散瑜ㄱ屉单卐䴮數攠⵳捨敤畬敲ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屒畮㨠孔祰楮杓慴敬汩瑥崠㴾•䌺屐牯杲慭⁆楬敳屔祰楮杍慳瑥爱ぜ䭂住協⹅塅∍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛噩摥潄潷湬潡摥牕汴業慴敝‽㸠䌺屐牯杲慭䑡瑡屖楤敯䑯睮汯慤敲啬瑩浡瑥坩湁灰屖楤敯䑯睮汯慤敲啬瑩浡瑥⹥硥 牥灡楲ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屒畮㨠孓歹灥崠㴾⁃㩜偲潧牡洠䙩汥獜卫祰敜偨潮敜卫祰攮數攠嬲㜴㈷㠰㠠㈰ㄷⴰㄭ㈳崠⡓歹灥⁔散桮潬潧楥猠匮䄮⤍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜創渺⁛杯潧汥瑡汫崠㴾⁃㩜啳敲獜浡桥湤牡扡扵屁灰䑡瑡屒潡浩湧屇潯杬敜䝯潧汥⁔慬歜杯潧汥瑡汫⹥硥⁛㌷㌹㘴㠠㈰〷ⴰㄭ〲崠⡇潯杬攩ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屒畮㨠孚潯浉湦漠䍯湴慣琠䍯湴物扵瑯牝‽㸠䌺展獥牳屭慨敮摲慢慢畜䅰灄慴慜䱯捡汜婯潭䥮景䍅啴楬楴祜污畮捨⹢慴⁛㄰㠠㈰ㄶⴱ〭㈷崠⠩ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屍潵湴偯楮瑳㈺⁻㔴ちㅥ㤵ⵥ㡤愭ㄱ攲ⴹ㔹挭捡㜹ㅣ㝥㠴愵素ⴠ䤺屓瑡牴浥⹥硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屍潵湴偯楮瑳㈺⁻㡥㑢㤲敡ⴵ㉡㜭ㄱ攵ⵡ㈷㠭㡡昰㠷㔷ㅦ㥢素ⴠ䤺屓瑡牴浥⹥硥ഊ䡋啜匭ㄭ㔭㈱ⴱ㈳㐸㌴㐷㜭㈹㐶㐷㤵㈵ⴳ㜰㜴㈸㜰㤭㄰〰尮⸮屍潵湴偯楮瑳㈺⁻愲慤㤹愱ⵡ㑥㤭ㄱ收ⴸ㈰㜭㠰挱㙥㍦㐱㈵素ⴠ䤺屌敮潶潟卵楴攮數攍ੈ䭕屓ⴱⴵⴲㄭㄲ㌴㠳㐴㜷ⴲ㤴㘴㜹㔲㔭㌷〷㐲㠷〹ⴱ〰ぜ⸮⹜䵯畮瑐潩湴猲㨠筢㕤ㄸㄷ攭晤捦ⴱㅥ㈭㤵戴ⴸっㄶ攳昴ㄲ㕽‭⁉㩜却慲瑭攮數攍ੈ䭌䵜⸮⹜偲潶楤敲獜䱡湍慮⁐物湴⁓敲癩捥猺⁃㩜坩湤潷獜獹獴敭㌲屷楮㌲獰氮摬氠嬴㤲〳㈠㈰㄰ⴱㄭ㈱崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍ੌ獡㨠孁畴桥湴楣慴楯渠偡捫慧敳崠浳瘱弰ഊ䱳愺⁛乯瑩晩捡瑩潮⁐慣歡来獝⁳捥捬植੓散畲楴祐牯癩摥牳㨠捲敤獳瀮摬氍੓协䑌㨠坥扃桥捫‭⁻䔶䙂㕅㈰ⵄ䔳㔭ㄱ䍆ⴹ䌸㜭〰䅁〰㔱㈷䕄素ⴠ⁎漠䙩汥ഊ卨敬汅硥捵瑥䡯潫猺⁇牯潶攠䝆匠却畢⁅硥捵瑩潮⁈潯欠ⴠ筂㕁㝆ㄹ〭䑄䄶ⴴ㐲〭䈳䉁ⴵ㈴㔳㐹㑅㙃䑽‭⁃㩜偲潧牡洠䙩汥獜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䝒住噅䕘⹄䱌⁛㐲㈲㠶㐠㈰㄰ⴰ㌭㈵崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠嬠⁇潯杬敄物癥䉬慣歬楳瑥摝‭㸠笸ㄵ㌹䙅㘭㌳䌷ⴴ䍅㜭㤰䌷ⴱ䌷䈸䘲䘲䐴㉽‽㸠䌺屐牯杲慭⁆楬敳屇潯杬敜䑲楶敜杯潧汥摲楶敳祮挳㈮摬氠嬲〱㘭ㄱⴳそ
䝯潧汥⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠嬠⁇潯杬敄物癥卹湣敤崠ⴾ⁻㠱㔳㥆䔶ⴳ㍃㜭㑃䔷ⴹぃ㜭ㅃ㝂㡆㉆㉄㐰素㴾⁃㩜偲潧牡洠䙩汥獜䝯潧汥屄物癥屧潯杬敤物癥獹湣㌲⹤汬⁛㈰ㄶⴱㄭ㌰崠⡇潯杬攩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛†䝯潧汥䑲楶敓祮捩湧崠ⴾ⁻㠱㔳㥆䔶ⴳ㍃㜭㑃䔷ⴹぃ㜭ㅃ㝂㡆㉆㉄㐱素㴾⁃㩜偲潧牡洠䙩汥獜䝯潧汥屄物癥屧潯杬敤物癥獹湣㌲⹤汬⁛㈰ㄶⴱㄭ㌰崠⡇潯杬攩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛〰慶慳瑝‭㸠笴㜲〸㍂〭䌵㈲ⴱㅃ䘭㠷㘳ⴰ〶〸䍃〲䘲㑽‽㸠䌺屐牯杲慭⁆楬敳屁噁協⁓潦瑷慲敜䅶慳瑜慳桓桥汬⹤汬⁛㈰ㄶⴰ㤭〹崠⡁噁協⁓潦瑷慲攩ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛䕮桡湣敤却潲慧敓桥汬崠ⴾ⁻䐹ㄴ㑄䍄ⵅ㤹㠭㑅䍁ⵁ䈶䄭䑃䐸㍃䍂䄱㙄素㴾⁃㩜坩湤潷獜獹獴敭㌲居桓瑯牓桥汬⹤汬⁛㈰〹ⴰ㜭ㄴ崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孇牯潶攠䕸灬潲敲⁉捯渠佶敲污礠ㄠ⡇䙓⁕湲敡搠却畢⥝‭㸠笹㥆䐹㜸䌭䐲㠷ⴴ䘵〭㠲㝆ⵂ㉃㘵㡅䑁㡅㝽‽㸠䌺屐牯杲慭⁆楬敳屍楣牯獯晴⁏晦楣敜佦晩捥ㄴ屇剏佖䕅堮䑌䰠嬲〱〭〳ⴲ㕝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛䝲潯癥⁅硰汯牥爠䥣潮⁏癥牬慹′
䝆匠却畢⥝‭㸠筁䈵䌵㘰〭㝅㙅ⴴ䈰㘭㤱㤷ⴹ䕃䕆㜴䐳ㅃ䍽‽㸠䌺屐牯杲慭⁆楬敳屍楣牯獯晴⁏晦楣敜佦晩捥ㄴ屇剏佖䕅堮䑌䰠嬲〱〭〳ⴲ㕝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛䝲潯癥⁅硰汯牥爠䥣潮⁏癥牬慹′⸵
䝆匠啮牥慤⁆潬摥爩崠ⴾ⁻㤲ぅ㙄䈱ⴹ㤰㜭㐳㜰ⵂ㍁〭䉁䙃〳䐸ㄳ㤹素㴾⁃㩜偲潧牡洠䙩汥獜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䝒住噅䕘⹄䱌⁛㈰㄰ⴰ㌭㈵崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孇牯潶攠䕸灬潲敲⁉捯渠佶敲污礠㌠⡇䙓⁆潬摥爩崠ⴾ⁻ㄶ䘳䑄㔶ⴱ䅆㔭㐳㐷ⴸ㐶䐭㝃㄰䌴ㄹ㈶ㄹ素㴾⁃㩜偲潧牡洠䙩汥獜䵩捲潳潦琠佦晩捥屏晦楣攱㑜䝒住噅䕘⹄䱌⁛㈰㄰ⴰ㌭㈵崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍੓桥汬䥣潮佶敲污祉摥湴楦楥牳㨠孇牯潶攠䕸灬潲敲⁉捯渠佶敲污礠㐠⡇䙓⁕湲敡搠䵡牫⥝‭㸠笲㤱㙃㠶䔭㠶䄶ⴴ㍆䔭㠱ㄲⴴ㍁䉅㙂䘸䑃䍽‽㸠䌺屐牯杲慭⁆楬敳屍楣牯獯晴⁏晦楣敜佦晩捥ㄴ屇剏佖䕅堮䑌䰠嬲〱〭〳ⴲ㕝
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛佦晬楮攠䙩汥獝‭㸠笴䔷㜱㌱䐭㌶㈹ⴴ㌱挭㤸ㄸⵃ㔶㜹䑃㠳䔸ㅽ‽㸠䌺屗楮摯睳屓祳瑥洳㉜捳捵椮摬氠嬲〱〭ㄱⴲㅝ
䵩捲潳潦琠䍯牰潲慴楯温ഊ卨敬汉捯湏癥牬慹䥤敮瑩晩敲猺⁛卨慲楮材物癡瑥崠ⴾ⁻〸㈴㑅䔶ⴹ㉆〭㐷昲ⴹ䙃㤭㤲㥂䅁㉅㜲㌵素㴾⁃㩜坩湤潷獜獹獴敭㌲屮瑳桲畩⹤汬⁛㈰㄰ⴱㄭ㈱崠⡍楣牯獯晴⁃潲灯牡瑩潮⤍GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{198B61FE-B2EC-4358-915B-CFBA7D3F119B}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4C2D315C-BE44-4DF5-94BE-C26F09EB4821}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{60BEEF28-65EE-433D-98B2-D2A0FAC2C7BC}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{83F33A28-6DF5-43D5-83CB-AE64CD2D15EE}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{CCBB0A43-C1B1-430B-AE99-BB14AD25F312}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FFAF38B1-1DED-4D58-BCF6-5028BE539CEE}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://non-block.net/wpad.dat?5aac37d518488a85d2422e053360142416802477
 
Internet Explorer:
==================
HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/?type=937811&fr=spigot-yhp-ie
HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.golsearch.com/?babsrc=HP_ss_Btisdt6&mntrId=604CF65F00ABCDEF&affID=121565&tsp=4995
HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://search.orbitdownloader.com
hxxp://rts.dsrlte.com
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=IN&userid=b17175bf-e4d1-b514-05c8-3a7f1e9a81ca&searchtype=ds&q={searchTerms}&installDate=23/10/2013
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=IN&userid=b17175bf-e4d1-b514-05c8-3a7f1e9a81ca&searchtype=ds&q={searchTerms}&installDate=23/10/2013
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> DefaultScope {59B3771A-02C8-4AF8-ACF1-BB3936BBB4D4} URL = hxxps://in.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.max-start.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=604CF65F00ABCDEF&affID=121565&tsp=4995
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> {19083426-917E-4830-A7DD-443321B9D00B} URL = hxxp://rts.dsrlte.com/?q={searchTerms}&r=913
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> {59B3771A-02C8-4AF8-ACF1-BB3936BBB4D4} URL = hxxps://in.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> {A65FA921-934B-42F9-86DC-E7CFDAEF60DB} URL = hxxp://searchou.com/?q={searchTerms}&id=604cf65f000000000000000000000000&affilt=5&r=536
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: No Name -> {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} -> No File
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll => No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-02-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-09] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: No Name -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-02-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=3f19760b-f6f2-46e6-b92c-2f954d55c4fb
 
FireFox:
========
FF DefaultProfile: o8ovp4ti.default
FF ProfilePath: C:\Users\mahendrababu\AppData\Roaming\ParseHub\parsehub\Profiles\o8ovp4ti.default [2017-02-16]
FF Extension: (ParseHub) - C:\Users\mahendrababu\AppData\Roaming\ParseHub\parsehub\Profiles\o8ovp4ti.default\Extensions\[email protected] [2017-02-15] [not signed]
FF ProfilePath: C:\Users\mahendrababu\AppData\Roaming\OutWit\email-sourcer\Profiles\wygubr5j.dev-edition-default [2016-12-17]
FF Extension: (OutWit Kernel) - C:\Users\mahendrababu\AppData\Roaming\OutWit\email-sourcer\Profiles\wygubr5j.dev-edition-default\Extensions\[email protected] [2016-10-27] [not signed]
FF ProfilePath: C:\Users\mahendrababu\AppData\Roaming\Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 [2017-02-19]
FF user.js: detected! => C:\Users\mahendrababu\AppData\Roaming\Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184\user.js [2015-12-13]
FF NewTab: Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHFcUdwldV19GDFMad1oVVQ0VRRgacQEATFxGR1cWeQgBVwxHGRNBNARaB0tXUUEeJl9NER8fHHlWI1JBI0sYRl1X
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 -> Default
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 -> Default
FF Homepage: Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 -> hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghBdw4IBA8XFhhFeQ5bTA1FRVEOeQgAWRQUFlNBdQAJWA9EFw0FIk0FA18DB0VXfV9eFElXTwhvNVpTGHsDSFJLNA==
FF Keyword.URL: Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfVsPVgkUF1MUbV8BVlpcFQFHJBQBUAFJDFAUJlsNWAhIFwAVeB9aFQQTR0cFME0FB18EURNNfXVNAlIIY0dKJ1FM&q={searchTerms}
FF NetworkProxy: Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 -> autoconfig_url", "http://localhost:9000/proxy.pac"
FF NetworkProxy: Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184 -> type", 2
FF Extension: (FlashGot) - C:\Users\mahendrababu\AppData\Roaming\Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-05-29]
FF SearchPlugin: C:\Users\mahendrababu\AppData\Roaming\Mozilla\Firefox\Profiles\xy9gte4i.default-1432285132184\searchplugins\yahoo_ff.xml [2015-05-23]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-09-04] ()
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2014-02-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-02-21] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1234834477-2946479525-3707428709-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\mahendrababu\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1234834477-2946479525-3707428709-1000: @talk.google.com/O1DPlugin -> C:\Users\mahendrababu\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1234834477-2946479525-3707428709-1000: @tools.google.com/Google Update;version=3 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1234834477-2946479525-3707428709-1000: @tools.google.com/Google Update;version=9 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\mahendrababu\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\mahendrababu\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "","hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://zooms.searchalgo.com/search/?category=web&s=zds&q={searchTerms}
CHR DefaultSearchKeyword: Default -> anymail
CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms}
CHR Profile: C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default [2017-02-19]
CHR Extension: (Flash Video Downloader) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-12-03]
CHR Extension: (PriceBlink Coupons and Price Comparison) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh [2017-02-11]
CHR Extension: (Google Drive) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-13]
CHR Extension: (Ultimate YouTube Downloader) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfkpkealncpcbfklpgnggcgjjdkbljop [2017-01-09] [UpdateUrl: hxxps://dl.dropbox.com/s/xymwrufbnl7titl/update.txt] <==== ATTENTION
CHR Extension: (Shoptimate : automatic price comparison) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibdombdcdbbnfdjkaajfgnfhlapibde [2016-11-29]
CHR Extension: (Google Plus, Facebook, Twitter, LinkedIn +++) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bifngabohncagmjipmekaekgfpkknihf [2016-07-06]
CHR Extension: (Anymail finder) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\binngoomidldeahceppnjjknalcgplfn [2017-01-22]
CHR Extension: (Quick Search for LinkedIn™) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbfdmjbhblgflmnjjfhhmnndgneeiomn [2016-03-29]
CHR Extension: (Business Hangouts) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbjchepdbjeemagnjpoihpkjghelnge [2016-05-28]
CHR Extension: (Social Blade) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2017-02-11]
CHR Extension: (Wechat) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckhliaadcjmdjbhdlkpjkffidcifglba [2016-07-19]
CHR Extension: (ASINs filter) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coehkhlapohnenhbgelecjeacaabdkcj [2016-10-09]
CHR Extension: (Search by Image (by Google)) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Connectifier Social Links) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dalkcdejepnndhaijgjbfhnoocpfickn [2016-09-07]
CHR Extension: (PriceJump) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dblfcnaanidhgjbmcfgebdcifkaffcpb [2016-12-01]
CHR Extension: (Vibe™ OH WOW. OH WOW. OH WOW.) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnookjgoaaelhciadikaadnkgmiamei [2016-12-16]
CHR Extension: (MozBar) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2017-02-03]
CHR Extension: (Avast SafePrice) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Delta Toolbar) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2016-02-15] [UpdateUrl: hxxp://upd.info-stream.net/chromecrx/update.php] <==== ATTENTION
CHR Extension: (PanicButton) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2017-02-15]
CHR Extension: (Capture!) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbphneaigmgjgpchbhjbdijabdpddene [2017-02-19]
CHR Extension: (AeroLeads Prospect Finder) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcpepipgmkkjnljechjjimkaondedmbe [2017-01-16]
CHR Extension: (Zoho CRM - Contact Info Extractor) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffedmmjmpbhlgfilhoojggkdlkchhjhn [2017-01-31]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2017-02-19]
CHR Extension: (Google Docs Offline) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-10]
CHR Extension: (Prospect Hive, Prospecting on Social Networks) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjablkoadcjgddjcmogmakjmddgopjcp [2017-02-11]
CHR Extension: (Yesware Email Tracking) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp [2017-02-19]
CHR Extension: (Avast Online Security) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-16]
CHR Extension: (ASINs filter v2) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpganmlgfkdoidmonpaahkempoengjch [2016-10-09]
CHR Extension: (My  Search) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpmlkknmhomikheehibdnedjampadffh [2016-08-04]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2016-10-14]
CHR Extension: (Hunter) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhmanijnjhaffoampdlllchpolkdnj [2017-02-17]
CHR Extension: (Rapportive) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2017-02-16]
CHR Extension: (Evercontact) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfhddckfmifofnpklmmiboiljmengde [2017-02-11]
CHR Extension: (ReachOut) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihhjdfmboahhdnlglnanldcminijgaoc [2017-02-14]
CHR Extension: (Profile Visitors for Facebook) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2017-02-14]
CHR Extension: (Email Extractor) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdianbbpnakhcmfkcckaboohfgnngfcc [2017-02-17]
CHR Extension: (Find anyone's email - Contact Out) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjdemeiffadmmjhkbbpglgnlgeafomjo [2017-02-19]
CHR Extension: (Web Scraper) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnhgnonknehpejjnehehllkliplmbmhn [2016-06-11]
CHR Extension: (Grammarly for Chrome) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2017-02-03]
CHR Extension: (Google Voice (by Google)) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2016-09-05]
CHR Extension: (Search on Linkedin) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldijfbphampndgemooecbdgfdnmhhjl [2016-03-29]
CHR Extension: (LinkedIn Search Tool) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmldmdahdeihfldeeigacpjjiagfdpgn [2016-03-29]
CHR Extension: (Google Hangouts) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-02-11]
CHR Extension: (Skype) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-20]
CHR Extension: (FTL) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpekgkhmldknbcgjicjkomphkhhdkjj [2017-02-11]
CHR Extension: (Name2Email by Reply) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnbdclgaeiapdnhfpbfalfjfcjddfaii [2017-01-07]
CHR Extension: (Google Hangouts) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-01-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Data Scraper) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndknepjnldbdbepjfgmncbggmopgden [2017-02-06]
CHR Extension: (Dynamic Maps for Google+™) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipgklkggfaokcoipmecomffdpebimle [2016-04-13]
CHR Extension: (Telephone Number Detection) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolkfddhhccdciigjigaghblnlkbgjki [2017-01-31]
CHR Extension: (FastestTube) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\phahnhbgfdhgobenebnjbgmacgpbfaag [2017-01-06] [UpdateUrl: hxxp://kwizzu.com/fastesttube/chrome/update.xml] <==== ATTENTION
CHR Extension: (Bazz Search) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinhfkamckbogjgmbmdkdebbbpnmlaef [2016-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR Extension: (Clearbit Connect - Supercharge Gmail™) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmnhcgfcafcnkbengdcanjablaabjplo [2017-02-17]
CHR Extension: (Scraper) - C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\Default\Extensions\poegfpiagjgnenagjphgdklmgcpjaofi [2016-07-06]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\mahendrababu\AppData\Roaming\BabSolution\CR\Delta.crx [2013-09-05]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC)
R2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY (BIT Software))
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
S2 DeskTop_F; C:\ProgramData\desktopfind\desktop173.exe [236728 2016-03-16] (DeskTopService)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3004416 2007-11-07] (Microsoft Corporation)
R3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 TearService; C:\Windows\system32\TearWinService.exe [19968 2015-12-15] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 Update outobox; "C:\Program Files\outobox\updateoutobox.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-09-21] (Intel Corporation)
R2 NEWDRIVER; C:\Windows\system32\WinVDEdrv6.sys [188176 2015-02-21] ()
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [104744 2009-03-25] (MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project)
R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [31352 2016-12-27] ()
R1 {1a147621-8c9a-4d6b-a557-6513a40d3207}w; C:\Windows\System32\drivers\{1a147621-8c9a-4d6b-a557-6513a40d3207}w.sys [52920 2014-04-25] (StdLib)
R1 {87135683-4343-4a1a-a4aa-8b424769f1b8}w; C:\Windows\System32\drivers\{87135683-4343-4a1a-a4aa-8b424769f1b8}w.sys [43144 2014-12-02] (StdLib)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-02-19 18:41 - 2017-02-19 18:42 - 00041304 _____ C:\Users\mahendrababu\Desktop\FRST.txt
2017-02-19 18:41 - 2017-02-19 18:41 - 01764352 _____ (Farbar) C:\Users\mahendrababu\Desktop\FRST.exe
2017-02-19 18:34 - 2017-02-19 18:41 - 00000000 ____D C:\FRST
2017-02-19 18:29 - 2017-02-19 18:30 - 00000000 ____D C:\Users\mahendrababu\Desktop\Income tax counterfoil AY 2017-18
2017-02-19 07:53 - 2017-02-19 07:53 - 00000988 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-02-19 00:19 - 2017-02-19 00:19 - 00000056 _____ C:\Users\mahendrababu\AppData\Roaming\pidloc.txt
2017-02-19 00:19 - 2017-02-19 00:19 - 00000004 _____ C:\Users\mahendrababu\AppData\Roaming\pid.txt
2017-02-19 00:19 - 2016-11-03 18:34 - 00611328 _____ C:\Users\mahendrababu\AppData\Roaming\Windows Update.exe
2017-02-18 20:50 - 2017-02-18 20:50 - 00000000 _____ C:\Users\mahendrababu\Desktop\New Text Document (4).txt
2017-02-18 19:02 - 2017-02-18 19:10 - 00000000 ____D C:\Users\mahendrababu\Desktop\BD
2017-02-18 12:37 - 2017-02-18 19:02 - 00200756 _____ C:\Users\mahendrababu\Desktop\Joy Bangaladesh.xlsx
2017-02-18 00:38 - 2017-02-18 14:15 - 00060928 _____ C:\Users\mahendrababu\Desktop\Chemical Manufacturers in spam- Milestone 2.xls
2017-02-16 19:09 - 2017-02-18 19:10 - 00000372 _____ C:\Users\mahendrababu\Desktop\New Text Document (3).txt
2017-02-15 19:21 - 2017-02-15 19:21 - 00001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParseHub.lnk
2017-02-15 19:21 - 2017-02-15 19:21 - 00001027 _____ C:\Users\Public\Desktop\ParseHub.lnk
2017-02-15 19:21 - 2017-02-15 19:21 - 00000000 ____D C:\Users\mahendrababu\AppData\Roaming\ParseHub
2017-02-15 19:21 - 2017-02-15 19:21 - 00000000 ____D C:\Users\mahendrababu\AppData\Roaming\.parsehub
2017-02-15 19:21 - 2017-02-15 19:21 - 00000000 ____D C:\Users\mahendrababu\AppData\Local\ParseHub
2017-02-15 19:20 - 2017-02-15 19:20 - 00000000 ____D C:\Program Files\ParseHub
2017-02-15 12:20 - 2017-02-18 02:48 - 00128512 _____ C:\Users\mahendrababu\Desktop\Copy of sample scrap.xls
2017-02-15 02:45 - 2017-02-15 03:08 - 00020208 _____ C:\Users\mahendrababu\Downloads\Rider Socials.xlsx
2017-02-14 19:24 - 2017-02-16 14:33 - 00061440 _____ C:\Users\mahendrababu\Desktop\Chemical Manufacturers in spam.xls
2017-02-14 16:35 - 2017-02-14 16:49 - 00170496 _____ C:\Users\mahendrababu\Desktop\Bangladesh.xls
2017-02-14 12:07 - 2017-02-14 12:07 - 00105731 _____ C:\Users\mahendrababu\Desktop\Directory of Petrochemicals Units 2014-15_0.pdf
2017-02-13 11:35 - 2017-02-13 23:50 - 00101888 _____ C:\Users\mahendrababu\Desktop\list of members of SMPIC.xls
2017-02-13 11:34 - 2017-02-13 11:34 - 00111149 _____ C:\Users\mahendrababu\Desktop\Directory of Chemicals Units 2014-15.pdf
2017-02-13 01:37 - 2017-02-14 00:04 - 00097792 _____ C:\Users\mahendrababu\Desktop\1519247204_apteka_ participants_profile1.xls
2017-02-12 19:13 - 2017-02-15 12:37 - 00067072 _____ C:\Users\mahendrababu\Desktop\sample scrap.xls
2017-02-12 11:52 - 2017-02-16 12:47 - 00002323 _____ C:\Users\mahendrababu\Desktop\New Text Document (2).txt
2017-02-11 13:40 - 2017-02-11 13:40 - 00078568 _____ C:\Users\mahendrababu\Desktop\lic JA.pdf
2017-02-11 13:37 - 2017-02-11 13:37 - 00091601 _____ C:\Users\mahendrababu\Desktop\lic- JS1.pdf
2017-02-11 13:19 - 2017-02-11 13:19 - 00091602 _____ C:\Users\mahendrababu\Desktop\lic- JS.pdf
2017-02-10 23:22 - 2017-02-10 23:48 - 00049750 _____ C:\Users\mahendrababu\Desktop\BSE 6 Redo.xlsx
2017-02-08 22:40 - 2017-02-08 22:41 - 00041201 _____ C:\Users\mahendrababu\Desktop\BSE 3 Batch 5.xlsx
2017-02-08 01:52 - 2017-02-08 02:57 - 00195820 _____ C:\Users\mahendrababu\Desktop\Michigan Contact Collection_sanitized.xlsx
2017-02-08 00:14 - 2017-02-08 02:56 - 00173568 _____ C:\Users\mahendrababu\Desktop\New Microsoft Excel 97-2003 Worksheet.xls
2017-02-06 19:11 - 2017-02-06 19:11 - 00015347 _____ C:\Users\mahendrababu\Desktop\cps acc slip.pdf
2017-02-06 18:55 - 2017-02-06 18:55 - 00010844 _____ C:\Users\mahendrababu\Documents\Book1 (Autosaved).xlsx
2017-02-04 22:37 - 2017-02-05 00:27 - 00040970 _____ C:\Users\mahendrababu\Desktop\BSE 3 Batch 4.xlsx
2017-02-04 22:12 - 2017-02-18 19:02 - 00693248 _____ C:\Users\mahendrababu\Desktop\BSE 3.xls
2017-02-03 12:58 - 2017-02-03 12:58 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-02-03 01:31 - 2017-02-16 23:19 - 00037888 _____ C:\Users\mahendrababu\Desktop\Conference Board 2017 - Matt working - 1.30 2.xls
2017-02-02 01:02 - 2017-02-02 01:02 - 00000165 ____H C:\Users\mahendrababu\Desktop\~$BSE 3 Batch 3.xlsx
2017-02-01 23:00 - 2017-02-02 01:00 - 00038337 _____ C:\Users\mahendrababu\Desktop\BSE 3 Batch 3.xlsx
2017-01-31 15:04 - 2017-02-19 18:41 - 00000000 ____D C:\Users\mahendrababu\Desktop\chem email
2017-01-30 23:44 - 2017-01-30 23:44 - 00000031 _____ C:\Users\mahendrababu\Desktop\New Text Document.txt
2017-01-30 11:17 - 2017-02-08 03:00 - 00000000 ____D C:\Users\mahendrababu\Desktop\jan 2017
2017-01-30 10:06 - 2017-01-30 10:06 - 00000165 ____H C:\Users\mahendrababu\Desktop\~$BSE 3 Batch 2.xlsx
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-02-19 18:41 - 2010-11-21 02:31 - 00192840 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-19 18:41 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\inf
2017-02-19 18:14 - 2009-07-14 10:04 - 00020848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-19 18:14 - 2009-07-14 10:04 - 00020848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-19 08:20 - 2013-07-09 19:23 - 00000000 ____D C:\Users\mahendrababu\AppData\Roaming\Skype
2017-02-19 07:58 - 2009-07-14 10:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-19 07:53 - 2013-07-10 03:33 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-02-19 07:45 - 2016-12-28 01:09 - 00000000 ____D C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-19 07:45 - 2016-12-28 01:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-19 07:45 - 2013-07-10 03:28 - 00000000 ____D C:\Program Files\WinRAR
2017-02-19 00:44 - 2015-02-20 23:55 - 00000000 ____D C:\Program Files\TeamViewer
2017-02-18 19:10 - 2017-01-18 17:21 - 00000468 _____ C:\Users\mahendrababu\Desktop\FIRST NAME AND LAST NAME.txt
2017-02-18 18:43 - 2016-10-27 12:08 - 00000000 ____D C:\Users\mahendrababu\Documents\Outlook Files
2017-02-17 11:06 - 2016-12-16 13:10 - 00000000 ____D C:\Users\mahendrababu\Desktop\dsk december 2016
2017-02-14 16:14 - 2015-03-16 11:44 - 00000000 ____D C:\Users\mahendrababu\AppData\Roaming\BrowserExtensions
2017-02-07 22:48 - 2013-07-09 19:28 - 00002333 ____H C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-03 22:18 - 2014-11-08 17:32 - 00000000 ____D C:\Users\mahendrababu\AppData\Local\CrashDumps
2017-02-03 12:58 - 2015-02-21 18:16 - 00000000 ___HD C:\ProgramData\Skype
2017-02-03 12:58 - 2015-02-20 23:24 - 00000000 ___RD C:\Program Files\Skype
2017-01-30 14:15 - 2009-07-14 08:07 - 00000000 ____D C:\Windows\system32\NDF
2017-01-30 13:53 - 2013-07-10 03:44 - 00000000 ____D C:\Users\mahendrababu\AppData\Roaming\vlc
 
==================== Files in the root of some directories =======
 
2016-03-03 22:36 - 2016-03-03 22:15 - 25999736 _____ (Microsoft Corporation) C:\Program Files\LanguageInterfacePack-x64-ca-es.exe
2016-06-11 19:26 - 2016-07-16 16:39 - 0000115 _____ () C:\Users\mahendrababu\AppData\Roaming\LogFile.txt
2016-02-01 19:15 - 2016-02-15 14:17 - 0000024 _____ () C:\Users\mahendrababu\AppData\Roaming\MyPhrases.dta
2017-02-19 00:19 - 2017-02-19 00:19 - 0000004 _____ () C:\Users\mahendrababu\AppData\Roaming\pid.txt
2017-02-19 00:19 - 2017-02-19 00:19 - 0000056 _____ () C:\Users\mahendrababu\AppData\Roaming\pidloc.txt
2016-01-27 06:22 - 2016-01-27 06:22 - 0001835 _____ () C:\Users\mahendrababu\AppData\Roaming\SAS7_000.DAT
2017-02-19 00:19 - 2016-11-03 18:34 - 0611328 _____ () C:\Users\mahendrababu\AppData\Roaming\Windows Update.exe
2016-04-28 22:54 - 2016-05-09 12:39 - 266040255 _____ () C:\Users\mahendrababu\AppData\Local\ACCCx3_6_0_248.zip.aamdownload
2016-04-28 22:54 - 2016-05-09 12:39 - 0003014 _____ () C:\Users\mahendrababu\AppData\Local\ACCCx3_6_0_248.zip.aamdownload.aamd
2015-05-13 13:14 - 2015-05-13 13:32 - 0000600 _____ () C:\Users\mahendrababu\AppData\Local\PUTTY.RND
2016-06-12 20:20 - 2016-06-12 20:21 - 0000048 ____H () C:\Users\mahendrababu\AppData\Local\vwr_lic.dat
2016-11-17 10:34 - 2016-11-17 10:34 - 0000000 _____ () C:\Users\mahendrababu\AppData\Local\{25A2C374-01A5-42E5-9C8E-4033E61F017D}
2014-01-08 18:04 - 2014-07-10 14:09 - 0000040 ___SH () C:\ProgramData\.zreglib
2015-10-14 09:14 - 2015-10-14 09:14 - 0000057 ____H () C:\ProgramData\Ament.ini
 
Some files in TEMP:
====================
2017-01-22 10:23 - 2017-01-22 10:23 - 0005632 _____ () C:\Users\mahendrababu\AppData\Local\Temp\eifwlihp.dll
2016-11-17 10:34 - 2016-11-17 10:34 - 0000000 _____ () C:\Users\mahendrababu\AppData\Local\Temp\GURF14C.exe
2016-12-27 15:46 - 2016-12-27 15:46 - 0007680 _____ () C:\Users\mahendrababu\AppData\Local\Temp\launcher.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-02-12 20:50
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2017 01
Ran by mahendrababu (19-02-2017 18:42:39)
Running from C:\Users\mahendrababu\Desktop
Microsoft Windows 7 Professional  Service Pack 1 (X86) (2013-07-09 17:36:17)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1234834477-2946479525-3707428709-500 - Administrator - Disabled)
Guest (S-1-5-21-1234834477-2946479525-3707428709-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1234834477-2946479525-3707428709-1002 - Limited - Enabled)
mahendrababu (S-1-5-21-1234834477-2946479525-3707428709-1000 - Administrator - Enabled) => C:\Users\mahendrababu
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader 12 Professional (HKLM\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.724.5507 - ABBYY)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
All File Email Extractor v2.4 (HKLM\...\All File Email Extractor v2.4) (Version:  - AlgoLogic)
Apache Tomcat 7.0.22 (HKLM\...\nbi-tomcat-7.0.22.0.0) (Version:  - )
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2007 (HKLM\...\Ashampoo Burning Studio 2007) (Version:  - ashampoo Technology GmbH & Co. KG)
Astrology Powerr (HKLM\...\Astrology Powerr) (Version:  - )
Atomic Email Hunter 10.31.0.174 (HKLM\...\AtomicEmailHunter_is1) (Version: 10.31.0.174 - AtomPark Software Inc.)
Atomic Lead Extractor 8.50.0.53 (HKLM\...\AtomicLeadExtractor_is1) (Version: 8.50.0.53 - AtomPark Software Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
Best Disk Lock 2.62 (HKLM\...\Best Disk Lock_is1) (Version: 2.62 - DoGoodSoft)
Boxxer Email-PhoneExtractor (HKLM\...\{8E0E47A7-4E8D-42B3-B78B-22BE458077BD}) (Version: 2.0 - Exar Software Reserch Pvt.Ltd)
Browser Extensions (HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 2.9.6.1 - Spigot, Inc.) <==== ATTENTION
Bulk Mailer (HKLM\...\Bulk Mailer) (Version: 8.2 - Live Software Inc)
Bulk Mailer (Version: 8.2 - Live Software Inc) Hidden
CRYSTAL ICR 2.5 DEMO (HKLM\...\ST6UNST #1) (Version:  - )
Crystal Reports Basic for Visual Studio 2008 (HKLM\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Dupli Find 6.16 (HKLM\...\Dupli Find_is1) (Version:  - RL Vision)
Email Grabber 2 (HKLM\...\Email Grabber) (Version: 2 - Email Grabber)
Email Phone and Fax Extractor 4.0 (HKLM\...\Email, Phone and Fax Extractor 4.0_is1) (Version: 4.0 - Troyee Software)
Email Sourcer 5.0.1.38 (x86 en-US) (HKLM\...\Email Sourcer 5.0.1.38 (x86 en-US)) (Version: 5.0.1.38 - OutWit)
Fast Desktop Recorder version 1.0.4 (HKLM\...\{B8BE0F41-5552-4D46-BC2F-CC1412AAACD3}_is1) (Version: 1.0.4 - SEASoftware)
ffdshow v1.3.4507 [2013-04-26] (HKLM\...\ffdshow_is1) (Version: 1.3.4507.0 - )
FlipCreator (version 4.9.8.2) (HKLM\...\FlipCreator_is1) (Version:  - Alive Software, Inc.)
Form Opener (HKLM\...\{A6286E88-7E17-40C9-8D8F-3F3C45280F47}) (Version: 1.00.0000 - Income Tax Department)
Foxit Reader (HKLM\...\{D60F533D-0CBF-475F-8300-8B13799775D0}) (Version: 4.3.1.218 - Foxit Corporation)
Free Virtual Keyboard 3.0.1.0 (HKLM\...\{CA4F9519-1A83-4907-8651-F17073A0E1CE}_is1) (Version: 3.0 - Comfort Software Group)
Google Chrome (HKLM\...\{54DF35BD-4A36-35DA-B029-A0C083C88614}) (Version: 10.2.34950 - Google, Inc.)
Google Drive (HKLM\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Talk (remove only) (HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Translate Tool (HKLM\...\{8DD8307F-9F41-42C7-BB92-D0EF972B15B4}) (Version: 2.7.0.0 - iWesoft)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Grammarly (HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\...\Grammarly) (Version: 1.4.21 - Grammarly)
HP Deskjet 2540 series Basic Device Software (HKLM\...\{516046F1-6F81-4967-8E63-32273AE2A929}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
iFree Skype Recorder 6.0.15 (HKLM\...\iFree Skype Recorder) (Version: 6.0.15 - iFree Skype Recorder)
Java 7 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java™ SE Development Kit 6 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Java™ SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Java-Editor 12.11, 2014.02.13 (HKLM\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
Jing (HKLM\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
Karamasoft UISuite 2013.1 for ASP.NET 3.5 (HKLM\...\{ECF6C6F4-A1D4-4F06-8674-2F769B0243FF}) (Version: 10.2 - Karamasoft LLC)
K-Lite Codec Pack 6.7.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.7.0 - )
Kutools for Excel 15.00 (HKLM\...\{A095BA43-4A97-4D55-8E25-A0BC46F10765}_is1) (Version: 15.00 - Addin Technology Inc.)
Kutools for Word version 7.7.106.0 (HKLM\...\{E9A0AD37-5BA2-4E60-85F1-8B785CF2FBF5}_is1) (Version: 7.7.106.0 - ExtendOffice)
Macromedia Flash 5 (HKLM\...\{4C93C363-414E-11D4-9756-00C04F8EEB39}) (Version: 5 - Macromedia)
MailBee.NET Objects (HKLM\...\{525C6E72-A76B-4989-BD6A-3FD96A6CD9FF}) (Version: 10.0 - AfterLogic Corporation)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Device Emulator version 3.0 - ENU (HKLM\...\{B32E7732-B2FB-3FD0-81AC-6025B1104C66}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{4A1DEB7A-341B-453E-A3AF-7EA9902F9711}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 ENU (HKLM\...\{2F141715-E144-48C0-8562-D193B7AB85BC}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}) (Version: 9.00.3042.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5288.17011 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NetBeans IDE 7.1 (HKLM\...\nbi-nb-base-7.1.0.0.0) (Version: 7.1 - NetBeans.org)
Offline Email Extractor 2.5 (HKLM\...\Offline Email Extractor 2.5_is1) (Version: 2.5 - Troyee Software)
Online Data Extractor 4.0 (HKLM\...\Online Data Extractor 4.0_is1) (Version: 4.0 - Troyee Software)
Orbiscope Meta Search (HKLM\...\Orbiscope Meta Search) (Version: 1.5.2 - Orbiscope INC)
ParseHub 43.0 (x86 en-US) (HKLM\...\ParseHub 43.0 (x86 en-US)) (Version: 43.0 - Mozilla)
Pocomo (HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\...\{225B9B22-8A36-49F1-9212-4CD2752EDF43}_is1) (Version: 3.0.0.1864 - Recommended App LTD)
Pricepirates 7 (HKLM\...\{D746E113-378A-45A2-8EB0-DF00BD2454DE}) (Version: 7.1.1.0 - metaspinner net GmbH)
Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{03E72F11-8D79-4C5C-9659-121ADD6A0846}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
RAR Password Cracker (HKLM\...\RAR Password Cracker) (Version: 4.20 - dnSoft Research Group)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
Snap.Do (HKLM\...\{5B9B5637-3B91-4714-9A39-549833594566}) (Version: 11.72.1.17468 - ReSoft Ltd.) <==== ATTENTION
Sony PC Companion 2.10.303 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SQL Power Injector 1.2 (HKLM\...\{3D55339F-D991-4806-9FD4-00B815714AF1}) (Version: 1.2 - SQLPowerInjector)
Super Email Extractor (HKLM\...\Super Email Extractor_is1) (Version:  - )
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TEAR version 3.2.3 (HKLM\...\{F695A930-3F57-407E-9129-D1686A33AED0}_is1) (Version: 3.2.3 - TEAR)
Upwork version 4.1.351.0 (HKLM\...\{F8678797-5A4B-43CF-88D0-EEF67DB3B55E}_is1) (Version: 4.1.351.0 - Upwork, Inc)
VC Runtimes MSI (Version: 9.0.21022 - Microsoft) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Web Ripper (HKLM\...\{9F691A52-90AC-4223-AB9B-615F22214DB3}_is1) (Version: 3 - Sequentum Pty Ltd)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Web Email Extractor Pro (HKLM\...\{894138C9-F0CE-4562-A798-91BB0FCB7046}) (Version: 4.1.9.14 - TechnoCom Solutions)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
ZoomInfo Contact Contributor (HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\...\ZoomInfo Contact Contributor) (Version: 52 - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{0507EEDE-3AE7-49c7-BF37-0EB4A62D8638}\localserver32 -> C:\Users\mahendrababu\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{33b07fd4-5917-43e1-968d-4c79231836bf}\localserver32 -> C:\Users\mahendrababu\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.31.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\MAHEND~1\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe  (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{A8F086C3-2497-4229-82FE-586F2D326F95}\localserver32 -> C:\Users\mahendrababu\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{A98371DE-9D5A-DFE7-0EC7-1A35863C2EF1}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{AAAA17DE-04B6-9398-4B81-33D1D8AD5098}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{d33f3ced-d7d5-44f1-a9fe-6927dabb1934}\localserver32 -> C:\Users\mahendrababu\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1234834477-2946479525-3707428709-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mahendrababu\AppData\Local\Google\Update\1.3.32.7\psuser.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {037302CA-F861-4BCB-891A-6D93CCB80525} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0B01DBB4-90E7-418E-9B9A-FB8304B4F0BA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe 
Task: {0BC199F6-D983-4B42-A53C-235DB28E0F86} - System32\Tasks\SafeZone scheduled Autoupdate 1473389607 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {1C4718BC-D1C8-4D9E-9340-D6A778B4E550} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader Updater\YourFileUpdater.exe [2014-05-26] (hxxp://yourfiledownloader.com) <==== ATTENTION
Task: {1D210465-135C-4632-B7A2-F81E54548080} - System32\Tasks\{143DDFA0-74DF-4ACD-8805-C9FE8D8F67C1} => pcalua.exe -a "D:\software\pdf2word\original\PDF2WORD\PDF2WORD\PDF2Word v3.0.exe" -d D:\software\pdf2word\original\PDF2WORD\PDF2WORD
Task: {249C47F7-F412-436A-B992-A19367CABEE2} - System32\Tasks\{64E29FCE-AECD-4B61-9E0C-CB8EA73BA4B4} => pcalua.exe -a "H:\kep3\Music Production Software BTVSolo\music_production_software_btvsolo.exe" -d "H:\kep3\Music Production Software BTVSolo"
Task: {41B8D712-06B0-49A2-976D-2E018023D734} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {451C4220-E523-4787-96F4-A12519E02943} - System32\Tasks\{7861A702-D283-46FC-A3E7-146AE9B8EF00} => pcalua.exe -a C:\Users\mahendrababu\Downloads\resume\WebExtractor360\WebExtractor360.exe -d C:\Users\mahendrababu\Downloads\resume\WebExtractor360
Task: {5E1C97D3-C560-4813-95DA-41B9B8CD49FD} - System32\Tasks\EPUpdater => C:\Users\mahendrababu\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION
Task: {657C918B-EAE5-470D-BBEE-E31A12DA48B7} - System32\Tasks\{12878D4B-2DB9-405F-852D-EE550CFC24A9} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.85.105/en/abandoninstall?page=tsProgressBar
Task: {6A2E129E-F2DF-40C5-B6EF-6A947265F335} - System32\Tasks\{0C818516-A345-470C-8028-F2B1D2C4874D} => pcalua.exe -a C:\Users\MAHEND~1\AppData\Local\Temp\dlmE34.tmp\streampoint110enu.exe -d G:\wwwww <==== ATTENTION
Task: {6FE51FCD-E015-4553-A14E-3BF306806F99} - System32\Tasks\{EEB161F2-75C2-4F60-87DD-0AF9B71F1652} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.81.104&amp;LastError=12002
Task: {715C5DD6-E52A-4A23-BC65-EF6A5CA53EE7} - System32\Tasks\{62A391FF-75B3-44CF-B054-6EBA96318A97} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.81.104&amp;LastError=12007
Task: {818D75B4-C6AA-4875-A679-BFBF29B0BC1D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {83A715FC-0AC7-40AB-BF05-5C2FD407C671} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {85D0BDDB-31FA-40C5-A742-09A8D4692A32} - System32\Tasks\{5E3D672D-6ED1-4899-991C-2A9C59A16EB8} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.81.104&amp;LastError=12007
Task: {9397E842-D19F-4A39-ABB0-C075D71F94DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {9A1A8309-9A37-408C-9ABA-B55449A8CDDB} - System32\Tasks\{0410FE96-FA03-4AFD-BC07-01D8B0C1E80F} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.22.81.104&amp;LastError=12002
Task: {AA0693D8-A3FE-4E01-B732-47023C14D6C9} - System32\Tasks\{837A999B-E607-4E3C-ADB8-F2BBCDE4758B} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.85.105/en/abandoninstall?page=tsProgressBar
Task: {AAD2E344-A229-4767-93C1-3752748C6DDD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234834477-2946479525-3707428709-1000UA => C:\Users\mahendrababu\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-23] (Google Inc.)
Task: {B42977E7-8AEF-4378-8526-40985368B115} - System32\Tasks\{D29DBFD7-0F60-43D5-BDAE-963C17807357} => Firefox.exe hxxp://ui.skype.com/ui/0/7.1.0.105/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {B433548A-4D54-41BD-BA3C-45748D9EF5AE} - System32\Tasks\{00CF0099-D286-4EC4-8E2A-6483FCC36900} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.85.105/en/abandoninstall?page=tsProgressBar
Task: {B57F4006-D6D6-4130-9D2A-84E751AFD943} - System32\Tasks\{2E0868EB-8FDE-4647-AEBA-DB47639BD0B8} => pcalua.exe -a H:\vijay\emcf(1)\setup.exe -d H:\vijay\emcf(1)
Task: {B70AB8A8-74D6-4F1F-A8C4-850580182EB3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C07BCD51-FDC0-480E-AD82-561BAB9DDF57} - System32\Tasks\{52B4769F-9665-4D47-A6BE-16AC37114F8C} => pcalua.exe -a "C:\Program Files\NewSoftware's\Folder Lock\uninstall.exe" -c -u
Task: {C763182E-88F1-4618-921F-7AC1E592C9D0} - System32\Tasks\SoftPlanet Software Assistant => C:\Program Files\SoftPlanet Software Assistant\spassist.exe [2013-12-09] (Secure Download Ltd.) <==== ATTENTION
Task: {E74DCF3F-64F9-499E-9D3B-D065F6AB8D6F} - System32\Tasks\{B02D29D4-D4B0-44D3-9DEF-444F5F976050} => pcalua.exe -a C:\Users\mahendrababu\Downloads\Test_Setup.exe -d C:\Users\mahendrababu\Downloads
Task: {EA3538B9-AC09-411F-B496-293B94758343} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1234834477-2946479525-3707428709-1000Core => C:\Users\mahendrababu\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-23] (Google Inc.)
Task: {FAEF8D2C-8895-41E5-9753-89A0D713E21C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Translate Tool\Google Translate Tool Website.lnk -> hxxp://www.iwesoft.com/productinfo.php?id=3
 
ShortcutWithArgument: C:\Users\mahendrababu\Desktop\dsk december 2016\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\FLV Player.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Plus, Facebook, Twitter, LinkedIn +++.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Transcribe foot pedal extension.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Wechat.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\Users\mahendrababu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1a5e58f3db3ffb56\Find anyone's email - ContactOut.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jjdemeiffadmmjhkbbpglgnlgeafomjo
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://tech-connect.biz/?ssid=1474305482&a=1053341&src=sh&uuid=17042e3b-78a5-4530-91bf-76e06f984803,1474305354735"
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-09-09 07:57 - 2016-09-09 07:57 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-18 18:20 - 2017-02-18 18:20 - 05979224 _____ () C:\Program Files\AVAST Software\Avast\defs\17021801\algo.dll
2016-09-09 07:57 - 2016-09-09 07:57 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-19 18:15 - 2017-02-19 18:15 - 05979224 _____ () C:\Program Files\AVAST Software\Avast\defs\17021900\algo.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-02-13 01:33 - 2011-07-24 15:10 - 00406016 _____ () C:\Program Files\FlipCreator\ContextMenuHandle.dll
2016-09-20 19:06 - 2015-12-15 13:08 - 00019968 _____ () C:\Windows\system32\TearWinService.exe
2016-09-09 07:57 - 2016-09-09 07:57 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-10-27 11:38 - 2016-10-27 20:36 - 01543200 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\coordinator.exe
2016-10-27 11:38 - 2016-10-27 20:36 - 00106496 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\win32api.pyd
2016-10-27 11:38 - 2016-10-27 20:36 - 00122880 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\pywintypes25.dll
2016-10-27 11:38 - 2016-10-27 20:36 - 00380928 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\pythoncom25.dll
2016-10-27 11:38 - 2016-10-27 20:36 - 00053248 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\_socket.pyd
2016-10-27 11:38 - 2016-10-27 20:36 - 00655360 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\_ssl.pyd
2016-10-27 11:38 - 2016-10-27 20:36 - 00323584 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\_hashlib.pyd
2016-10-27 11:38 - 2016-10-27 20:36 - 00086016 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\_ctypes.pyd
2016-10-27 11:38 - 2016-10-27 20:36 - 00176128 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\win32gui.pyd
2016-10-27 11:38 - 2016-10-27 20:36 - 00045568 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\win32evtlog.pyd
2016-10-27 11:38 - 2016-10-27 20:36 - 00479232 _____ () C:\Users\mahendrababu\AppData\Local\ZoomInfoCEUtility\2173\unicodedata.pyd
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2016-09-07 08:41 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 08:41 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\mahendrababu\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2013-08-16 18:11 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [272]
AlternateDataStreams: C:\ProgramData\TEMP:5B811727 [141]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 07:34 - 2016-10-01 23:57 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1234834477-2946479525-3707428709-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\mahendrababu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A4C4AA9F-7D9D-4EDB-AAC3-3DB7E454E876}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{E9DC1F81-78D3-48AD-BA67-70834A97CBD9}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{EC688233-C7C0-4AFD-BD2C-D4DABFB201E9}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{F2DC5FEA-3196-44E1-83E0-455F1B2FD1FA}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{B95DE214-8D44-46CD-B6B1-85DE14514F72}C:\program files\bywifi\bywifi.exe] => (Allow) C:\program files\bywifi\bywifi.exe
FirewallRules: [UDP Query User{014ABE19-ADDF-49A2-B81C-9EA7CC11BC72}C:\program files\bywifi\bywifi.exe] => (Allow) C:\program files\bywifi\bywifi.exe
FirewallRules: [TCP Query User{8909CEEF-9E0C-4395-BB3C-596F33ECD44C}C:\program files\orbitdownloader\orbitnet.exe] => (Allow) C:\program files\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{11992589-53FF-4234-ABBB-54F5DB003C94}C:\program files\orbitdownloader\orbitnet.exe] => (Allow) C:\program files\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{D61A9DD7-B94F-417C-8249-37D51F4FE5B0}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
FirewallRules: [UDP Query User{81C267BF-CE7C-4F00-90EB-2707069017AB}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe
FirewallRules: [{C68D2AE8-837B-4B90-8EFF-AF7F22E9B306}] => (Allow) LPort=8372
FirewallRules: [{325AA876-8B7E-4EC3-B349-28418FA80CA2}] => (Allow) LPort=8372
FirewallRules: [TCP Query User{B7188F74-5216-46C7-9574-1293677A9AE7}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
FirewallRules: [UDP Query User{DF3503C2-D1E7-4124-A422-BCB8BEA5696E}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
FirewallRules: [{F6A359AA-DB81-436C-A789-42717C8CE4DF}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{22F670FA-E516-48DA-88DB-321CE48C074E}C:\program files\netbeans 7.1\bin\netbeans.exe] => (Block) C:\program files\netbeans 7.1\bin\netbeans.exe
FirewallRules: [UDP Query User{E2FBA8BD-D898-4AFB-8B7D-8C3D3FD4E9CB}C:\program files\netbeans 7.1\bin\netbeans.exe] => (Block) C:\program files\netbeans 7.1\bin\netbeans.exe
FirewallRules: [TCP Query User{EFB82DA6-D088-4D0F-B196-7C95EBDC30F1}C:\program files\java\jdk1.6.0\bin\java.exe] => (Allow) C:\program files\java\jdk1.6.0\bin\java.exe
FirewallRules: [UDP Query User{6F4D399E-0767-4CF5-A960-9FFF55DAFDE2}C:\program files\java\jdk1.6.0\bin\java.exe] => (Allow) C:\program files\java\jdk1.6.0\bin\java.exe
FirewallRules: [TCP Query User{F5AC7B0D-2587-4E64-A29C-6B07696ADDB9}C:\program files\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files\flashget network\flashget 3\flashget3.exe
FirewallRules: [UDP Query User{F6862C2E-CC45-42F9-AEFD-9D24740D4089}C:\program files\flashget network\flashget 3\flashget3.exe] => (Allow) C:\program files\flashget network\flashget 3\flashget3.exe
FirewallRules: [{8389517A-D4DE-4578-86C4-BEE052F75332}] => (Allow) C:\Program Files\YourFileDownloader\Downloader.exe
FirewallRules: [{3DB54134-8B1B-453E-8548-61CDD074025F}] => (Allow) C:\Program Files\YourFileDownloader\Downloader.exe
FirewallRules: [{FA23EED8-E84C-4F42-9781-58851DB26430}] => (Allow) C:\Program Files\YourFileDownloader\YourFile.exe
FirewallRules: [{FF612302-43B9-493D-A8E6-180EE493A2EA}] => (Allow) C:\Program Files\YourFileDownloader\YourFile.exe
FirewallRules: [{5C9B1006-2384-45A1-A663-C0963B1E6E58}] => (Allow) C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{276F14D0-2084-4AD1-AEC4-E230A5577530}] => (Allow) C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{A120D787-F44D-4A65-B3A4-2E3DA8E204FE}] => (Allow) C:\Program Files\outobox\bin\outobox.BRT.Helper.exe
FirewallRules: [{3DE6C1C4-4E0F-4C55-96DD-E3B94F02BD00}] => (Allow) C:\Program Files\outobox\bin\outobox.BRT.Helper.exe
FirewallRules: [{1BB17467-2854-4328-9D71-68A7203E07B7}] => (Allow) C:\Program Files\outobox\bin\outobox.BRT.Helper.exe
FirewallRules: [{93F55F9F-3D3E-4F87-A907-235E12D1A619}] => (Allow) C:\Program Files\outobox\bin\outobox.BRT.Helper.exe
FirewallRules: [{25EF864E-D763-439F-8852-F29B03975757}] => (Allow) LPort=8951
FirewallRules: [{F132087A-1EE2-4688-B1C8-D79DB7B113A5}] => (Allow) LPort=8951
FirewallRules: [{3020FA4A-27FF-424A-A763-560E63DBFAB8}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B0B191E2-FC6D-400F-8E70-F60680D82C6D}] => (Allow) C:\Program Files\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe
FirewallRules: [{12F89821-72D3-43EB-8668-B10CDB86F0DA}] => (Allow) C:\Program Files\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe
FirewallRules: [{89DE76B5-B635-45D6-959A-E0289A6F0C7E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{490BD713-BB65-40E6-8FA8-3AC6DC34A512}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{69DA8579-4882-4E6E-8339-0504E10B92F9}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe
FirewallRules: [{A9CD1A70-C2F4-42D3-A19A-2D91AAEC1BD3}] => (Allow) LPort=5357
FirewallRules: [{C012EAEE-7B20-403A-A53F-27778FB6E8B7}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{739ABAB7-E161-463D-AD90-60404A25E9BA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{56259BC6-2B2A-4BB0-A22B-8669768D9843}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{8319323B-5300-464A-BC73-66D546B43D83}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8789F7DE-C179-4916-80A4-9F66C356FC0E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A19239E7-5AF2-4F3B-AC26-65A3082D8A90}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{98A6A270-8A02-4010-96DF-CAEA1FDBDF5D}] => (Allow) C:\Program Files\SimpleFiles\SimpleFiles.exe
FirewallRules: [{BAE9ACEC-79FF-4537-8969-81AAD4BC5658}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{FE36272D-BB9F-4013-9FB1-729894478C14}] => (Allow) C:\Program Files\SimpleFiles\downloader.exe
FirewallRules: [{50ED3DFC-EB49-4A53-BC6C-D76D2BED10ED}] => (Allow) LPort=51001
FirewallRules: [TCP Query User{5C1594AC-8085-46F7-885F-986F45E74551}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [UDP Query User{A83E05AC-6533-4151-983E-0257DE9D1DB2}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe] => (Allow) C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe
FirewallRules: [{EEF82601-4376-4E43-81B7-5B334BE7EE7A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A0E9B28A-66D8-45D6-A986-9FBC283CE221}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{B9F02CDE-D9D6-4732-B4C4-1B572DFB70FF}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{6A6CE09B-EA83-415E-B0AF-722142E84A03}] => (Allow) C:\Users\mahendrababu\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2ED77D16-84BF-45B4-965D-5F551F3B6AD2}] => (Allow) C:\Users\mahendrababu\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C258C521-88EF-49B9-B9F1-7485192EA9CD}] => (Allow) C:\Users\mahendrababu\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49BA9F07-BC6D-4522-B426-06EA69555EF4}] => (Allow) C:\Users\mahendrababu\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2445C16D-642E-4CF7-B74C-69E9F7255DFE}] => (Allow) C:\Users\mahendrababu\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FC5A0112-D628-4677-B95D-A7FE5287C4AE}] => (Allow) C:\Users\mahendrababu\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B546D3DF-EE9F-49FD-B6FE-64D37326DDDB}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{5D9C8853-7E04-4E7B-9C75-BECC19566446}] => (Allow) C:\Program Files\SrpnFiles\SrpnFiles.exe
FirewallRules: [{7D1B665B-BFED-42D3-B2DF-541416F67839}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{3613ECC6-06E1-4561-AC08-C4DF8FA403CD}] => (Allow) C:\Program Files\SrpnFiles\downloader.exe
FirewallRules: [{B3A78CCA-D7DD-4169-9BFE-9A796A8A9DB2}] => (Allow) C:\Program Files\OutWit\Email Sourcer\email-sourcer.exe
FirewallRules: [{E986BDB1-AB76-4608-B338-075BCDD83FC1}] => (Allow) C:\Program Files\OutWit\Email Sourcer\email-sourcer.exe
FirewallRules: [{4F3303CF-33FB-49D9-9C1D-DC986B8E094E}] => (Allow) C:\Program Files\AtomPark\Atomic Lead Extractor\AtomicLeadExtractor.exe
FirewallRules: [{73C28AE9-1121-4D42-A726-D7CE6B999169}] => (Allow) C:\Program Files\AtomPark\Atomic Lead Extractor\AtomicLeadExtractor.exe
FirewallRules: [{D8562722-AA5F-4932-B795-B0FBD8368982}] => (Allow) C:\Program Files\fec\Super Email Extractor\XDirectory.exe
FirewallRules: [{FC881487-505C-4FCD-AA5A-A7E65B185B09}] => (Allow) C:\Program Files\fec\Super Email Extractor\XDirectory.exe
FirewallRules: [{855197BA-718E-4414-B757-9F3D6C49479C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{CE1F310F-61F3-4902-8276-D6B38429FC3E}] => (Allow) C:\Program Files\ParseHub\parsehub.exe
FirewallRules: [{F69FE60D-DC4E-43DB-84B6-0DDAA6DB5188}] => (Allow) C:\Program Files\ParseHub\parsehub.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3
 
==================== Restore Points =========================
 
17-02-2017 11:52:31 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
Name: Broadcom 802.11n Network Adapter
Description: Broadcom 802.11n Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Standard VGA Graphics Adapter
Description: Standard VGA Graphics Adapter
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/19/2017 08:00:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: desktop173.exe, version: 1.0.0.10, time stamp: 0x56e96567
Faulting module name: desktop173.exe, version: 1.0.0.10, time stamp: 0x56e96567
Exception code: 0x40000015
Fault offset: 0x00013cf7
Faulting process id: 0x7c4
Faulting application start time: 0x01d28a57e4d7b191
Faulting application path: C:\ProgramData\desktopfind\desktop173.exe
Faulting module path: C:\ProgramData\desktopfind\desktop173.exe
Report Id: 6bc6d680-f64b-11e6-934b-80c16e3f4125
 
Error: (02/19/2017 07:59:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (02/19/2017 07:59:18 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FCB::RemoveAlternateStreams: Operating system error (null) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\tempdb.mdf'. Diagnose and correct the operating system error, and retry the operation.
 
Error: (02/19/2017 07:59:18 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FCB::RemoveAlternateStreams: Operating system error (null) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\tempdb.mdf'. Diagnose and correct the operating system error, and retry the operation.
 
Error: (02/19/2017 07:59:15 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FCB::RemoveAlternateStreams: Operating system error (null) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\MSDBData.mdf'. Diagnose and correct the operating system error, and retry the operation.
 
Error: (02/19/2017 07:59:15 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FCB::RemoveAlternateStreams: Operating system error (null) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\model.mdf'. Diagnose and correct the operating system error, and retry the operation.
 
Error: (02/19/2017 07:59:08 AM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FCB::RemoveAlternateStreams: Operating system error (null) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf'. Diagnose and correct the operating system error, and retry the operation.
 
Error: (02/19/2017 07:58:48 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (02/19/2017 01:45:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: desktop173.exe, version: 1.0.0.10, time stamp: 0x56e96567
Faulting module name: desktop173.exe, version: 1.0.0.10, time stamp: 0x56e96567
Exception code: 0x40000015
Fault offset: 0x00013cf7
Faulting process id: 0x794
Faulting application start time: 0x01d28a1b1386a385
Faulting application path: C:\ProgramData\desktopfind\desktop173.exe
Faulting module path: C:\ProgramData\desktopfind\desktop173.exe
Report Id: 0e577a86-f617-11e6-93dc-80c16e3f4125
 
Error: (02/19/2017 12:43:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (02/19/2017 08:00:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DeskTop DispalyName service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/19/2017 07:59:15 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Tear Service service has reported an invalid current state 0.
 
Error: (02/19/2017 07:59:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update outobox service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (02/19/2017 07:59:15 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Tear Service service has reported an invalid current state 0.
 
Error: (02/19/2017 01:45:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DeskTop DispalyName service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/19/2017 12:43:51 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Tear Service service has reported an invalid current state 0.
 
Error: (02/19/2017 12:43:51 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Tear Service service has reported an invalid current state 0.
 
Error: (02/19/2017 12:43:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update outobox service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (02/17/2017 03:36:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DeskTop DispalyName service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/17/2017 03:34:27 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Tear Service service has reported an invalid current state 0.
 
 
CodeIntegrity:
===================================
  Date: 2016-09-08 17:36:20.429
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-08 17:36:20.211
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-08 07:45:21.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-08 07:45:21.304
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-07 08:17:21.772
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-07 08:17:21.460
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-05 07:54:15.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-05 07:54:15.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-03 20:59:30.398
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-03 20:59:30.164
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 72%
Total physical RAM: 2509.86 MB
Available physical RAM: 696.29 MB
Total Virtual: 5018.01 MB
Available Virtual: 2580.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:97.66 GB) (Free:49.25 GB) NTFS
Drive d: () (Fixed) (Total:97.66 GB) (Free:67.28 GB) NTFS
Drive e: () (Fixed) (Total:97.66 GB) (Free:42.01 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:97.66 GB) (Free:63.14 GB) NTFS
Drive h: (New Volume) (Fixed) (Total:74.25 GB) (Free:2.58 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9961B57F)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=900 MB) - (Type=42)
Partition 3: (Not Active) - (Size=97.7 GB) - (Type=42)
Partition 4: (Not Active) - (Size=367.2 GB) - (Type=42)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Please uninstall these programs
Delta Chrome Toolbar
Java 7 Update 17
Snap.Do


Next


Download the enclosed => file. Fixlist.txt at bottom of this post. Save it in the location FRST64 is. Run FRST and click on the Fix button. Wait until finished.

The tool will make a log in the location FRST is, (Fixlog.txt). Please post it to your reply.

*******************************************************************************************
Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP